Holaä¯ÀÀÆ÷Windows°æÔ⹩¸øÁ´¹¥»÷

°ä²¼¹¦·ò 2026-06-05
1. Holaä¯ÀÀÆ÷Windows°æÔ⹩¸øÁ´¹¥»÷


6ÔÂ4ÈÕ£¬½üÈÕ£¬Holaä¯ÀÀÆ÷µÄWindows°æ±¾ÔÚÒ»´Î¹©¸øÁ´¹¥»÷ÖÐÔâµ½ÈëÇÖ£¬¹¥»÷ÕßÏòÓû§ÏµÍ³ÖÐÇÄȻͶ·ÅÁËÒ»¸öδ¾­ÉêÃ÷µÄ¶ñÒâ¿ÉÖ´ÐÐÎļþ£¬¾­ÍøÂ簲ȫ×êÑÐÈËÔ±¼ø¶¨£¬¸ÃÎļþʵΪÃÅÂÞ±Ò¼ÓÃÜÇ®±ÒÍÚ¿ó·¨Ê½¡£ÕâÒ»°²È«·ì϶²¢·ÇÓÉÓû§×Ô¶¯·¢ÏÖ£¬¶øÊÇÔÚHolaä¯ÀÀÆ÷¶¨ÆÚ½ÓÊÜAppEsteemÈÏÖ¤²âÊÔ·¨Ê½µÄ¹ý³ÌÖб»¼ì²âµ½µÄ¡£ÔÚ×îеÄÀûÓ÷¨Ê½ÆëÈ«ÐԲ鳭ÖУ¬Sophos¼°ÆäËû²Î¼ÓÆÀ¹ÀµÄÍøÂ簲ȫ¹«Ë¾·¢ÏÖ£¬ÔÚijЩÇé¿öÏ£¬Ò»¸öÃûΪ¡°me.exe¡±µÄδÉêÃ÷¿ÉÖ´ÐÐÎļþ±»×°ÖÃÓÚ¡°C:\Program Files\Hola\¡±Ä¿Â¼Ï¡£¸ÃÎļþδ¾­ÈÏÖ¤¡¢ÎÞ¹¦·ò´Á¡¢ÎÞÊý×ÖÊðÃû£¬ÄڷѽâÏý´úÂëÇҾ߱¸Ð´ÈëÄÚ´æµÄÄÜÁ¦¡£¾­·ÖÎö£¬SophosÈ·Èϸöþ½øÔìÎļþΪÃÅÂÞ±Ò¼ÓÃÜÇ®±ÒÍÚ¿ó·¨Ê½£¬Ëü»áÔö³¤Ò»ÌõWindows DefenderÅųý¹æ¶¨£¬½«×ÔÉí¸´Ôìµ½Program FilesĿ¼Ï²¢¶¨ÃûΪ¡°HolaMonitorService.exe¡±£¬Í¬Ê±´´½¨Ò»¸öÃûΪ¡°hola_monitor_svc¡±µÄ×Ô¶¯Æô¶¯Windows·þÎñ£¬ÔÚÍÆËã»ú¿ÕÏÐʱִÐÐÍÚ¿ó²Ù×÷¡£Õë¶Ô´ËÊ£¬Hola»ØÓ¦³ÆÒÑ´ÓAppEsteem»ñϤµ÷²éÁ˾ֲ¢È·ÈϹ©¸øÁ´Ôâ·ÛË飬½öÔ¼0.1%µÄÓû§Êܵ½Ó°Ï죬ÇÒÎÞÖ¤¾ÝÅú×¢Óû§Êý¾ÝÔâ½Ó¼û¡¢ÇÔÈ¡»òй¶¡£


https://www.bleepingcomputer.com/news/security/hola-browser-for-windows-compromised-to-deliver-cryptominer/


2. MagecartÀûÓÃStripeÓëGoogleÓòÃûÇÔÊØÐÅÓþ¿¨Êý¾Ý


6ÔÂ4ÈÕ£¬ÍøÂ簲ȫ×êÑÐÈËÔ±·¢ÏÖ£¬MagecartºÚ¿ÍÌáÒéÁËÒ»Ïîй¥»÷£ºÀûÓÃStripeµÄAPIÍйÜÇÔÊØÐÅÓþ¿¨µÄ¶ñÒâ´úÂ룬²¢´æ´¢´ÓµçÉ̽áÕËÒ³ÃæµÁÈ¡µÄÖ§¸¶Êý¾Ý¡£Õû¸ö¹¥»÷ÒÀÀµÓÚµçÉÌĬÈÏÐÅÀµµÄÓòÃûm.ginostudio.comºÍapi.stripe.com£¬´Ó¶øÈƹýÄÚÈݰ²È«Õ½Êõ¡£¶ñÒâ´úÂë´ÓGoogle Tag ManagerÈÝÆ÷¼ÓÔØ£¬ÔÚ½áÕËÒ³Ãæ¼¤»îºóÏòStripe APIÒªÇóÌØ¶¨¿Í»§¼Í¼£¬´ÓÖжÁÈ¡»ìºÏµÄJavaScript²¢ÓÃnew Function()Ö´ÐС£¸ÃÇÔÈ¡Æ÷Õë¶ÔMagento»òAdobe CommerceÒ³Ãæ£¬ÇÔÈ¡¿¨ºÅ¡¢CVV¡¢ÐÕÃû¡¢µØÖ·µÈÐÅÏ¢¡£Êý¾Ý¾­XOR»ìºÏºó±¾µØ´æ´¢£¬Ëæºóÿ·ÖÖÓÖ´ÐÐÒ»´Î£º½«Êý¾Ý·Ö°ë£¬´´½¨ÐÂStripe¿Í»§¶ÔÏ󣬽«µÁÈ¡Êý¾Ý´æÈëÆäÔªÊý¾Ý×ֶΡ£Ã¿Õű»µÁ¿¨³ÉΪ¹¥»÷ÕßStripeÕË»§ÖеÄÐéα¼Í¼£¬StripeÂÙΪÊý¾Ýºó¶Ë¡£Êý¾Ý¸´Ôìºó±¾µØÎļþ±»¶Ï¸ù¡£ÁíÒ»¹¥»÷±äÌåʹÓÃGoogle Firestore°ü°ìStripe£¬ÓÐÐ§ÔØºÉ´Ó¡°braintree-payment-app¡±ÏîÄ¿¼ìË÷¡£Óйؼͼ´´½¨ÓÚ2025Äê12ÔÂ24ÈÕ¡£½¨ÒéÓû§Ê¹ÓÃÒ»´ÎÐÔÐé¹¹¿¨·À±¸·çÏÕ¡£


https://www.bleepingcomputer.com/news/security/credit-card-theft-campaign-abuses-stripe-to-host-stolen-payment-info/


3. DentaQuestÊý¾Ýй¶ӰÏì260ÍòÕË»§


6ÔÂ4ÈÕ£¬ÃÀ¹ú×î´óµÄÑÀ¿Æ¸£ÀûÖÎÀí¹«Ë¾Ö®Ò»DentaQuest½üÈÕ²úÉú³Á´óÊý¾Ýй¶ÊÂÎñ£¬Õâ´Î°²È«ÊÂÎñÓÚÉϸöÔ³õ´ÎÆØ¹â£¬ÆäʱÀÕË÷×éÖ¯ShinyHunters½«DentaQuestÁÐÈëÆäÊý¾ÝÐ¹Â¶ÍøÕ¾£¬Ðû³ÆÇÔÈ¡Á˳¬¹ý234GBµÄÊý¾Ý¡£¾Ý¸ÃÍþвÐÐΪÕ߳ƣ¬ÓÉÓÚδÄÜÓ빫˾´ï³ÉºÍ̸£¬Êý¾ÝÒѱ»¹«¿ªÐ¹Â¶¡£6ÔÂ2ÈÕ£¬DentaQuestÔÚÆäÍøÕ¾ÉÏÖ¤ÊµÍøÂçÔâµ½ÈëÇÖ£¬²¢°µÊ¾¸ÃÊÂÎñ¶Ô¿Í»§·þÎñÔì³ÉÁË¡°ÓÐÏÞµÄ×ÌÈÅ¡±¡£¹«Ë¾ÔÚÉêÃ÷ÖгÆ£¬ËûÃÇ·¢ÏÖδ¾­ÊÚȨ½Ó¼ûÁËÍøÂçµÄÓÐÏÞ²¿ÃÅ£¬ÔÚÈ·ÈϳõʼÊÂÎñºóµ±¼´²ÉÈ¡Ðж¯È·±£»·¾³°²È«¡¢¶ôÔì¹¥»÷²¢¼õÇáÍþв£¬Í¬Ê±ÏµÍ³Î¬³ÖÈ«ÃæÔËÐУ¬³ÖÐøÎª¿Í»§Ìṩ·þÎñ²¢½«ÖжϽµµ½×îµÍ¡£¸Ã¹«Ë¾»¹°µÊ¾ÒÑÀñƸ±í²¿×¨¼ÒЭÖúµ÷²é²¢È·¶¨ÄÄЩÊý¾ÝÔ⵽й¶¡£×òÌ죬³ÛÃûÊý¾Ýй¶Ԥ¾¯·þÎñÍøÕ¾Have I Been Pwned·ÖÎöÁËй¶µÄÐÅÏ¢£¬·¢ÏÔìäÖÐÔ̺¬260Íò¸öÕË»§µÄ¼Í¼¡£¾ßÌå¶³öµÄÊý¾ÝÄÚÈÝÔ̺¬£ºµç×ÓÓʼþµØÖ·¡¢È«Ãû¡¢µç»°ºÅÂë¡¢µ±¾ÖÐû¸æµÄÉí·ÝÖ¤¼þ¡¢½¡È«±£ÏÕÐÅÏ¢¡¢ÐÔ±ðÒÔ¼°µ®ÉúÈÕÆÚ¡£¹ÌÈ»DentaQuestµÄÉêÃ÷²¢Î´Ö¤ÊµÊý¾Ýй¶ÊÇ·ñÖ±½ÓÓ°ÏìÆä¿Í»§£¬µ«Have I Been Pwnedͨ³£Ñ¡È¡¶àÖÖÑéÖ¤²½Öè¶Ôй¶Êý¾Ý¼¯½øÐкËʵ¡£¸ÃÍøÕ¾»¹Ö¸³ö£¬Ô¼66%µÄй¶¼Í¼´ËǰÒÑ´æÔÚÓÚÆäÊý¾Ý¿âÖУ¬ÕâЩ¼Í¼À´×Ô´ÓǰӰÏìÆäËû×éÖ¯ºÍ·þÎñµÄÊÂÎñ¡£


https://www.bleepingcomputer.com/news/security/dentaquest-data-breach-exposed-info-of-26-million-accounts/


4. ÊÀ½çÁ¸Ê³´òËãÊðÔâÈëÇÖ£¬60Íò¼ÒÍ¥Êý¾Ýй¶


6ÔÂ4ÈÕ£¬½áºÏ¹úÊÀ½çÁ¸Ê³´òËãÊð½üÈÕй©£¬ÆäÔÚ°ÍÀÕ˹̹¼ÓɳµØ´øÓÃÓÚÔöÔ®µÇ¼ÇµÄ×ÔÖ÷×¢²áÀûÓ÷¨Ê½Ôâµ½ÍøÂçÈëÇÖ£¬¹¥»÷ÕßÇÔÈ¡ÁËÔ¼60Íò¸ö°ÍÀÕ˹̹¼ÒÍ¥µÄÓ×ÎÒÊý¾Ý¡£¾Ý¸Ã×éÖ¯ÖÜÈÕ°ä²¼µÄTelegramÐÂÎÅÅû¶£¬¼ÓɳµÄ×ÔÖ÷µÇ¼ÇÀûÓ÷¨Ê½±»ÈëÇÖ£¬¹¥»÷Õß»ñÈ¡ÁËÔ̺¬ÊÜÒæÈËÐÕÃû¡¢Éí·ÝÖ¤ºÅÂë¡¢µç»°ºÅÂëÒÔ¼°Î»ÏàÐÅÏ¢ÔÚÄÚµÄÓ×ÎÒÊý¾Ý¡£ÊÀ½çÁ¸Ê³´òËãÊðÔÚÉêÃ÷Öа²¸§ÊÜÒæÈË£¬°µÊ¾ÒÑ×¢²áÕßÎÞÐè¸üС¢É¾³ý»ò³ÁÐÂ×¢²áÐÅÏ¢£¬ÈÔ½«³ÖÐø²Î¼ÓÔöÔ®ÏîÄ¿£¬Á¸Ê³¡¢ÏÖ½ð¼°ÆäËûÔöÔ®½«ÕÕ³£½øÐС£Í¬Ê±£¬×¢²áƽ̨Òѱ»ÁÙʱ¹Ø¹Ø£¬ÒÔ±ãÖ´Ðд¹Î£°²È«ºÍϵͳ±£»¤¸Ä½ø´ëÊ©£¬¸Ã×éÖ¯ÔÚµ÷²éÕâ´ÎÊÂÎñ²¢³ÖÐø¼à¿ØÊÂ̬·¢Õ¹¡£¹ÌÈ»¸Ã×éÖ¯ÉÐδ¹«¿ªÅû¶±»µÁÊý¾ÝµÄ¾ßÌåÈËÊý£¬µ«ÔÚÓëÊÀ½çÁ¸Ê³´òËãÊðÓë¡¶ÐÂÈË·Ö÷Òå¡·ÔÓÖ¾·ÖÏíµÄÒ»·ÝÉêÃ÷ÖÐÈ·ÈÏ£¬¹¥»÷ÕßÓÚ5ÔÂ14ÈÕÈëÇÖϵͳ£¬ÇÔÈ¡Á˼ÓɳµØ´øÔ¼60Íò¸ö°ÍÀÕ˹̹¼ÒÍ¥µÄÐÅÏ¢¡£ÖÜÄ©ÆÚ¼ä£¬ÊÀ½çÁ¸Ê³´òËãÊð»¹ÖÒ¸æ°ÍÀÕ˹̹ÊÜÒæÈËÌá¸ß¾¯Ì裬½÷·ÀÈκÎÐû³Æ´ú±í¸Ã×éÖ¯²¢Ë÷ÒªÐÅÏ¢»ò½ðÇ®µÄÈËÔ±£¬²»Öصã»÷»ò´ò¿ª¿ÉÒÉÁ´½Ó»òÐÂÎÅ¡£

https://www.bleepingcomputer.com/news/security/un-world-food-programme-breach-affects-600-000-gaza-households/


5. IronWorm¹¥ÏÂ36¸önpm°ü£¬ÇÔÈ¡ÔÆ¶ËÓë¼ÓÃÜÆ¾Ö¤


6ÔÂ4ÈÕ£¬Ò»³¡ÐÂÐ͹©¸øÁ´¹¥»÷ÒÑϰȾNode°üÖÎÀíÆ÷Ë÷ÒýÉϵÄ36¸öÈí¼þ°ü£¬ÕâЩ°ü±»Ö²ÈëÁËÃûΪIronWormµÄÐÅÏ¢ÇÔÈ¡¶ñÒâÈí¼þ¡£¾Ý×êÑÐÈËÔ±Åû¶£¬IronWormÓÃRust±àд£¬°µ²ØÓÚeBPFÄÚºËrootkitÖ®ºó£¬Í¨¹ýTorÍøÂçÓë¹¥»÷ÕßͨѶ¡£¸Ã¶ñÒâÈí¼þµÄÖ¸±êÔ̺¬86¸ö»·¾³±äÁ¿ºÍ20¸öƾ֤Îļþ£¬º­¸ÇOpenAI¡¢AWS¡¢Anthropic¼°npmƾ֤¡¢VaultÅäÖÃÎļþ¡¢SSHÃÜÔ¿£¬ÉõÖÁExodus¼ÓÃÜÇ®±ÒÇ®°üÎļþµÈÃô¸ÐÐÅÏ¢¡£IronWormÀûÓÃÇÔÈ¡µÄƾ֤ÔÚnpmÉÏ×ÔÎÒ´«²¼£¬Ô̺¬Óënpm¿ÉÐŰ䲼¹¤×÷Á÷³ÌÓйصÄÃÜÔ¿¡£Ò»µ©¹¥ÆÆ¿ª·¢Õß»ò³ÖÐø¼¯³É»·¾³£¬Ëü±ãÄܰ䲼Êܺ¦ÕßÕ¼ÓеÄÈí¼þ°üµÄľÂí°æ±¾£¬½ø¶øÏ°È¾¸ü¶à¿ª·¢ÕߺÍϵͳ¡£¹¥»÷ʼÓÚ±»ÈëÇֵġ°asteroiddao¡¹ØË»§£¬Í¨¹ý¡°preinstall¡±Ö´ÐÐRust¶þ½øÔ죬Ìá½»ÕßÏÔʾ¡°claude¡±£¬¹¦·ò´ÁαÔìΪ13Äêǰ¡£¶ñÒâÈí¼þÀûÓÃGitHub Actions±í´«ÃÜÔ¿£º½«ÃÜԿдÈë¿´ËÆÎÞº¦µÄÎļþ²¢×÷Ϊ¹¹½¨²úÆ·ÉÏ´«£¬ÆëȫԤ·ÀʹÓÃC2·þÎñÆ÷£¬µ«¸Ã±äÌåδÏÖʵѡȡ´Ë»úÔì¡£¹¥»÷Õß»¹½«¼ÓÃÜÇ®±ÒÇ®°ü¸´Ô­¶ÌÓïÓ²±àÂëÔÚ·¨Ê½ÖУ¬½öΪԤ·À²âÊԽ׶α»ÇÔ¡£


https://www.bleepingcomputer.com/news/security/new-ironworm-malware-hits-36-packages-in-npm-supply-chain-attack/


6. Å·ÖÞ¾¯·½È¡µÞαÔìÉí·ÝÖ¤¼þÔÚÏßÊг¡


6ÔÂ4ÈÕ£¬·¨¹úºÍÎ÷°àÑÀµ±¾Ö½üÈÕ½áºÏÈ¡µÞÁËÒ»¸öרÃÅÏòÔÚÅ·Ã˾³ÄڻµÄ͵¶ÉÍÅ»ïÏúÊÛ¼ÙÉí·ÝÖ¤¼þµÄÔÚÏßÊг¡¡£5ÔÂ27ÈÕ£¬·¨ÂÉÈËÔ±ÔÚÎ÷°àÑÀ°¢Àû¿²ÌØ¿ÛÁôÁËÒ»ÃûÏÓÒÉÈË£¬²¢´ÓÆäÓû¯Ãû×âסµÄ¹«Ô¢Öвé»ñÁËÎļþÔì×÷É豸ºÍÔ¼800·ÝαÔìµÄÅ·ÖÞÉí·ÝÖ¤¼þ¡£Å·ÖÞÐ̾¯×éÖ¯ÖÜËݵʾ£¬¾ÝПÃÏÓÒÉÈËÔËÓª×ÅÒ»¸öÔÚÏßÊг¡£¬ÏòÅ·ÖÞ¸÷µØµÄ¿Í»§ÌṩαÔìµÄÉí·ÝºÍÐÐÕþÎļþ£¬Ô̺¬Ö½ÖʰæºÍµç×Ó°æ¡£¸ÃÆ½Ì¨ÉæÏÓͨ¹ýÏò·¸×ïÍøÂçÌṩÓÃÓÚÌӱܱßÚï¹ÜÔì¡¢ÒÔڲƭ¼¿Á©»ñµÃ¾ÓÁôȨºÍÍÆ½øÅ·ÃËÄÚ²¿¶þ´ÎÁ÷¶¯µÄαÔìÎļþ£¬´Ó¶øÎªÒÆÃñ×ß˽»î¶¯Ìṩ·½±ã¡£Õâ´ÎÈ¡µÞÐж¯ÕýֵŷÖÞ¼ÓÃͽø¹¥È˶¡×ß˽Á¦¶ÈÖ®¼Ê¡£2026Äê3Ô£¬Å·ÖÞÐ̾¯×éÖ¯À©´óÁ˽ø¹¥È˶¡×ß˽µÄÄÜÁ¦£¬´ËǰŷÃËÓÚ2025Äê12ÔÂͨ¹ýÁËÒ»ÏîÐÂÂÉÀý£¬³ÉÁ¢ÁËÅ·ÖÞ½ø¹¥È˶¡×ß˽ÖÐÐÄ¡£¸ÃÖÐÐĵŤ×÷ÊǼÓÇ¿Frontex¡¢EurojustºÍ³ÉÔ±¹ú·¨ÂÉ»ú¹¹Ö®¼äµÄµý±¨¹²Ïí¡¢½ðÈÚµ÷²éÓëЭµ÷¡£


https://www.bleepingcomputer.com/news/security/police-dismantles-fake-id-marketplace-used-by-migrant-smugglers/