´ï¿Æµç×Ó½ÚÔìÆ÷·ì϶¿ÉÖ¸߿ìÂ·ÅÆÔâ´Û¸Ä

°ä²¼¹¦·ò 2026-07-01
1. ´ï¿Æµç×Ó½ÚÔìÆ÷·ì϶¿ÉÖ¸߿ìÂ·ÅÆÔâ´Û¸Ä


6ÔÂ30ÈÕ £¬ÍøÂ簲ȫ×êÑÐÈËÔ±½üÈÕÅû¶ £¬ÃÀ¹ú´óÐÍLEDÏÔʾϵͳÔì×÷ÉÌ´ï¿Æµç×Ó£¨Daktronics£©Æì϶à¿î½ÚÔìÆ÷´æÔÚÑϳÁ°²È«·ì϶ £¬¿ÉÄܱ»ºÚ¿ÍÀûÓÃÀ´´Û¸Ä¸ß¿ì¹«Â·½»Í¨±êÖ¾¡¢Êý×Ö¸æ°×ÅÆ¼°Ô˶¯³¡¹ÝÏÔʾÆÁÄÚÈÝ¡£´ï¿Æµç×ӵIJúÆ·±é²¼È«Çò £¬´Ó¸ßÖÐÌåÓý¹Ý¡¢×¨ÒµÔ˶¯³¡µ½¹ú¼Ê»ú³¡ºÍ³ÇÊиæ°×ÅÆ¾ùÓв¿Ê𠣬ӰÏìÁìÓò¿í·º¡£Æ¾¾ÝÃÀ¹úÍøÂ簲ȫºÍ»ù´¡ÉèÊ©°²È«¾Ö£¨CISA£©ÉÏÖܰ䲼µÄÕ÷ѯ»ã±¨ £¬ÊÜÓ°ÏìµÄ½ÚÔìÆ÷ÐͺÅÔ̺¬VFC-DMP-5000¡¢DMP-5000ºÍDMP-8000 £¬¹²´æÔÚÈý¸ö°²È«·ì϶¡£ÆäÖÐ×îÑϳÁµÄÊÇÒ»ÏîÎÞÐèÉí·ÝÑéÖ¤¼´¿ÉÀûÓõÄõè¾¶±éÀúÎÊÌâ £¬¹¥»÷Õ߿ɽè´Ëö¾ÙËÁÒâÎļþϵͳõè¾¶£»´Ë±í»¹ÓÐÒ»¸öÐè¾­Éí·ÝÑéÖ¤µÄËÁÒâÎļþÉÏ´«·ì϶£»ÒÔ¼°É豸³ö³§Ê±Ô¤ÉèÇÒδ±»Ç¿Ôì¸ü¸ÄµÄĬÈÏÖÎÀíԱʹ´¦ £¬¸ÃÍ´´¦¿ÉÌṩÆëÈ«µÄϵͳ½Ó¼ûȨÏÞ¡£CISAÔÚÕ÷ѯÖÐÖÒ¸æ³Æ £¬³É¹¦ÀûÓÃÕâЩ·ì϶¿Éʹδ¾­Éí·ÝÑéÖ¤µÄÓû§»ñµÃ¶ÔϵͳµÄÆëÈ«¸ù¼¶½Ó¼ûºÍ½ÚÔìȨ¡£´ï¿Æµç×ÓÔÚ»ñϤ·ì϶ºóѸ¿ìÏìÓ¦ £¬ÓÚ2026Äê1Ô³õͨ¹ýCISAµÄVINCEƽ̨½Ó¹Ü»ã±¨ £¬²¢ÔÚ3Ô³õ×óÓÒʵÏÖÁ˽¨¸´¹Ì¼þµÄ¿ª·¢¡£´ï¿Æµç×ÓÒÑÕýʽ°ä²¼²¹¶¡ £¬²¢Ç¿ÁÒ½¨ÒéÓû§¸ü¸ÄĬÈÏÃÜÂëÒÔÔ¤·ÀδÊÚȨ½Ó¼û¡£


https://www.securityweek.com/new-controller-flaws-expose-highway-signs-and-billboards-to-remote-hacking/


2. NotionÔâÊý¾Ýй¶ £¬1.1ÒÚÓû§¼Í¼±»¹ÒÅÆÏúÊÛ


6ÔÂ29ÈÕ £¬½üÈÕ £¬Ò»ÃûÍøÂç¹¥»÷ÕßÔÚ°µÅÌÂÛÌÓð»¯ù³ÆÒÑÈëÇÖÈȵãЧÄܹ¤¾ßNotionµÄÊý¾Ý¿â £¬²¢ÏúÊÛ³¬¹ý1.1ÒÚÌõÓû§¼Í¼¡£ÎªÖ¤Ã÷Æä¿ÉÐÅ¶È £¬¹¥»÷Õß¹«¿ªÁË48ÌõÑù±¾Êý¾Ý £¬¾­×êÑÐÈËÔ±Éó²é £¬Ñù±¾ÖÐÔ̺¬µç×ÓÓʼþµØÖ·¡¢ÃÜÂë¹þÏ£Öµ¡¢×¢²á¼°×îºóµÇ¼IP¡¢ÕË»§´´½¨Óë»î¶¯¹¦·ò´Á¡¢µØÓòÊ±ÇøÐÅÏ¢¡¢¹¤×÷ÇøÃû³Æ¼°Óû§½ÇÉ«µÈÃô¸Ð×Ö¶Î £¬ÄÚ²¿Ò»ÖÂÐÔ½Ï¸ß £¬µ«ËùÐû³ÆµÄ1.1Òڱʼͼ×ÜÊýÉдý¶ÀÁ¢ÑéÖ¤¡£Notion×÷Ϊһ¿î¼¯±Ê¼Ç¡¢ÖªÊ¶ÖÎÀíºÍºÏ×÷ÓÚÒ»ÌåµÄ³ö²úÁ¦Æ½Ì¨ £¬È«ÇòÓû§Òѳ¬¹ý1ÒÚ £¬Æä³ÛÃûÆóÒµ¿Í»§Ô̺¬Ó¢Î°´ï¡¢OpenAI¡¢·áÌïºÍVercel¡£Õâ´Îй¶µÄÊý¾ÝËäÒÔ¹þÏ£Öµ¶ø·ÇÃ÷ÎÄ´ó¾Ö´æ´¢ £¬µ«°²È«×¨¼ÒÖ¸³ö·çÏÕÒÀÈ»Ñϸñ¡£¹¥»÷Õß¿ÉÄÜͨ¹ý±©Á¦ÆÆ½â»ò²Êºç±íµÈ·½Ê½³¢ÊÔ»¹Ô­ÈõÃÜÂë £¬Èô³É¹¦»ñÈ¡Ã÷ÎÄÃÜÂë £¬½«Ö±½ÓÍþвÓû§ÔÚÆäËûƽ̨ÉϵÄÕË»§°²È« £¬Ë¼¿¼µ½´óÁ¿Óû§´æÔÚÃÜÂ븴ÓÃϰ¹ß £¬×²¿â¹¥»÷·çÏÕÓÈΪ͹Æð¡£´Ë±í £¬Ð¹Â¶µÄµç×ÓÓʼþµØÖ·ÓëµÇ¼ԪÊý¾Ý½áºÏ £¬¿É±»ÓÃÓڸ߶ȶ¨Ô컯µÄÓã²æÊ½ÍøÂç´¹µö»î¶¯ £¬¼ÙÒâNotion¹Ù·½»òÆäËû¿ÉÕÛ·þÎñÓÕµ¼Óû§½»³ö¸ü¶àÃô¸ÐÐÅÏ¢¡£


https://cybernews.com/security/notion-data-breach-claims/


3. 1-800-DentistÔâ÷è÷ëÀÕË÷ £¬»¼ÕßÑÀ¿ÆÊý¾Ý±»ÇÔ


6ÔÂ30ÈÕ £¬÷è÷ëÀÕË÷Èí¼þÍÅ»ï½üÈÕÔÚÆä°µÍøÊܺ¦Õß²©¿ÍÉϰ䷢ £¬Òѳɹ¦ÈëÇÖÃÀ¹úÂåɼí¶ÑÀ¿Æ×ªÕï·þÎñ¼°B2BÓªÏú½â¾ö¹æ»®¹«Ë¾1-800-Dentist £¬²¢ÍþвÈô²»Ö§¸¶Êê½ð½«¹«¿ªÈ«ÊýÇÔÈ¡Êý¾Ý¡£¸ÃÍÅ»ïÒѰ䲼11¸öÑù±¾ÎļþÒÔÖ¤Ã÷ÆäÈëÇÖÐÐΪ¡£Ö»¹Ü1-800-DentistÉÐδÕýʽȷÈÏÕâ´Î°²È«ÊÂÎñ £¬µ«Ë¾·¨×¨¼ÒÖÒ¸æ £¬Õâ´Îй¶¿ÉÄܲ¨¼°Êý°ÙÍòÒÀÀµ¸Ã¹«Ë¾×ªÕïÆ½Ì¨µÄÏû·ÑÕߺÍÑÀ¿ÆÕïËù £¬Éæ¼°´óÁ¿Ãô¸ÐÓ×ÎÒÓ뽡ȫÊý¾Ý¡£÷è÷ëÉÐδÅû¶¾ßÌåÇÔÈ¡µÄÊý¾ÝÁ¿»òÀàÐÍ £¬µ«1-800-DentistËùÍøÂçµÄÐÅÏ¢ÁìÓò¿í·º £¬¿ÉÄÜÔ̺¬»¼ÕßÐÕÃû¡¢µØÖ·¡¢µç»°¡¢µç×ÓÓʼþµÈÁªÏµ·½Ê½ £¬ÑÀ¿Æ·þÎñÒªÇó¡¢Ò½ÁÆÓëÑÀ¿Æ²¡Ê·¡¢ÑÀ³Ý»òÑÀö¸Ò½Ñ§Ó°Ïñ £¬ÒÔ¼°¸¶¿î·½Ê½ºÍÑÀ¿Æ±£ÏÕÌṩÉÌÐÅÏ¢¡£´Ë±í £¬»áÔ±ÑÀ¿ÆÕïËùµÄÁªÏµÐÅÏ¢¡¢»¼Õß»ñÈ¡Êý¾ÝºÍÔ±¹¤ÐÅϢͬÑù¿ÉÄܱ»Ð¹Â¶¡£Æ¾¾ÝHIPAAÂÉÀý £¬ÑÀ¿ÆÕïËùÓÐʹÃü±£»¤»¼Õߵĵç×ÓÓ×ÎÒ½¡È«ÐÅÏ¢ £¬Ò»µ©µÚÈý·½¹©¸øÉ̲úÉúÊý¾Ýй¶ £¬ÕïËù×ÔÉíͬÑùÃæ¶ÔºÏ¹æ×·Ôð·çÏÕ¡£


https://cybernews.com/news/800-dentist-ransomware-health-data-breach-qilin/


4. ˮʦ¹í»êÐж¯£ºPyPIºóÃÅÇÔÈ¡·þÎñÆ÷Êý¾Ý


6ÔÂ30ÈÕ £¬×Ô2025Äê11ÔÂÒÔÀ´ £¬Ò»³¡Õë¶ÔPython¿ª·¢ÕßµÄÒñ±Î¹©¸øÁ´¹¥»÷³ÖÐø·¢½Í £¬¹¥»÷Õßͨ¹ý°ä²¼Ä¾Âí»¯µÄPyrogram·ÖÖ§Èí¼þ°ü £¬ÔÚTelegram»úеÈ˹¹½¨»·¾³ÖÐÖ²ÈëºóÃÅ £¬´Ó¶øÊµÏÖÔ¶³ÌËÁÒâÎļþ¶ÁÈ¡ÓëºÅÁîÖ´ÐС£Æ¾¾ÝÀûÓð²È«¹«Ë¾CheckmarxµÄ×êÑл㱨 £¬ÕâÏî´úºÅΪ"ˮʦ¹í»êÐж¯"µÄ¶ñÒâ»î¶¯ÒѳÖÐø³¬¹ýÆß¸öÔ £¬½ØÖÁ2026Äê6Ô £¬ÖÁÉÙÓа˸ö¼Ù×°³ÉºÏ·¨Pyrogram·ÖÖ§µÄ¶ñÒâÈí¼þ°ü±»ÉÏ´«ÖÁPython°üË÷Òý£¨PyPI£© £¬ÀÛ¼ÆÏÂÔØÁ¿³¬¹ý2.5Íò´Î¡£ÕâЩÈí¼þ°üÔ̺¬VLifeGram¡¢VLife-Gram¡¢pyrogram-navy¡¢pyrogram-styled¡¢pyrogram-zeeb¡¢kelragram¡¢sepgram¼°pyrogram-kelra £¬ËüÃǾùÔ̺¬Ô­Ê¼PyrogramÔ´´úÂëÒÔά³ÖÖ°ÄÜÕý³£ £¬µ«¹¥»÷ÕßÔÚhelpersÄ£¿éÖжî±íÖ²ÈëÁËÃûΪsecret.pyµÄºóÃÅÎļþ¡£Pyrogram×÷Ϊһ¿îËäÒÑÖÕ³¡ÊØ»¤µ«ÈÔÔÚ¿í·ºÊ¹ÓõÄTelegram MTProto API¿ò¼Ü £¬ÆäPyPIÔÂÏÂÔØÁ¿¿¿½ü35Íò´Î £¬GitHub·ÖÖ§Êý³¬¹ý1400¸ö £¬ÌìÈ»³ÉΪ¹¥»÷ÕßÃÎÏëµÄͶ¶¾Ö¸±ê¡£¸ÃºóÃŵÄÔË×÷»úÔ켫Ϊ¾«Ãµ±ÊÜϰȾµÄ»úеÈËÆô¶¯Ê± £¬¶ñÒâ´úÂë»á×Ô¶¯×¢²á°µ²ØµÄTelegramºÅÁî´¦Ö÷¨Ê½ £¬Ê¹¹¥»÷Õß¿ÉÄÜͨ¹ýÏò»úеÈË·¢ËÍÌØ¶¨Ö¸ÁîÀ´Ô¶³ÌÖ´ÐÐËÁÒâ²Ù×÷¡£


https://www.bleepingcomputer.com/news/security/malicious-pypi-packages-give-hackers-control-of-telegram-bot-servers/


5. RustDuck½èRust³Áд £¬·´¼ì²âDDoSÀ´Ï®


6ÔÂ30ÈÕ £¬×Ô2026Äê2ÔÂÒÔÀ´ £¬Ò»¸öÃûΪRustDuckµÄÐÂÐÍÁ½½×¶Î¶ñÒâÈí¼þ¼Ò×åÕý´ó¹æÄ£½Ù³Ö¼ÒÓ÷ÓÉÆ÷¡¢IPÉãÏñÍ·¡¢°²×¿ºÐ×Ó¼°°²È«ÅäÖÃÓÄ΢µÄ·þÎñÆ÷ £¬½«Æä±àÖ¯³É¾ß±¸×³´óDDoS¹¥»÷ÄÜÁ¦µÄ½©Ê¬ÍøÂç¡£Óë¶à¶àͬÀà¶ñÒâÈí¼þÏà±È £¬RustDuckƾ½èÁ½´ó¸öÐÔÍÑÓ±¶ø³ö£ºÆäÒ» £¬Ö÷ÌâÄ£¿é´Ó´«Í³µÄC˵»°È«Ãæ³ÁдΪRust˵»° £¬ÏÔÖøÌáÉýÁËÄæÏò·ÖÎöµÄÄѶÈ£»Æä¶þ £¬Ð°汾ÒýÈëÁËÒ»Ì׸´Ôӵķ´·ÖÎöÓë×ÔÎÒ±£»¤»úÔì £¬Ö¼ÔÚ¶ã±Ü°²È«×êÑÐÈËÔ±µÄ¼ì²âÓë¹ýÎÊ¡£ÔÚ´«²¼Õ½ÊõÉÏ £¬RustDuck²¢Î´ÒÀÀµÈκθ߼¶·ì϶ £¬¶øÊÇ»ìºÏʹÓÃÁËһϵÁÐÒÑÖª°²È«È±µã £¬Ñ¡È¡"¹ãÈöÍø"Õ½Êõ¡£ÆäÈëÇÖõè¾¶ÖØÒªÔ̺¬ÈýÀࣺһÊÇÕë¶ÔÔ¶³ÌµÇ¼·þÎñ£¨TelnetºÍSSH£©µÄÈõÃÜÂë»òĬÈÏÃÜÂë½øÐб©Á¦ÆÆ½â£»¶þÊÇÀûÓôóÁ¿Î´½¨¸´µÄÉ豸·ì϶ £¬º­¸Ç»ªÎªHG532£¨CVE-2017-17215£©¡¢ÒÑÍ£²úµÄD-Link DIR-823X£¨CVE-2025-29635£©¡¢Totolink X6000R£¨CVE-2024-1781£©ÒÔ¼°Apache CouchDB£¨CVE-2018-8007£©µÈ £¬´Ë±í»¹Õë¶ÔÈñ½Ý¡¢TP-Link¡¢ÖÐÐ˵ȳ§É̵ÄÉ豸ȱµã½øÐй¥»÷£»ÈýÊǶÔ×¼WebÈí¼þÖеÄÒÑÖª·ì϶ £¬Ô̺¬ThinkPHP¡¢JenkinsºÍHadoop YARN £¬Ê¹Æä¹¥»÷Ãæ´ÓÁ®¼Û¼ÒÓÃÓ²¼þÀ©´óÖÁÆóÒµ¼¶Â¶³ö·þÎñÆ÷¡£


https://thehackernews.com/2026/06/rustduck-botnet-rebuilds-in-rust-to.html


6. ÈÕ±¾AflacÔâÍøÂç¹¥»÷ £¬438Íò¿Í»§ÐÅϢй¶


6ÔÂ30ÈÕ £¬ÈÕ±¾±£ÏÕ¾ÞÍ·AflacÅû¶ £¬ÆäÈÕ±¾×Ó¹«Ë¾Aflac Life Insurance JapanÔÚ6ÔÂ15ÈÕÖÁ25ÈÕÆÚ¼äÔâ·êÍøÂç¹¥»÷ £¬ºÚ¿ÍÈëÇÔìä±£µ¥³ÖÓÐÈËÃÅ»§ÍøÕ¾¡°Aflac Yoriso Net¡±¼°ÓйØÏµÍ³ £¬ÇÔÈ¡ÁËÔ¼438ÍòÃû¿Í»§ºÍ´úÀíÈ˵ÄÓ×ÎÒÐÅÏ¢¡£Æ¾¾Ý¸Ã¹«Ë¾ÏòÃÀ¹ú֤ȯÂòÂôίԱ»áÌá½»µÄ8-K±í¸ñ £¬Õâ´Î·¸·¨½Ó¼ûÓÚ6ÔÂ25ÈÕ±»·¢ÏÖ £¬¹«Ë¾Ëæ¼´ÔÝÍ£ÊÜÓ°ÏìϵͳÒÔ½ÚÔìÊÂ̬ £¬Ä¿Ç°²¿Ãſͻ§·þÎñÈÔÁÙʱÎÞ·¨Ê¹Óà £¬¸´Ô­¹¤×÷ÔÚ½øÐÐÖС£Ð¹Â¶µÄÊý¾ÝÀàÐÍÒò¿Í»§¶øÒì £¬¿ÉÄÜÔ̺¬ÐÕÃû¡¢µØÖ·¡¢µç»°ºÅÂë¡¢µ®ÉúÈÕÆÚ¡¢ÐԱ𡢰²È«ÉèÖᢱ£ÏÕÕË»§ÏêÇé £¬ÉõÖÁ²¿ÃÅÊÜÓ°ÏìÎļþ»¹Éæ¼°±£µ¥³Ð±£ÁìÓòϸ½Ú¼°ÒøÐÐÕË»§ÐÅÏ¢¡£AflacÇ¿µ÷ £¬Õâ´ÎÊÂÎñ½öÏÞÓÚÈÕ±¾ÒµÎñ £¬ÆäÃÀ¹úϵͳδÊܲ¨¼° £¬Ò²Î´±»¹¥»÷Õß½Ó¼û¡£¹«Ë¾ÒÑÔÚ±í²¿ÍøÂ簲ȫר¼ÒЭÖúÏ·¢Õ¹È«Ãæµ÷²é £¬²¢ÒÑÏòÈÕ±¾½ðÈÚÌü¼°ÆäËûÓйز¿ÃÅ´«µÝÇé¿ö £¬´òËãÒÔÐź¯´ó¾ÖÖðһ֪ͨÊÜÓ°ÏìÓ×ÎÒ £¬×¢Ã÷¾ßÌåй¶µÄÊý¾ÝÀà±ð¡£½ØÖÁĿǰ £¬ÉÐδȷÈÏÓÐÐÅÏ¢±»ÀÄÓõÄÇé¿ö²úÉú¡£


https://securityaffairs.com/194488/data-breach/hackers-steal-data-of-4-38-million-aflac-japan-customers.html