¼õ·ÊÒ©¾ÞͷŵºÍŵµÂÁÙ´²ÊÔÑéÊý¾ÝÔâй¶

°ä²¼¹¦·ò 2026-06-15
1. ¼õ·ÊÒ©¾ÞͷŵºÍŵµÂÁÙ´²ÊÔÑéÊý¾ÝÔâй¶


6ÔÂ12ÈÕ £¬³ö²ú³©Ïú¼õ·ÊÒ© Wegovy µÄµ¤ÂóÔìÒ©¹«Ë¾ÅµºÍŵµÂ½üÈÕÈ·ÈÏ £¬¹«Ë¾²¿ÃÅÄÚ²¿ITϵͳÔâ·êÍøÂ簲ȫÊÂÎñ £¬µ¼ÖÂ²Î¼ÓÆä²¿ÃÅÁÙ´²ÊÔÑéµÄ»¼ÕßÓйØÐÅÏ¢±»Ð¹Â¶¡£Ä¿Ç° £¬¹«Ë¾ÒÑÔÚ±í²¿ÍøÂ簲ȫר¼ÒµÄЭÖúÏ·¢Õ¹µ÷²é £¬²¢ÓëÓйØÖ÷¹Ü²¿ÃÅά³ÖÁªÏµ¡£Æ¾¾ÝŵºÍŵµÂ°ä²¼µÄÉêÃ÷ £¬Õâ´ÎÊÂÎñÖØÒªÓ°ÏìÁ˲μӹ«Ë¾²¿ÃÅÁÙ´²ÊÔÑéµÄ»¼ÕßµÄÌØ¶¨Êý¾Ý £¬µ«¹«Ë¾²¢Î´Ð¹Â©¾ßÌåÉæ¼°ÄÄЩÀàÐ͵ÄÊÔÑé¡£ÊÜÓ°ÏìµÄÓ×ÎÒÊý¾ÝÀà±ð¿ÉÄÜÔ̺¬»¼ÕßID¡¢µ®ÉúÄê·Ý¡¢ÐԱ𠣬ÒÔ¼°½¡È«»òÃâÒßÔ­ÐÔÊý¾ÝµÈ¡£²»Íâ £¬ÅµºÍŵµÂÇ¿µ÷ £¬ÕâЩÐÅÏ¢²¢Î´Í¨¹ýÐÕÃû»òÆäËûÖ±½Ó±êʶ·ûÓëÈκλ¼ÕßÖ±½Ó¹ØÁª¡£¹«Ë¾ÒÔΪ £¬½öƾй¶µÄÐÅÏ¢ £¬ÈκεÚÈý·½¶¼ÎÞ·¨¼ø±ð³ö¾ßÌåµÄÁÙ´²ÊÔÑé²Î¼ÓÕß¡£ÈôҪȷÈÏ»¼ÕßÉí·Ý £¬»¹±ØÒª»ñÈ¡Óë¸ÃÊÂÎñÎ޹صĶî±íÐÅÏ¢¡£ÔÚ°²È«·çÏÕ·½Ãæ £¬ÅµºÍŵµÂ°µÊ¾ £¬Ä¿Ç°ÒÔΪ¸ÃÊÂÎñ²»»á¶Ô»¼Õß×é³ÉÈκÎÖ±½Ó·çÏÕ¡£Ö»¹ÜÈç´Ë £¬¹«Ë¾ÈÔ½¨Ò黼Õß×Ô¶¯»ã±¨ÈκοÉÄÜÓë¸ÃÊÂÎñÓйصÄÒì³£Çé¿ö¡£ÎªÁ˽ÚÔìÊÂ̬·¢Õ¹ £¬¹«Ë¾ÒÑÁÙʱ¹Ø¹ØÁ˲¿ÃÅÄÚ²¿ITϵͳ £¬²¢ÔÚÒÔ¿É¿ØÇÒ°²È«µÄ·½Ê½Ö𲽸´Ô­ÊÜÓ°ÏìϵͳÉÏÏß¡£ÖµÍ×ÌùÐĵÄÊÇ £¬¹«Ë¾Ö÷ÌâÒµÎñÔËӪδÊÜÓ°Ïì £¬³ö²úºÍÏúÊÛ¹¤×÷ÈÔÕý³£½øÐС£


https://cybernews.com/security/novo-nordisk-clinical-trial-patient-data-cyberattack/


2. ShinyHuntersÐû³ÆÇÔÈ¡À­·ò¡¤ÀÍÂ׳¬220GBÊý¾Ý


6ÔÂ11ÈÕ £¬³ôÃûÔ¶ÑïµÄºÚ¿Í×éÖ¯ShinyHunters½üÈÕÔÚÆä°µÍø²©¿ÍÉϰ䲼ÐÅÏ¢ £¬Ðû³ÆÒѳɹ¦¹¥»÷ÃÀ¹úʱÉоÞÍ·À­·ò¡¤ÀÍÂ×¹«Ë¾ £¬²¢ÇÔÈ¡Á˳¬¹ý220GBµÄÊý¾Ý¡£Æ¾¾Ý¸ÃÍÅ»ï°ä²¼µÄÌû×Ó £¬Ð¹Â¶µÄÊý¾Ý¼¯¼«ÎªÖØ´ó £¬ÄÚÈݺ­¸Ç¿Í»§Ó×ÎÒÉí·ÝÐÅÏ¢¡¢²É°ìÓëÂòÂô¼Í¼ £¬ÒÔ¼°2027Äê¼°ÒÔÀ´µÄ½«À´Î´°ä²¼°æ±¾µÄ²úÆ·ÐÅÏ¢¡£À­·ò¡¤ÀÍÂ×ÊÇÒ»¼ÒÄêÊÕÈ볬¹ý66ÒÚÃÀÔª¡¢È«ÇòÔ±¹¤³¬¹ý23000È˵ĴóÐÍʱÉÐÆóÒµ £¬ÒµÎñ±é²¼È«Çò550¶à¸öµØÖ·¡£½ØÖÁĿǰ £¬¹¥»÷ÕßµÄÌû×ÓÖв¢Î´Ô̺¬ÈκÎÊý¾ÝÑù±¾ £¬Òò¶ø±í½çÉÐÎÞ·¨¶ÀÁ¢ÑéÖ¤Æä˵·¨µÄÕæÊµÐÔ¡£È»¶ø £¬ShinyHuntersÊǽü¼¸¸öÔÂÀ´×î»îÔ¾µÄºÚ¿Í×éÖ¯Ö®Ò» £¬Æä¹ýÍùÐû³ÆµÄ¹¥»÷ͨ³£ÓµÓнϸߵĿÉÐŶÈ¡£¸ÃÍÅ»ïÍþв³Æ £¬½«ÓÚ6ÔÂ14ÈÕÕýʽ°ä²¼À­·ò¡¤ÀÍÂ×µÄÊý¾Ý¡£ÍøÂç·¸×ï·Ö×Óͨ³£»áÔÚ¹«¿ªÐ¹Â¶Êý¾Ý֮ǰÒÔ´ËÍþвÊܺ¦ÕßÖ§¸¶Êê½ð £¬µ«°²È«×¨¼ÒÖ¸³ö £¬Âú×ã¹¥»÷ÕßµÄÒªÇó²»½ö¿ÉÄÜÕÐÖ¸ü¶àÍøÂç·¸×ï·Ö×ӵı¨³ð £¬Ò²ÎÞ·¨±£Õ϶ñÒâ¹¥»÷Õß»áÕæÕýɾ³ý±»µÁÊý¾Ý¡£´ÓDZÔÚ·çÏÕÀ´¿´ £¬¿Í»§µÄÓ×ÎÒÉí·ÝÐÅÏ¢¿ÉÄܱ»ÓÃÓÚÉç½»¹¤³Ì¡¢Éí·Ý͵ÇÔºÍÍøÂç´¹µö¹¥»÷£»¶øÉÐδ°ä²¼µÄ²úÆ·ÐÅϢй¶ £¬Ôò¿ÉÄÜÑϳÁÇÖº¦¹«Ë¾µÄÑз¢¹ý³Ì £¬Ôì³ÉÊý°ÙÍòÃÀÔªµÄ¾­¼ÃËðʧ¡£


https://cybernews.com/security/ralph-lauren-data-breach-claims/


3. WiseÓû§Êý¾ÝÒÉÔâÇÔÈ¡ £¬Ô̺¬½ü490Íò±Ê¼Í¼


6ÔÂ11ÈÕ £¬½üÈÕ £¬Ò»ÃûÍøÂçÍþвÐÐΪÕßÔÚÒ»¸öµØÏÂÍøÂç·¸×ïÂÛ̳Éϰ䲼ÐÂÎÅ £¬Ðû³ÆÆäÕ¼ÓÐÒ»¸ö´Ó½ðÈڿƼ¼Æ½Ì¨WiseÇÔÈ¡µÄÊý¾Ý¿â £¬ÄÚº¬Ô¼490ÍòÌõÓû§¼Í¼¡£WiseÊÇÒ»¼ÒÈ«Çò³ÛÃûµÄ½ðÈڿƼ¼¾ÞÍ· £¬»îÔ¾Óû§³¬¹ý1500ÍòÈË¡£¾ÝÂô¼Ò³Æ £¬¸ÃÊý¾Ý¼¯Ô̺¬´óÁ¿Ó×ÎÒÐÅÏ¢ £¬ÖØÒªÉæ¼°Î÷°àÑÀÓû§¡£¹ÌÈ»Õâ´ÎÊý¾Ýй¶µÄ¹æÄ£ÉÐδµÃµ½¹Ù·½Ö¤Êµ £¬µ«ÍøÂ簲ȫ×êÑÐÈËÔ±ÔÚ·ÖÎöÁËÍþвÐÐΪÕßÌṩµÄÑù±¾ºó·¢³öÖҸ棺й¶µÄÐÅÏ¢¼«ÓпÉÄܱ»ÓÃÓÚÑϳÁµÄڲƭºÍÉí·Ý͵ÇԻ¡£×êÑÐÈËÔ±Éó²éÁËÑù±¾ÖеÄ17±Ê¼Í¼ £¬·¢ÏÔìäÖÐÔ̺¬Ò»ÏµÁÐÓ×ÎÒÉí·ÝÐÅÏ¢ £¬Ô̺¬È«Ãû¡¢µ®ÉúÈÕÆÚ¡¢ÐÔ±ðÐÅÏ¢¡¢ÁªÏµ·½Ê½ £¬ÒÔ¼°ÓÈΪÃô¸ÐµÄÎ÷°àÑÀNIFºÅÂë¡£×êÑÐÈËÔ±»¹°ÑÎȵ½ £¬Ñù±¾¼Í¼ÖеŦ·ò´ÁÏà¶Ô½ÏР£¬ÈÕÆÚÁìÓò¼¯ÖÐÔÚ2025ËêĺÖÁ2026ËêÊס£ÕâÅú×¢Êý¾ÝºÜ¿ÉÄÜÊǽüÆÚ±»ÌáÈ¡µÄ £¬¶ø·ÇÀ´×Ծɺ±¼û¾Ýй¶ÊÂÎñµÄ³ÁÐÂÀûÓ᣼´±ãй¶µÄÊý¾ÝÖв»Ô̺¬Ö±½ÓµÄ²ÆÕþÕË»§ÐÅÏ¢ £¬ÕâЩ¶³öµÄÓ×ÎÒ×ֶζÔÍøÂç·¸×ï·Ö×Ó¶øÑÔÈÔÓµÓм«¸ßµÄÀûÓüÛÖµ¡£×êÑÐÈËÔ±ÖÒ¸æ³Æ £¬Ãûµ¥ÖÐÉæ¼°µÄÓ×ÎÒÃæ¶Ô×ÅÉí·Ý͵ÇÔ¡¢Ú²Æ­ÒÔ¼°¸ß¶ÈÕë¶ÔÐÔµÄÉç»á¹¤³Ì¹¥»÷µÄ³Á´ó·çÏÕ¡£µ±·¸×ï·Ö×Ó½«À´×Ô¶à¸öÆðÔ´µÄÓ×ÎÒÐÅÏ¢ÕûºÏÆðÀ´¹¹½¨¾ßÌåµÄÊܺ¦Õß»­Ïñʱ £¬·çÏÕ½«½øÒ»²½¼Ó¾ç¡£


https://cybernews.com/security/wise-spain-users-data-breach-forum/


4. ÒÁÀʹØÁªºÚ¿Í×éÖ¯HandalaÈëÇÖ¼ÓÖÝË®Îñ¹«Ë¾


6ÔÂ12ÈÕ £¬ÓëÒÁÀÊÓйØÁªµÄºÚ¿Í×éÖ¯Handala±¾ÖÜÐû³Æ³É¹¦ÈëÇÖÁËÃÀ¹ú¼ÓÖÝË®Îñ¹«Ë¾ £¬²¢°ä²¼Á˾ݳƴӸù«Ë¾ÇÔÈ¡µÄ5GBÊý¾Ý¡£¸ÃºÚ¿Í×éÖ¯ÔÚÆä²©¿ÍÉÏ·¢Ìû³Æ £¬Õâ´Î¹¥»÷ÊǶÔÃÀ¹ú½üÆÚÔÚÒÁÀʲÉÈ¡Ðж¯µÄ±¨³ð £¬²¢°áŪµØ°µÊ¾ËûÃÇÓÐÄÜÁ¦·ÛËéÒÁÀʵÄÓÃˮϵͳ £¬µ«Ñ¡Ôñ²»Õâô×ö¡£¹ÌÈ»HandalaËùÐû³ÆµÄ½Ó¼ûȨÏÞ¼¶±ðÉÐδµÃµ½¶ÀÁ¢Ö¤Êµ £¬µ«Íþвµý±¨¹«Ë¾Dataminr·ÖÎöÒÔΪ £¬¸ÃÍþвÐÐΪÕߺܿÉÄÜÊ×ÏÈÈëÇÖÁ˼ÓÖÝË®Îñ¹«Ë¾µÄÓÃÓÚGNSS»ùÕ¾ÖÎÀíµÄƽ̨RTKBaseÊ·ý £¬¶øºóͨ¹ýºáÏòÒÆ¶¯ÇÖÈëÁ˼ƷÑϵͳ¡£Dataminr֤ʵ £¬¼ÓÖÝË®Îñ¹«Ë¾Ææ¿ÆÇøÒÑÈ·ÒÔΪÕâ´Î¹¥»÷µÄÊܺ¦Õß¡£Handalaй¶µÄÊý¾ÝÏÔʾ £¬¹¥»÷Õß¿ÉÄܽӼûÁ˿ͻ§¼Æ·ÑÊý¾Ý¿âÒÔ¼°¹«Ë¾ÄÚ²¿µÄRTKBaseÀûÓ÷¨Ê½¡£Dataminr½øÒ»²½Ö¸³ö £¬ÔÚ±»½Ó¼ûʱ £¬¸ÃRTKBaseÊ·ýÒÑÂ½ÐøÔËÐÐÔ¼783Ó×ʱ £¬GPSУ¶ÔÊý¾ÝÁ÷ÒÑ´«ÊäÖÁËùÓÐÆß¸öÒÑÈ·¶¨µÄÇøÓò¹ÒÔØµã¡£´Óй¶µÄÊý¾ÝÄÚÈÝÀ´¿´ £¬Handalaµ¼³öµÄÎļþËÆºõÊÇÒ»¸öÔ̺¬´óÁ¿Ó×ÎÒÉí·ÝÐÅÏ¢µÄÅúÁ¿Êý¾Ý¿â £¬¾ßÌåÔ̺¬¿Í»§ÐÕÃû¡¢µØÖ·¡¢µç»°ºÅÂë¡¢Õ˺ÅÒÔ¼°Ö§¸¶º¹Çà¼Í¼¡£´Ë±í £¬¹¥»÷ÎļþÖл¹Ô̺¬RTKBaseƽ̨µÄÖÎÀíÆ¾Ö¤ £¬ÒÔ¼°¹ÒÔØµã¼¶´ËÍâNTRIPÔ´ÃÜÂë¡£¹¥»÷Õß»¹Ã¶¾ÙÁ˼ÓÖÝË®Îñ¹«Ë¾ÔÚÆß¸öµØÓòNTRIPÍøÂç¹ØÁªµÄIPµØÖ·¡£


https://www.securityweek.com/iranian-cyber-group-handala-claims-cal-water-hack/


5. ArchÓû§²Ö¿â³¬400¸öÈí¼þ°ü±»Ö²Èë¶ñÒâÈí¼þ


6ÔÂ12ÈÕ £¬½üÈÕ £¬°²È«×êÑÐÈËÔ±·¢ÏÖ £¬Arch LinuxÓû§²Ö¿â£¨AUR£©ÖÐÓг¬¹ý400¸öÈí¼þ°üÔÚ·Ö·¢Õë¶ÔÍ´´¦ºÍ½Ó¼ûÁîÅÆµÄLinux rootkit¼°ÐÅÏ¢ÇÔÈ¡¶ñÒâÈí¼þ¡£AURÊÇÒ»¸öÓÉÉçÇøÊØ»¤µÄÈí¼þ²Ö¿â £¬Ô̺¬´óÁ¿¹Ù·½²Ö¿âÖÐûÓеÄÈí¼þ°ü¹¹½¨¾ç±¾ £¬ÉîÊܸ߼¶Óû§ºÍ¿ª·¢ÈËÔ±Çàíù¡£È»¶ø £¬¸Ãƽ̨²»×ãÑϸñµÄÉó²é»úÔì £¬Ê¹µÃÍþвÐÐΪÕß¿ÉÄÜͨ¹ý´Û¸ÄÈí¼þ°ü»ò½Ù³Ö¹ÂÁ¢ÏîÄ¿À´ÍÆËͶñÒâ´úÂë¡£¾Ý¿ªÔ´µý±¨ÉçÇø¶ÀÁ¢Áª¹úµý±¨ÍøÂ磨IFIN£©µÄ»ã±¨ £¬Ò»ÃûеÄÊØ»¤ÕßÔÚAURÉϼÙÒâÊÜÐÅÀµµÄ°ä²¼Õß £¬´«²¼ÊÜϰȾµÄÈí¼þ°ü¡£±»ÈëÇÖµÄÈí¼þ°üͨ¹ýÅú¸ÄԤװÖþ籾 £¬ÏÂÔØ²¢Ö´ÐÐÒ»¸öÃûΪ¡°atomic-lockfile¡±µÄ¶ñÒânpm°ü¡£¶ÀÁ¢°²È«×êÑÐÔ±Whanos·ÖÎöÖ¸³ö £¬¸Ãnpm°üÖÐÔ̺¬Ò»¸öÃûΪ¡°deps¡±µÄLinux ELFÓÐÐ§ÔØºÉ £¬¾ß±¸Æ¾Ö¤ÇÔȡְÄÜ £¬²¢¿ÉÑ¡ÔñÆôÓýöÏÞrootÓû§µÄeBPF rootkitÄ£¿é¡£¸Ã¶ñÒâÈí¼þרÃÅÕë¶Ô¿ª·¢Õß¹¤×÷Õ¾ºÍ¹¹½¨»·¾³Éè¼Æ £¬ÆäÇÔȡָ±ê¼«Îª¿í·º £¬Ô̺¬ä¯ÀÀÆ÷¼°ElectronÀûÓ÷¨Ê½Êý¾Ý¡¢Slack¡¢Microsoft Teams¡¢Discord¡¢GitHub¡¢npm¡¢Vault¡¢Docker/Podman¡¢SSH¡¢VPN×ÊÁÏ¡¢shellº¹Çà¼Í¼ÒÔ¼°ÆäËû±¾µØ¿ª·¢Õß»úÃÜÐÅÏ¢¡£Ò»µ©µÃÊÖ £¬¹¥»÷Õß±ã¿ÉÀûÓÃÕâЩƾ֤½øÒ»²½ÉøÈëÄÚ²¿ÏµÍ³»ò·¢Õ¹¹©¸øÁ´¹¥»÷¡£


https://www.bleepingcomputer.com/news/security/over-400-arch-linux-packages-compromised-to-push-rootkit-infostealer/


6. ºÚ¿ÍÐû³ÆÇÔÈ¡DynatraceÄÚ²¿GitHub´úÂë¿â


6ÔÂ12ÈÕ £¬½üÈÕ £¬Ò»ÃûÍøÂç¹¥»÷ÕßÔÚ³ôÃûÔ¶ÑïµÄºÚ¿ÍÂÛ̳ÉÏ·¢Ìû £¬Ðû³Æ³É¹¦ÇÔÈ¡ÁËDynatrace¹«Ë¾µÄÄÚ²¿GitHub´úÂë¿â £¬²¢ÔÚ¶Ô±í¶µÏú¡£¾Ý³Æ £¬±»µÁÊý¾Ý×Ü´óÓ×Ϊ8.46GB £¬Ô̺¬246¸ö´úÂë¿â¡£Æ¾¾Ý¹¥»÷ÕßµÄÌû×Ó £¬Õâ´ÎÊý¾Ýй¶ÊÇͨ¹ý±»µÁÓõĿª·¢ÕßÓ×ÎÒ½Ó¼ûÁîÅÆÊµÏֵġ£±»µÁÐÅÏ¢º­¸ÇÁË¿í·ºµÄ¼¼ÊõºÍ»ù´¡ÉèÊ©Êý¾Ý £¬Ô̺¬»ù´¡ÉèÊ©ÍØÆË¡¢CI/CDÅäÖá¢KubernetesÖÎÀíÏêÇé¡¢TerraformÄ£¿é¡¢ArgoCD²¿ÊðÐÅÏ¢¡¢ÔÆÕÊ»§²Î¿¼ÒÔ¼°ÄÚ²¿²¿Êðƾ֤¡£ÈôÊÇÕâЩ˵·¨Êôʵ £¬¸ÃÊý¾Ý¼¯½«Îª¹¥»÷ÕßÌṩ¹ØÓÚDynatraceÄÚ²¿¿ª·¢ºÍÔÆ»·¾³µÄ¹óÖØµý±¨ £¬¿ÉÄܱ»ÓÃÓڲ߶¯Õë¶Ô¸Ã¹«Ë¾¼°Æä¿Í»§µÄ¾«×¼ÍøÂç¹¥»÷¡£ÍøÂçÐÂÎÅ×êÑÐÈËÔ±ÒÑÉó²éÁ˹¥»÷Õß°ä²¼µÄÊý¾ÝÑù±¾¡£Ñù±¾ÖÐÔ̺¬Á½ÕžݳÆÏÔʾDynatraceÔ±¹¤ÐÅÏ¢µÄ½ØÍ¼ £¬Éæ¼°È«Ãû¡¢Óû§ÃûÒÔ¼°¿ÉÄÜÓÃÓÚÄÚ²¿ÏµÍ³½Ó¼ûµÄ¹«Ë¾µç×ÓÓʼþµØÖ·¡£´Ë±í £¬¹¥»÷Õß»¹°ä²¼ÁËÒ»¸öʾÀý´úÂë¿â £¬¾­×êÑÐÈËÔ±·ÖÎö £¬¸Ã´úÂë¿âËÆºõÔ̺¬Dynatrace ScorecardsµÄÔ´´úÂë £¬ÕâÊǸù«Ë¾Æ½Ì¨ÉÏʹÓõÄÒ»¸öÀûÓ÷¨Ê½¡£×êÑÐÈËÔ±ÒÔΪ £¬Ñù±¾Óë±»µÁÊý¾ÝµÄÐÔÖÊÏà·û £¬µ«ÏÖÓÐÖ¤¾ÝÉв»¼°ÒÔÆëȫ֤ʵÂô¼Ò¹ØÓÚ´æ´¢¿â×ÜÊý¼°8.46GBÊý¾Ý×ÜÁ¿µÄ˵·¨ £¬ÓÈÆäÊǹØÓÚ²¿Êðƾ֤ºÍÔÆ»·¾³²Î¿¼µÄ¾ßÌåÄÚÈÝ £¬Ä¿Ç°ÎÞ·¨´ÓÑù±¾ÖжÀÁ¢ÑéÖ¤¡£


https://cybernews.com/security/dynatrace-github-source-code-leak/