³¬26.9Íò¸öÍøÕ¾Ò»¸öÔÂÄÚϰȾJavaScript¶ñÒâ´úÂë

°ä²¼¹¦·ò 2025-06-16

1. ³¬26.9Íò¸öÍøÕ¾Ò»¸öÔÂÄÚϰȾJavaScript¶ñÒâ´úÂë


6ÔÂ13ÈÕ £¬ÍøÂ簲ȫ×êÑÐÈËÔ±½üÆÚÅû¶ÁËÒ»Ïî´ó¹æÄ£¹¥»÷»î¶¯ £¬¹¥»÷ÕßÔںϷ¨ÍøÕ¾ÉÏ×¢ÈëʹÓà JSFuck ¼¼Êõ»ìºÏµÄ¶ñÒâ JavaScript ´úÂë¡£ÓÉÓÚÉæ¼°²»ÃÀ¹ÛÓÃÓï £¬¸Ã¼¼Êõ±»ÍøÂ簲ȫ¹«Ë¾¶¨ÃûΪ¡°JSFireTruck¡±¡£×¢Èë´úÂë»á²é³­ÍøÕ¾ÍƼöÆðÔ´ £¬ÈôÍÆ¼öÆðԴΪGoogle¡¢BingµÈËÑË÷ÒýÇæ £¬Êܺ¦Õß½«±»³Á¶¨Ïòµ½´«²¼¶ñÒâÈí¼þ¡¢·ì϶ÀûÓ÷¨Ê½¡¢½øÐÐÁ÷Á¿±äÏֺʹ«²¼¶ñÒâ¸æ°×µÄ¶ñÒâÍøÖ·¡£ÔÚ2025Äê3ÔÂ26ÈÕÖÁ4ÔÂ25ÈÕÆÚ¼ä £¬ÓÐ269,552¸öÍøÒ³±»·¢ÏÖϰȾÁËʹÓøü¼ÊõµÄJavaScript´úÂë £¬4ÔÂ12ÈÕ³õ´Î³öÏÖ·åÖµ £¬µ¥ÈÕ·¢ÏÖ³¬5Íò¸öÊÜÏ°È¾ÍøÒ³¡£Óë´Ëͬʱ £¬Gen Digital½Ò¿ªÁËÃûΪHelloTDSµÄ¸´ÔÓÁ÷Á¿·Ö·¢·þÎñµÄÃæÉ´ £¬¸Ã·þÎñͨ¹ý×¢ÈëÍøÕ¾µÄÔ¶³ÌÍйÜJavaScript´úÂë £¬ÓÐǰÌáµØ½«½Ó¼ûÕß³Á¶¨Ïòµ½ÐéαÑéÖ¤ÂëÒ³Ãæ¡¢¼¼ÊõÖ§³¶à¿Æ­Ò³ÃæµÈ¡£ÆäÖØÒªÖ¸±êÊǶÔÊܺ¦ÕßÉ豸²É¼¯Ö¸ÎÆÌصãºó £¬È·¶¨Í¶·ÅÄÚÈÝÐÔÖÊ £¬ÈôÓû§·ÇÏàÒËÖ¸±ê £¬»á±»³Á¶¨Ïòµ½Á¼ÐÔÍøÒ³¡£¹¥»÷»î¶¯Èë¿ÚµãÊÇÊÜϰȾ»ò±»½ÚÔìµÄÁ÷ýÌåÍøÕ¾¡¢Îļþ¹²Ïí·þÎñ¼°¶ñÒâ¸æ°×»î¶¯¡£Êܺ¦Õßɸѡ»ùÓÚµØÀíµØÎ»¡¢IPµØÖ·ºÍä¯ÀÀÆ÷Ö¸ÎÆÌØµã £¬Í¨¹ýVPN»òÎÞÍ·ä¯ÀÀÆ÷µÄÏνӻᱻ¼ì²â²¢»Ø¾ø¡£²¿ÃŹ¥»÷Á´»áÌṩÀûÓÃClickFixÕ½ÊõºýŪÓû§ÔËÐжñÒâ´úÂëµÄÐéαÑéÖ¤ÂëÒ³Ãæ £¬Ê¹»úеϰȾ¡°·åÖµÖ®¹â¡±¶ñÒâÈí¼þ £¬¸ÃÈí¼þ»á¼ÓÔØÐÅÏ¢ÇÔÈ¡·¨Ê½ÈçLumma¡£


https://thehackernews.com/2025/06/over-269000-websites-infected-with.html


2. ³¬4.6ÍòGrafanaÊ·ý佨²¹·ì϶CVE-2025-4123


6ÔÂ15ÈÕ £¬³¬¹ý46,000¸öÃæÏò»¥ÁªÍøµÄGrafanaÊ·ýÒò佨²¹¿Í»§¶ËÊ¢¿ª³Á¶¨Ïò·ì϶£¨CVE-2025-4123£©¶øÂ¶³öÓÚ·çÏÕÖ®ÖÐ £¬¸Ã·ì϶¿ÉÖ¶ñÒâ²å¼þÖ´ÐÐÓëÕÊ»§ÊÕÊÜ¡£¸Ã·ì϶ÔÚGrafana Labs 5ÔÂ21ÈÕ°ä²¼µÄ°²È«¸üÐÂÖеõ½½â¾ö¡£×êÑÐÈËԱͨ¹ý¹ØÁªÊý¾ÝÓëÆ½Ì¨ÔÚÉú̬ϵͳÖеÄÉ¢²¼ £¬ÆÀ¹À³ö¹²ÓÐ128,864¸öÊ·ý¶³öÔÚÍøÉÏ £¬ÆäÖÐ46,506¸öÈÔÔÚÔËÐдæÔÚ·ì϶µÄ°æ±¾ £¬Õ¼±ÈÔ¼36%¡£OX SecurityÉî¿Ì·ÖÎö·¢ÏÖ £¬¹¥»÷Õß¿Éͨ¹ý½áºÏ¿Í»§¶Ëõè¾¶±éÀúºÍÊ¢¿ª³Á¶¨Ïò»úÔì £¬ÓÕʹÊܺ¦Õßµã»÷¶ñÒâURL £¬´Ó¶ø´ÓÍþвÐÐΪÕß½ÚÔìµÄÍøÕ¾¼ÓÔØ¶ñÒâGrafana²å¼þ £¬ÕâЩ¶ñÒâÁ´½Ó¿ÉÔÚÓû§ä¯ÀÀÆ÷ÖÐÖ´ÐÐËÁÒâJavaScript¡£¸Ã·ì϶ÎÞÐèÌáÉýȨÏÞ £¬¼´±ãÆôÓÃÄäÃû½Ó¼ûÒ²¿É²ûÑï×÷Óà £¬ÔÊÐí¹¥»÷Õß½Ù³ÖÓû§»á»°¡¢¸ü¸ÄÕÊ»§Í´´¦ £¬²¢ÔÚ×°ÖÃGrafana Image Renderer²å¼þµÄÇé¿öÏÂÖ´ÐзþÎñÆ÷¶ËÒªÇóαÔ죨SSRF£©À´¶ÁÈ¡ÄÚ²¿×ÊÔ´¡£Ö»¹ÜGrafanaÖеÄĬÈÏÄÚÈݰ²È«Õ½Êõ£¨CSP£©ÌṩÁ˿϶¨±£»¤ £¬µ«ÎÞ·¨×èÖ¹´ËÀ๥»÷¡£OX SecurityµÄ·ì϶Åú×¢ £¬CVE-2025-4123¿ÉÔÚ¿Í»§¶Ë±»ÀûÓà £¬²¢Í¨¹ýGrafanaÔ­ÉúµÄJavaScript·ÓÉÂß¼­ÈƹýÏÖ´úä¯ÀÀÆ÷¹æ·¶»¯»úÔì¡£


https://www.bleepingcomputer.com/news/security/over-46-000-grafana-instances-exposed-to-account-takeover-bug/


3. ¼ÓÄôóµÚ¶þ´óº½¿Õ¹«Ë¾Î÷½Ýº½¿ÕÔâ·êÍøÂç¹¥»÷


6ÔÂ15ÈÕ £¬Î÷½Ýº½¿Õ×÷Ϊ¼ÓÄôóµÚ¶þ´óº½¿Õ¹«Ë¾ £¬ÔÚµ÷²éһ·ӰÏìÆä²¿ÃÅÄÚ²¿ÏµÍ³ºÍÒÆ¶¯ÀûÓ÷¨Ê½µÄÍøÂ簲ȫÊÂÎñ¡£¸ÃÊÂÎñµ¼Ö¶àÃûÓû§ÎÞ·¨½Ó¼ûÓйØÏµÍ³ £¬µ«¹«Ë¾Ç¿µ÷ÔËÓª°²È«Î´ÊÜÓ°Ïì¡£Î÷½Ýº½¿ÕÔÚÊÂÎñ²úÉúºóѸ¿ìÆô¶¯ÁËרÃŵÄÄÚ²¿ÍŶÓ £¬²¢Óë·¨Âɲ¿ÃźͼÓÄôó½»Í¨²¿çÇÃܺÏ×÷ £¬ÒÔµ÷²éÊÂÎñÔ­Òò²¢¾¡Á¿Ï÷¼õÆäÓ°Ïì¡£¹«Ë¾ÕýÖÂÁ¦ÓÚ±£»¤³Ë¿ÍºÍÔ±¹¤µÄÃô¸ÐÊý¾ÝºÍÓ×ÎÒÐÅÏ¢ £¬²¢¶Ô·þÎñÖжϰµÊ¾Ç¸Ò⡣Ŀǰ £¬¹ØÓÚÕâ´Î¹¥»÷µÄ¾ßÌåϸ½ÚÉв»Ã÷ÏÔ £¬µ«Î÷½Ýº½¿Õ³ÐŵÔÚ»ñµÃ¸ü¶àÐÅÏ¢ºóʵʱ³½Ïí¡£¹«Ë¾½¨Òé³Ë¿ÍºÍÔ±¹¤ÔÚ¹²ÏíÓ×ÎÒÐÅϢʱά³ÖÉóÉ÷¡£½ØÖÁ2025Äê6ÔÂ14ÈÕ £¬Î÷½Ýº½¿Õº½°àÔËÓª°²È«Î´ÊÜÓ°Ïì £¬¹«Ë¾ÔÚÆÀ¹ÀÊÂÎñÓ°Ï첢Ѹ¿ì½â¾öÎÊÌâ¡£


https://securityaffairs.com/179027/uncategorized/canadas-airline-westjet-is-containing-a-cyberattack.html


4. SimpleHelp·ì϶ÔâÀûÓà £¬¹¥»÷¹«ÓÃÊÂÒµ¼Æ·ÑÈí¼þ¿Í»§


6ÔÂ13ÈÕ £¬ÃÀ¹úÍøÂ簲ȫ»ú¹¹CISA·¢³öÖÒ¸æ £¬ÀÕË÷Èí¼þÔËÓªÉÌÕýÀûÓÃSimpleHelp·ì϶¶Ô¹«ÓÃÊÂÒµ¼Æ·ÑÈí¼þÌṩÉ̵Ŀͻ§ÌáÒé¹¥»÷¡£±»ÀûÓõķì϶±àºÅΪCVE-2024-57727 £¬¸Ã·ì϶ÔÊÐí¹¥»÷Õß¼ìË÷Ãô¸ÐÐÅÏ¢ £¬ÈçÆ¾Ö¤ºÍAPIÃÜÔ¿¡£´Ë·ì϶ÓëÁí±íÁ½¸öÔÊÐí¹¥»÷ÕßÉÏ´«ËÁÒâÎļþ²¢ÌáÉýȨÏÞΪÖÎÀíÔ±µÄ·ì϶CVE-2024-57728ºÍCVE-2024-57726ÓÚ1Ô·ÝÒ»ÆðµÃµ½½¨²¹¡£CISAÔÚ·¢ÏÖÍþвÐÐΪÕßÀûÓÃCVE-2024-57727¹¥»÷ÔËÐÐSimpleHelpÔ¶³Ì¼à¿ØºÍÖÎÀíÈí¼þµÄÉ豸ºó £¬ÓÚ2Ô·ݽ«¸Ã·ì϶Ôö³¤µ½ÆäÒÑÖª±»ÀûÓ÷ì϶ÁбíÖС£5ÔÂÏÂÑ® £¬SophosÖÒ¸æ³ÆDragonForceÀÕË÷Èí¼þ¹¥»÷¿ÉÄÜÀûÓÃSimpleHelpÊ·ý·ì϶Σ¼°ÍйܷþÎñÌṩÉ̼°Æä¿Í»§µÄ°²È«¡£CISA½¨ÒéÈí¼þ¹©¸øÉÌ¡¢ÏÂÓοͻ§ºÍ×îÖÕÓû§µ±¼´²ÉÈ¡´ëÊ©½¨²¹ÆäSimpleHelp²¿Êð²¢Ñ°ÕÒÍ×Эָ±ê¡£


https://www.securityweek.com/simplehelp-vulnerability-exploited-against-utility-billing-software-users/


5. º«¹úƱÎñƽ̨Yes24ÔâÀÕË÷¹¥»÷ £¬ÓéÀÖ²úÒµÏÝÈë»ìÂÒ


6ÔÂ12ÈÕ £¬º«¹úÖØÒªÆ±Îñƽ̨¼°ÔÚÏßͼÊéÁãÊÛÉÌYes24ÓÚ6ÔÂ9ÈÕÁ賿Ôâ·êÀÕË÷Èí¼þ¹¥»÷ £¬µ¼Ö¸ùúÓéÀÖ²úÒµÏÝÈë»ìÂÒ¡£Õâ´Î¹¥»÷ÒÔÖÁYes24ÍøÕ¾¼°·þÎñÂ½ÐøËÄÌì̱»¾ £¬ÔÚÏßÑݳª»áÔ¤Ô¼¡¢µç×ÓÊé½Ó¼ûºÍÉçÇøÂÛְ̳ÄܾùÎÞ·¨Õý³£Ê¹Óà £¬¹«Ë¾ËäÉêÃ÷Ö¸±êÔÚ6ÔÂ15ÈÕÇ°È«Ãæ¸´Ô­ÔËÓª £¬µ«Ó°ÏìÒѼ«¶ÈÏÔÖø¡£º«¹úÒþÖÔ¼à¹Ü»ú¹¹¡°Ó×ÎÒÐÅÏ¢±£»¤Î¯Ô±»á¡±ÒÑÆô¶¯µ÷²é £¬ÒÉ»óÕâ´ÎÊÂÎñ¿ÉÄܵ¼Ö¿ͻ§Êý¾Ýй¶ £¬µ±¾Ö½«Éó²éYes24ÊÇ·ñÍÆ¹ãÁ˺«¹úÊý¾ÝÒþÖÔÂÉÀý¶¨µÄ˾·¨Ê¹Ãü¡£±¾µØÃ½Ì屨· £¬Õâ´Î·þÎñÖжÏÒý·¢ÁËÁ¬Ëø·´Ó³ £¬Ô̺¬ÆÓ±¦½£¡¢ENHYPEN¡¢ATEEZ¼°Ëµ³ª¸èÊÖB.IÔÚÄڵĶàλº«Á÷Ã÷ÐÇÔ¤ÊÛ¼°·ÛË¿»î¶¯±»ÆÈÍÆ³Ù»òÈ¡µÞ £¬²¿ÃÅÒôÀÖ¾çÔì×÷·½Ò²ÒªÇó¹Û¶à³öʾֽÖÊÃÅÆ±»òÓʼþÈ·ÈϺ¯È볡 £¬µ¼Ö²¿ÃŹ۶àÒòÎÞ·¨Ìṩ¿ÉÑé֤ƱÎñÐÅÏ¢¶øÔâ¾ÜÈ볡¡£Yes24ÖÜÈýÉêÃ÷ÒѳÁÐÂÕÆ¿ØÖÎÀíÔ¹ØË»§ £¬ÕýÖÂÁ¦¸´Ô­ÆäËû·þÎñ £¬µ«¹¥»÷ÕßÉí·ÝĿǰÉÐδÃ÷È·¡£¹«Ë¾°µÊ¾ÉÐδȷÈÏÓ×ÎÒÐÅÏ¢±íй £¬µ«ÒÑÏòº«¹úÊý¾ÝÒþÖÔ»ú¹¹»ã±¨Éæ¼°¿Í»§Êý¾ÝδÊÚȨ½Ó¼ûµÄ¿ÉÒɻ £¬²¢³ÐŵÈôºóÐøµ÷²é֤ʵÓ×ÎÒÐÅϢй¶ £¬½«µ±¼´Í¨ÖªÓû§¡£


https://therecord.media/yes24-south-korea-ransomware-attack


6. ºÚ¿Í³ÆÕ®Îñ´ßÊÕ¹«Ë¾CCCÔâÈëÇÖ £¬900¶àÍòÃÀ¹úÈËÐÅϢй¶


6ÔÂ13ÈÕ £¬ÍþвÐÐΪÕßÐû³ÆÒÑÈëÇÖ¸¥¼ªÄáÑÇÖÝÕ®Îñ´ßÊÕ¹«Ë¾ÐÅÓþ½ÚÔ칫˾£¨CCC£© £¬²¢µ¼ÖÂÊý°ÙÍòÃÀ¹úÈËÓ×ÎÒÐÅϢй¶¡£ÕâЩºÚ¿ÍÔÚÒ»¸öÊý¾Ýй¶ÂÛ̳Éϰ䲼ÁËÓйØÐÅÏ¢ £¬Ðû³ÆÇÔÈ¡ÁË910ÍòÃÀ¹úÈ˵ÄÃô¸ÐÊý¾Ý¡£CCCÊÇÒ»¼ÒרһÓÚÒ½ÁƱ£½¡ºÍµçÐÅÐÐÒµµÄÕ®Îñ´ßÊÕ¹«Ë¾ £¬Ä¿Ç°ÉÐδ¶Ô´ËÊÂ×÷³ö»ØÓ¦¡£×êÑÐÍŶӵ÷²éÁ˹¥»÷Õ߸½¼ÓÔÚÌû×ÓÖеÄÊý¾ÝÑù±¾ £¬·¢ÏÖй¶µÄÐÅÏ¢¿ÉÄÜÔ̺¬È«Ãû¡¢µç»°ºÅÂë¡¢ÐԱ𡢴ºÇï¡¢·¿²úÐÅÏ¢¡¢µÖѺ´û¿îÊý¾ÝºÍ´û¿îÀàÐ͵È¡£¹¥»÷Õßͨ³£¶ÔÕ¼ÓдóÁ¿¾ßÌåÐÅÏ¢µÄÊý¾Ý¿â¸ÐÐËÖ £¬ÓÉÓÚÕâЩÊý¾Ý¿ÉÓÃÓÚ×Ô¶¯»¯´¹µöÓʼþÚ¿Æ­¡¢½ðÈÚÚ¿Æ­ºÍÉí·Ý͵ÇÔ¡£Ó×ÎÒÉí·ÝÐÅÏ¢ºÍ²ÆÕþÐÅÏ¢µÄй¶Ϊ¶¨Ôì¹¥»÷ÌṩÁ˳ä×ã»úÓö £¬¹¥»÷Õß¿ÉÄÜÀûÓÃÕâЩÐÅÏ¢Õë¶Ô´æÔÚ²ÆÕþÎÊÌâµÄÓû§½øÐÐڲƭÐÔ²ÆÕþÔöÔ®»òÆäËû·þÎñµÄÚ¿Æ­¡£ÖµÍ×ÌùÐĵÄÊÇ £¬Õâ²¢·ÇCCC³õ´ÎÔâ·êÊý¾Ýй¶ÊÂÎñ¡£2023Äê £¬¸Ã¹«Ë¾¾ÍÔøÅû¶һ·Êý¾Ýй¶ÊÂÎñ £¬µ¼Ö³¬¹ý30ÍòÃÀ¹ú¾ÓÃñµÄÊý¾Ýй¶ £¬Æäʱй¶µÄÐÅÏ¢Ô̺¬ÐÕÃûºÍÉç»á°²È«ºÅÂëµÈ¡£


https://cybernews.com/news/credit-control-corporation-data-breach/