GitHubÏÖ200Óàµö¶ü¿â´«²¼Windows¶ñÒâÈí¼þ

°ä²¼¹¦·ò 2026-07-14
1. GitHubÏÖ200Óàµö¶ü¿â´«²¼Windows¶ñÒâÈí¼þ


7ÔÂ10ÈÕ £¬¹©¸øÁ´°²È«¹«Ë¾SocketÅû¶ £¬ÍþвÐÐΪÕß¹¹½¨ÁËÓÉ200¶à¸öGitHub´úÂë¿â×é³ÉµÄÍøÂç £¬ÓÃÓÚ´«²¼Windows¶ñÒâÈí¼þ¡£ÕâÏîÃûΪ¡°ÄཬÓë¸ºÔØÐж¯¡±µÄ»î¶¯Éæ¼°190¸öÕË»§ÖеÄ222¸öµö¶ü²Ö¿â £¬Ö÷ÌâÊÇÒ»¸ö¼Ù×°³ÉDNSɨÃ蹤¾ß£¨»ùÓںϷ¨ÏîÄ¿dnsub£©µÄGoÄ£¿é £¬Ö¼ÔÚ´¥·¢ÆëȫϰȾÁ´¡£×Ô2026Äê1ÔÂ24ÈÕÒÔÀ´ £¬¹¥»÷ÕßÒѰ䲼³¬1200¸öÈí¼þ°ü°æ±¾ £¬ÆäÖÐÔ¼700¸öΪ¶ñÒâ°æ±¾¡£Òì³£µÄ°ä²¼ÆµÂÊÔ´ÓÚ¹¥»÷ÕßÀûÓÃGitHub Actions¹¤×÷Á÷·´¸´ÌìÉú´ø¹¦·ò´ÁµÄÌá½»ÒÔ¸²¸Ç¶ñÒâÐÔÖÊ¡£¸ÃÄ£¿éÔ̺¬µÄPowerShellºÅÁîÔÚÖ°ºÎɨÃèÂß¼­Ç°ÔËÐÐ £¬ÀûÓôóÁ¿¿Õ¸ñ°µ²Ø×ÔÉí £¬»ñÈ¡µÄ¾ç±¾¿ÉÈÆ¹ýÖ´ÐÐÕ½ÊõÏÞ¶È £¬ÔÙ´Ó¹«¿ªÍ¶·Åµã»ñÈ¡¼ÓÃÜÓÐÐ§ÔØºÉ £¬¸ÃÔØºÉ³äÈνâÎöÆ÷¡¢ÏÂÔØÆ÷¡¢ÌáÈ¡Æ÷ºÍÆô¶¯Æ÷ £¬½âÃÜURL¡¢¼ìË÷ÊÜÃÜÂë±£»¤µÄѹËõ°ü²¢Ö´ÐÐÆäÖÐÄÚÈÝ¡£¹¥»÷ÕßʹÓÃPastebin¡¢YouTube¡¢Telegram¡¢Google DocsµÈ¶à¸ö¹«¹²Æ½Ì¨ÍйܾµÏñ×ÊÁÏ £¬Ìá¸ß¹¥»÷µ¯ÐÔ¡£×îÖÕ²¿ÊðµÄÓÐÐ§ÔØºÉÔ̺¬AsyncRAT¡¢Quasar RAT¡¢RemcosÀàÔ¶¿ØÄ¾Âí¡¢VidarÐÅÏ¢ÇÔÈ¡·¨Ê½ £¬ÒÔ¼°XMRig/BitMinerÃÅÂÞ±ÒÍÚ¿ó·¨Ê½¡£


https://www.securityweek.com/network-of-200-github-repositories-used-for-malware-infection/


2. LidlµÚÈý·½·þÎñÉÌÔâ¹¥»÷ £¬¶à¹ú¿Í»§Êý¾Ýй¶


7ÔÂ10ÈÕ £¬ÕÛ¿Û³¬ÊоÞÍ·Lidl½üÈÕÏò±ÈÀûʱ¡¢µÂ¹úºÍºÉÀ¼µÄ¹Ë¿Í·¢³ö֪ͨ £¬·î¸æÆäÓ×ÎÒÐÅÏ¢ÒòµÚÈý·½·þÎñÌṩÉ̵ÄIT°²È«ÊÂÎñ¶øÔ⵽й¶¡£ÊÜÓ°Ïì¿Í»§ÒÑÊÕµ½µç×ÓÓʼþ £¬ÖÒ¸æËûÃǾ¯ÌèºóÐø¿ÉÄܳöÏÖµÄÍøÂç´¹µö¹¥»÷¡£Æ¾¾ÝLidl·¢Ë͵ÄÓʼþ×¢Ã÷ £¬Ò»¼Òδ¾ßÃûµÄµÚÈý·½·þÎñÌṩÉÌÔâ·ê°²È«ÈëÇÖ £¬µ¼ÖÂÒ»ÃûÉí·Ý²»Ã÷µÄ¹¥»÷Õß»ñÈ¡ÁËLidlÔÚÏßÉ̵êµÄ¾ßÌå¿Í»§ÐÅÏ¢¡£Ð¹Â¶µÄÊý¾Ý×Ö¶ÎÔ̺¬ÐÕÃû¡¢µç»°ºÅÂë¡¢µç×ÓÓʼþµØÖ·¡¢µ®ÉúÈÕÆÚºÍ¿Í»§±àºÅ¡£LidlÔÚ֪ͨÖÐ̹³Ð£º¡°Ä¿Ç° £¬ÎÒÃDz»ÄÜÅųýÕâ´ÎÐ¹Â¶Éæ¼°ÃÜÂë¡¢Õ˵¥µØÖ·¡¢ËÍ»õµØÖ·¡¢ÒøÐÐÕË»§ÐÅÏ¢»òÆäËûÖ§¸¶ÐÅÏ¢¡£¡±µ«¹«Ë¾Í¬Ê±Ç¿µ÷ £¬¿Í»§µÄÔÚÏßÕË»§×ÔÉíδÊܵ½Ö±½ÓÓ°Ïì £¬¼´ÕË»§µÇ¼ƾ֤ºÍÄÚ²¿Ö°ÄÜά³Ö°²È«¡£ÊÂÎñ²úÉúºó £¬Lidl°µÊ¾¸ÃµÚÈý·½·þÎñÌṩÉÌÒѵ±¼´ÏìÓ¦ £¬²ÉÈ¡Á˱ØÒª´ëÊ©È«Ãæ¸´Ô­ÊÜÓ°ÏìµÄITϵͳ¡£Í¬Ê± £¬LidlÒÑÏò¾¯·½±¨°¸ £¬²¢ÀñƸ±í²¿°²È«×¨¼Ò¶ÔÊÂÎñ·¢Õ¹µ÷²é £¬ÒÔÈ·¶¨·ì϶µÄµ××ÓÔ­ÒòºÍÈ«ÊýÓ°ÏìÁìÓò¡£±ÈÀûʱ¡¢µÂ¹úºÍºÉÀ¼µÄÊý¾Ý±£»¤¼à¹Ü»ú¹¹¾ùÒÑ»ñϤ´ËÊ £¬LidlÔÚ¹²Í¬Óйز¿ÃŵÄѯÎʺÍÒªÇó¡£


https://cybernews.com/security/microsoft-ai-patch-tuesday-future-security-updates/


3. ÈÕ±¾×î´óµÄ³ö×â³µÔËÓªÉÌÔâ·êÍøÂç¹¥»÷


7ÔÂ13ÈÕ £¬ÈÕ±¾×î´óµÄ³ö×â³µÔËÓªÉÌÈÕ±¾½»Í¨¹«Ë¾½üÈÕ֤ʵ £¬ÆäÄÚ²¿ÏµÍ³ÔÚÖÜÄ©Á賿Ôâ·êÍøÂç¹¥»÷ £¬µ¼ÖÂÔ̺¬³ö×â³µµ÷¶ÈϵͳÔÚÄڵĶàÏîÖ÷Ìâ·þÎṉ̃»¾¡£¸Ã¹«Ë¾ÄêÊÕÈëÔ¼10ÒÚÃÀÔª £¬Õ¼Óг¬¹ý1.8ÍòÃûÔ±¹¤ £¬ÔËÓª×ÅÓâÍòÁ¾³ö×â³µºÍר³µ¡£¹¥»÷²úÉúºó £¬¹«Ë¾´¹Î£¶Â½ØÊÜϰȾϵͳÒÔÔ¤·ÀÇÖº¦À©É¢ £¬µ«Æû³µ×âÁÞ¡¢ÍøÉϼ°µç»°Ô¤Ô¼¡¢µ÷¶ÈÖÎÀíµÈ¶à¸öÄÚ²¿ÏµÍ³ÖÁ½ñÈÔδ¸´Ô­¡£ÊÜ´ËÓ°Ïì £¬¶«¾©¡¢ºá±õ¡¢ˆÎÓñµÈÖØÒª³ÇÊеġ°ÁÙÝê³ö×â³µ¡±·þÎñ±»ÆÈÔÝÍ£ £¬¸ø¼±Ðè¾ÍÒ½µÄÔи¾´øÀ´¼«´ó²»±ã£»Í¨³£³Ë¿ÍÔò±»½¨Òé¸ÄÓá°GO¡±½Ð³µÀûÓûòǰÍù·±ßÕ¾µãºò³µ¡£ÈÕ±¾½»Í¨ÒÑÀñƸ±í²¿ÍøÂ簲ȫר¼Ò·¢Õ¹µ÷²éºÍϵͳ½¨¸´ £¬Ä¿Ç°ËäδȷÈϲúÉúÊý¾Ýй¶ £¬µ«ÕýÆÀ¹À¸Ã¿ÉÄÜÐÔ £¬²¢³ÐŵÈçÓÐнøÕ¹½«ÊµÊ±²¼¸æ¡£Í¬Ê± £¬¹«Ë¾ÌáÐѿͻ§¾¯Ìè¼ÙÒâ¹Ù·½µÄ¿ÉÒÉÓʼþ £¬Ô¤·À´ò¿ª¸½¼þ»òµã»÷Á´½Ó¡£½ØÖÁ±¨Â·°ä²¼ £¬ÉÐÎÞÀÕË÷ÍÅ»ïÐû³Æ¶ÔÊÂÎñÕÆ¹Ü¡£


https://www.bleepingcomputer.com/news/security/japans-largest-taxi-operator-shuts-systems-after-cyberattack/


4. Jscrambler npm°üÔâ´Û¸Ä £¬½ü1500´ÎÏÂÔØ


7ÔÂ13ÈÕ £¬¿Í»§¶ËÍøÂ簲ȫ¹«Ë¾Jscrambler½üÈÕÅû¶ £¬Æä¹Ù·½npm°üÔâÍþвÐÐΪÕß´Û¸Ä £¬°ä²¼ÁËÔ̺¬ÐÅÏ¢ÇÔÈ¡¶ñÒâÈí¼þµÄ¶ñÒâ°æ±¾ £¬Éæ¼°8.14¡¢8.16¡¢8.17ºÍ8.20Ëĸö°æ±¾¡£ÕâЩ¶ñÒâ°üÔÚ¡°Ô¤×°Öá±¹³×ӽ׶μ´Ö´ÐжñÒâ´úÂë £¬ÇÔÈ¡¿ª·¢Õß±¾µØ»·¾³ÖеÄÃô¸ÐÊý¾Ý¡£ÊÂÎñ²úÉúºóµÄÁ½Ó×ʱÄÚ £¬¶ñÒâ°ü±»ÏÂÔØ¶à´ï1479´Î £¬Ö»¹ÜJscramblerѸ¿ìÆúÓÃÎÊÌâ°æ±¾²¢°ä²¼°²È«°æ±¾8.22 £¬Í¬Ê±´úÌæÁËÊÜÓ°ÏìµÄËĸöÒÀÀµ°ü £¬µ«Ó°ÏìÁìÓòÒÑÏ൱¿í·º¡£¾ÝÀûÓð²È«¹«Ë¾Socket¼ì²â·ÖÎö £¬¸Ã¶ñÒâÈí¼þÀûÓÃChaCha20-Poly1305¼ÓÃÜËã·¨¶Ô¶ñÒâ´úÂë½øÐи߶ȻìºÏ £¬´ó·ùÔö³¤ÁËÄæÏò·ÖÎöÄѶÈ £¬ÆäÇÔȡָ±êº­¸ÇÔ´´úÂë¡¢ÏîÄ¿Îļþ¡¢¿ª·¢Õ߯¾Ö¤¡¢Ö÷Á÷ÔÆ·þÎñÃÜÔ¿¡¢AI±àÂ빤¾ßÅäÖᢼÓÃÜÇ®±ÒÇ®°üÖú¼Ç´Ê¡¢ä¯ÀÀÆ÷Cookie¼°±£ÁôµÄÍ´´¦ £¬ÉõÖÁÔ̺¬Slack¡¢Discord¡¢TelegramµÈ¼´Ê±Í¨Ñ¶ÀûÓÃÊý¾Ý £¬ÏÕЩ¸²¸ÇÁË¿ª·¢Õß¹¤×÷»·¾³ÖеÄËùÓйؼüÐÅÏ¢¡£Jscrambler°µÊ¾ £¬Õâ´ÎÈëÇÖÔ´ÓÚnpm°ä²¼Í´´¦Ð¹Â¶ £¬¹«Ë¾Òѳ·ÏúÓÐ¹ØÆ¾Ö¤²¢ÔÚ°ä²¼Á÷³ÌÖÐÔöÉè¶î±í°²È«½ÚÔì´ëÊ©¡£


https://www.bleepingcomputer.com/news/security/hackers-backdoor-jscrambler-npm-package-with-infostealer-malware/


5. macOS¶ñÒâÈí¼þCrashStealerÇÔȡƾ֤¼ÓÃÜÇ®°ü


7ÔÂ13ÈÕ £¬°²È«×êÑÐÈËÔ±·¢ÏÖÒ»¿îÃûΪCrashStealerµÄÐÂÐÍmacOSÐÅÏ¢ÇÔÈ¡¶ñÒâÈí¼þ £¬¼Ù×°³ÉÆ»¹û±ÀÀ£»ã±¨¹¤¾ß £¬Í¨¹ý¾­ÊðÃû¹«Ö¤µÄͶ·ÅÆ÷ÈÆ¹ýGatekeeper°²È«»úÔì¡£Æô¶¯ºóÏÔʾαÔìÃÜÂëÌáÐÑ £¬Æ­È¡Óû§ÊäÈëÒÔ½âËøÔ¿³×´® £¬½ø¶øÇÔÈ¡SafariµÇ¼ÐÅÏ¢¡¢Wi-FiÃÜÂ롢˽Կ¼°Ö¤Ê顣ͬʱ¶Ô×¼80Óà¿î¼ÓÃÜÇ®°üÀ©´ó£¨ÈçMetaMask¡¢Phantom£©ºÍ14¿îÃÜÂëÖÎÀíÆ÷£¨Èç1Password¡¢Bitwarden£© £¬²¢É¨ÃèÓû§ÎĵµÄ¿Â¼ÏµÄÎļþ¡£ÇÔÈ¡Êý¾ÝѡȡAES-256-GCMÇ¿¼ÓÃÜ £¬´ò°üºóÉÏ´«ÖÁºÅÁîÓë½ÚÔì·þÎñÆ÷¡£¸Ã¶ñÒâÈí¼þ5Ô±»·¢ÏÖ¿ª·¢ÖÐ £¬7Ô³õÒÑÓÃÓÚÏÖʵ¹¥»÷¡£³õʼ´«²¼Í¨¹ý6ÔÂÏÂÑ®×¢²áµÄÐéαÈí¼þÍøÕ¾·Ö·¢ £¬ÏÂÔØÐèÊäÈëPINÂë £¬Åú×¢¹¥»÷ÓµÓÐÕë¶ÔÐÔ¡£CrashStealer¾ß±¸³ÁÐÂÊðÃûÄÜÁ¦ £¬¿É¶¯Ì¬Å¤×ª¹þÏ£ÖµÒÔÌӱܼì²â¡£Ö»¹ÜÓëAtomicµÈ¼Ò×åÖ¸±ê³Áµþ £¬Æä¹ÖÒì¼ÓÃÜ»úÔìºÍÔ­ÉúC++ʵÏÖʹÆä×Ô³ÉÒ»¼Ò¡£°²È«¹«Ë¾JamfÒѰ䲼ÈëÇÖÖ¸±ê»ã±¨ £¬½¨ÒémacOSÓû§½ö´Ó¹Ù·½Çþ·ÏÂÔØÈí¼þ £¬¾¯ÌèÒì³£ÃÜÂëÌáÐÑ¡£


https://www.bleepingcomputer.com/news/security/new-crashstealer-malware-poses-as-apple-crash-reporting-tool/


6. ¾Å¹úÖÒ¸æ¶íºÚ¿ÍÀûÓ÷ÓÉÆ÷·ì϶¹¥¹Ø¼üÉèÊ©


7ÔÂ13ÈÕ £¬ÃÀ¹ú¡¢Ó¢¹ú¡¢°Ä´óÀûÑÇ¡¢¼ÓÄôóµÈ¾Å¹úµÄÍøÂ簲ȫ»ú¹¹½üÈÕ½áºÏ°ä²¼ÖÒ¸æ £¬Ö¸³Æ¶íÂÞ˹Áª¹ú°²È«¾ÖµÚ16ÖÐÐĵĺڿÍ×éÖ¯ÕýϵͳÐÔµØÒÔ´æÔÚ·ì϶ºÍÅäÖò»µ±µÄ·ÓÉÆ÷ÎªÌø°å £¬ÉøÈë¹Ø¼ü»ù´¡ÉèÊ©ÍøÂç¡£¸Ã×éÖ¯±»×·×ÙΪBerserk Bear¡¢Energetic Bear¡¢DragonflyµÈ¶à¸ö´úºÅ £¬Æä¹¥»÷ÊÖ·¨ÖØÒªÊÇɨÃè¹«ÍøIPµØÖ·¶Î £¬Ñ°ÕÒÈÔʹÓÃĬÈÏ»ò³£¼ûSNMP£¨µ¥Ò»ÍøÂçÖÎÀíºÍ̸£©¼¯Ìå×Ö·û´®µÄ·ÓÉÆ÷ £¬ËæºóÀûÓÃαÔìIPµØÖ··¢ËÍÖ¸Áî £¬¸´ÔìÉ豸ÅäÖÃÎļþ²¢Í¨¹ýTFTPºÍ̸й¶ÖÁ±í²¿½ÚÔì·þÎñÆ÷¡£´Ë±í £¬FBIÔçÔÚ2025Äê8Ô±ãÖÒ¸æ³Æ £¬Í³Ò»×éÖ¯×Ô2021Äê11ÔÂÒÔÀ´³ÖÐøÀûÓÃCisco IOSºÍIOS XEÈí¼þÖÇÄÜ×°ÖÃÖ°ÄÜÖеĸßΣ·ì϶CVE-2018-0171 £¬¶Ô¹Ø¼üÖ¸±êÖ´ÐÐÈëÇÖ¡£ÊÜÍþв×îÑϳÁµÄÐÐÒµÔ̺¬ÄÜÔ´¡¢Í¨Ñ¶¡¢¹ú·À¹¤Òµ»ùµØ¡¢Ò½ÁƱ£½¡¡¢½ðÈÚ·þÎñ¼°µ±¾Ö·þÎñµÈ¡£ÎªÓ¦¶ÔÕâÒ»³ÖÐøÍþв £¬½áºÏÕ÷ѯ»ã±¨ÌṩÁËÏ꾡µÄ»º½â´ëÊ© £¬Ô̺¬Éý¼¶ÖÁ¸ü°²È«µÄSNMPv3¡¢½ûÓÃCisco Smart InstallÖ°ÄÜ¡¢Ç¿ÔìÖ´ÐÐÇ¿ÃÜÂëÕ½Êõ¡¢ÔÚ±ßÔµ·À»ðǽ·â¶ÂTFTPºÍSNMPÁ÷Á¿¡¢ÊµÊ±¸üй̼þ²¢´úÌæÒÑÍ£²úµÄÉ豸¡£


https://www.bleepingcomputer.com/news/security/us-and-allies-share-defense-tips-against-russian-hackers-targeting-critical-infrastructure/