Lapsus$ÍÅ»ïÇÔÈ¡Ò˼ÒÌØÐí¾ÓªÉÌ180GBÄÚ²¿Êý¾Ý
°ä²¼¹¦·ò 2026-06-046ÔÂ2ÈÕ£¬ÃûΪLapsus$µÄÍþвÐÐΪÕß½üÈÕÐû³Æ£¬ÒÑ´ÓÒË¼ÒÆ·ÅÆ×î´óµÄÌØÐí¾ÓªÉÌÓ¢¸ñ¿¨¼¯ÍÅÇÔÈ¡ÁË180GBÄÚ²¿Êý¾Ý£¬Ä¿Ç°Õý¹ÒÅÆÏúÊÛ¡£Ó¢¸ñ¿¨¼¯ÍÅÔÚÈ«Çò32¸ö¹ú¶È¾Óª×ÅÊý°Ù¼ÒʵÌåÃŵ꼰Êý×ÖÇþ·¡£¾Ý³Æ£¬Ð¹Â¶µÄÊý¾ÝÔ̺¬ÄÚ²¿Ô´´úÂë¡£Ö»¹ÜÒ˼ÒÉÐδÕýʽȷÈÏÕâ´ÎÊý¾Ýй¶ÊÂÎñ£¬µ«ÈôÊÇÖ¸¿ØÊôʵ£¬Õâ¼ÒÈ«Çò×î´óµÄ¼Ò¾ßÁãÊÛÉ̽«Ãæ¶ÔÑϳÁµÄ°²È«·çÏÕ¡£¹¥»÷ÕßÔÚÆäÍÅ»ïÍøÕ¾Éϰ䲼ÁËÊý¾ÝÇåµ¥£¬Ðû³ÆÊý¾Ý¼¯Ô̺¬¡°È«Çòµç×ÓÉÌÎñ¼Ü¹¹ºÍÄÚ²¿ºÏ×÷ƽ̨µÄÆëȫӳÉ䡱£¬ÒÔ¼°¡°¹©¸øÁ´ÎïÁ÷¡¢ÔÆ»ù´¡ÉèÊ©ºÍAI/MLOps´æ´¢¿â¡±¡£Îª×ôÖ¤Æä˵·¨£¬ÍþвÐÐΪÕß°ä²¼ÁËÒ»¸öÑù±¾Îļþ£¬¸ÃÎļþÔ̺¬Ô¼6300¸öĿ¼µÄĿ¼Ê÷½á¹¹£¬µ«²¢Î´Ô̺¬ÏÖʵÎļþÄÚÈÝ¡£×êÑÐÈËÔ±Éó²éºó·¢ÏÖ£¬Ä¿Â¼Ãû³Æ°µÊ¾Á˾ݳÆÐ¹Â¶µÄÊý¾ÝÐÔÖÊ£¬¿ÉÄÜÔ̺¬Ò˼ҿª·¢µÄ¸÷À๤¾ßºÍÀûÓ÷¨Ê½µÄÔ´´úÂë¿â£¬ÈçÄÚ²¿Êý¾Ý·ÖÎö¹¤¾ß¡¢ÄÚÈÝÖÎÀíϵͳ£¨CMS£©¡¢Ò˼Ұ²×¿ÀûÓÃÒÔ¼°ÄÚ²¿ÒµÎñÀûÓ÷¨Ê½¡£È»¶ø£¬ÓÉÓÚÎÞ·¨½Ó¼ûµ×²ãÎļþ£¬Ä¿Ç°ÈÔ²»ÄÜÈ·¶¨ÕâЩ´æ´¢¿âÊÇ·ñÕæµÄÔ̺¬Ô´´úÂë¡¢ÅäÖÃÎļþ¡¢Í´´¦»ò¿Í»§ÐÅÏ¢¡£
https://cybernews.com/security/ikea-source-code-data-sale-lapsus/
2. ºÚ¿Í¶¢É϶³öÔÚ»¥ÁªÍøµÄ´¢¹Þ¼ÆÁ¿ÏµÍ³
6ÔÂ3ÈÕ£¬ÃÀ¹úÍøÂ簲ȫºÍ»ù´¡ÉèÊ©°²È«¾Ö½áºÏÁª¹úµ÷²é¾Ö¡¢¹ú¶È°²È«¾Ö¡¢ÄÜÔ´²¿µÈ¶à¸öµ±¾Ö»ú¹¹½üÈÕ°ä²¼ÖҸ棬ָ³öºÚ¿ÍÕý»ý¼«¹¥»÷¶³öÔÚ»¥ÁªÍøÉϵÄ×Ô¶¯´¢¹Þ¼ÆÁ¿ÏµÍ³¡£ÕâÀàϵͳ¿í·ºÀûÓÃÓÚÄÜÔ´¡¢»¯¹¤¡¢Ê³Æ·¡¢Å©Òµ¼°½»Í¨ÔËÊäµÈ¹Ø¼ü»ù´¡ÉèÊ©ÁìÓò£¬ÓÃÓÚÔ¶³Ì¼à¿Ø´¢¹ÞµÄҺλ¡¢Î¶ȼ°Ð¹Â©Çé¿ö¡£¹ÌÈ»ÃÀµ±¾ÖÉÐ佫Óйػ¹é×ïÓÚÈκÎÌØ¶¨¹ú¶È»ò×éÖ¯£¬µ«´ËǰÓб¨Â·³ÆÒÁÀʺڿÍÔøÉæ¼°¶àÆðÕë¶Ô¼ÓÓÍÕ¾´¢¹ÞϵͳµÄÈëÇÖÊÂÎñ¡£¾Ý²¼¸æÅû¶£¬¹¥»÷Õßͨ¹ýÉí·ÝÑéÖ¤ÈÆ¹ý·ì϶¡¢Ó²±àÂëÍ´´¦¡¢²Ù×÷ϵͳºÅÁî×¢Èë¡¢SQL×¢ÈëÒÔ¼°È¨ÏÞÌáÉýµÈ¶àÖÖ·½Ê½£¬³É¹¦ÈëÇÖÁªÍøµÄATGϵͳ£¬²¢Ô¶³ÌÖ´ÐжñÒâºÅÁî¡£Ò»µ©µÃÊÖ£¬¹¥»÷ÕßÄܹ»´Û¸ÄϵͳÉèÖã¬Ô̺¬ÍøÂçÅäÖᢲúÆ·±êʶ·û¡¢´¢¹ÞÈÝ»ý²ÎÊý¼°±Ã½ÚÔìÖ¸Á»¹Äܱ¨´ð¹Ø¹Ø¾¯±¨»òÔì×÷×è°£¬¹ÊÕϲÙ×÷ÈËԱʵʱ¼à¿ØÒºÎ»£¬´Ó¶øÏÔÖøÔö³¤Ð¹Â©»òÉ豸¹ÊÕϵķçÏÕ¡£ÎªÓ¦¶ÔÕâÒ»Íþв£¬CISAµÈ»ú¹¹¶½´ÙÓйØ×éÖ¯Á¢¼´²ÉÈ¡·À»¤´ëÊ©£º½«ATGϵͳÓ뻥ÁªÍø¸ôÀ룬ͨ¹ý·À»ðǽ¡¢VPN»ò½Ó¼û½ÚÔìÁбíÑϸñÏÞ¶ÈÔ¶³Ì½Ó¼û£¬¸ü»»ËùÓÐĬÈÏÃÜÂ룬ÆôÓÃÇ¿ÃÜÂëÕ½ÊõºÍ¶à³É·ÖÈÏÖ¤£¬ÊµÊ±×°Öð²È«¸üУ¬²¢³ÖÐø¼à¿ØÏµÍ³ÊÇ·ñ´æÔÚδ¾ÊÚȨµÄÅäÖõ÷»»¡£
https://www.bleepingcomputer.com/news/security/cisa-warns-of-cyberattacks-targeting-fuel-tank-monitoring-systems/
3. UltrahumanÔâºÚ¿ÍÈëÇÖ£¬¿Í»§½¡¿µÊý¾Ýй¶
6ÔÂ3ÈÕ£¬¿É´©´÷½¡¿µ¿Æ¼¼²Ý´´¹«Ë¾Ultrahuman½üÈÕÅû¶£¬Ò»Â·°²È«·ì϶µ¼Ö²¿Ãſͻ§µÄ½¡¿µÊý¾Ý±»Î´¾ÊÚȨ½Ó¼û¡£¸Ã¹«Ë¾×ܲ¿Î»ÓÚÓ¡¶È£¬ÒÔÖÇÄܽäÖ¸ºÍ´úл½¡¿µ×·×ÙÉ豸ÎÅÃû£¬Æä×î³ÛÃû²úƷΪÓëOura Ring¾ºÕùµÄRing Air£¬½üÆÚ»¹ÍƳöÁËÉý¼¶°æRing Pro¡£¾ÝUltrahuman֤ʵ£¬Õâ´ÎÊÂÎñ²úÉúÓÚ3ÔÂ27ÈÕ£¬ºÚ¿Íͨ¹ý¶ñÒâÈí¼þÇÔÈ¡ÁËÒ»ÃûÔ±¹¤µÄ±Ê¼Ç±¾µçÄÔÆ¾Ö¤£¬½ø¶ø½Ó¼ûÁËÓÃÓÚÄÚ²¿ÃÅÎöµÄϵͳ¡£¹«Ë¾³Æ£¬Æä°²È«¾¯±¨ÏµÍ³ÔÚÊýÓ×ʱÄÚ¼ì²âµ½ÈëÇÖ£¬ËæºóѸËÙ½«ÊÜÓ°ÏìϵͳÀëÏߣ¬²¢³·ÏúÁËËùÓнӼûȨÏÞ¡£Æ¾¾Ý¸Ã¹«Ë¾´Ëǰ°ä²¼µÄÔ¼70ÍòÔ»îÔ¾Óû§Êý¾Ý£¬Ô¼0.1%µÄÓû§Êܵ½Ó°Ï죬ÕâÒâζ×ÅÖÁÉÙÓÐ700Ãû¿Í»§µÄ½¡¿µÊý¾Ý±»Ð¹Â¶¡£Ultrahumanδ·ñ¶¨ÕâÒ»Êý×Ö£¬µ«»Ø¾øÐ¹Â©¾ßÌåÈËÊý¡£¹«Ë¾Ç¿µ÷£¬ÃÜÂë¡¢Ö§¸¶ÐÅÏ¢¡¢³ö²úϵͳÒÔ¼°Ultrahuman RingÉ豸×ÔÉí¾ùδÔ⵽й¶¡£Ê×ϯִÐйÙMohit Kumar°µÊ¾£¬¹«Ë¾ÒÑѸËÙ½¨¸´·ì϶£¬²¢ÔÚ֪ͨÓйؼà¹Ü»ú¹¹¡£
https://techcrunch.com/2026/06/03/ultrahuman-says-hackers-accessed-customers-wellness-data-via-internal-tool/
4. IMA Diligence ServicesÊý¾Ýй¶²¨¼°Óâ52ÍòÈË
6ÔÂ3ÈÕ£¬IMA Diligence ServicesÊÇÒ»¼ÒΪ²¢¹º¼°¹«Ë¾ÂòÂôÌṩ²ÆÕþÕ÷ѯ·þÎñµÄ»ú¹¹£¬Ò²ÊÇIMA½ðÈÚ¼¯ÍŵÄ×Ó¹«Ë¾¡£¸Ã¹«Ë¾ÔÚ֪ͨ³¬¹ý52.5ÍòÃûÓ×ÎÒ£¬ÆäÓ×ÎÒÐÅÏ¢ÔÚ2024Äê12Ô²úÉúµÄÊý¾Ýй¶ÊÂÎñÖб»µÁ¡£¾Ý¹«Ë¾¹ÙÍø°ä²¼µÄÊÂÎñ֪ͨ£¬¸ÃÊÂÎñÓÚ12ÔÂÖÐÑ®±»·¢ÏÖ£¬Æäʱһ̨ÓɵÚÈý·½ÖÎÀíµÄ¾É·þÎñÆ÷ÎÞ·¨½Ó¼û¡£·¢Ïֺ󣬹«Ë¾Á¢¼´Í¨Öª·¨Âɲ¿ÃŲ¢·¢Õ¹µ÷²é£¬Í¬Ê±ÀñƸ±í²¿ÍøÂ簲ȫר¼ÒÐÖú¡£µ÷²éÏÔʾ£¬¹¥»÷ÕßÔÚ12ÔÂ8ÈÕÖÁ12ÔÂ16ÈÕÆÚ¼ä½Ó¼ûÁ˸÷þÎñÆ÷²¢ÇÔÈ¡ÁËijЩÎļþ¡£¾Êý¾ÝÉó²éÈ·ÈÏ£¬Ð¹Â¶ÐÅÏ¢Ô̺¬ÐÕÃû¡¢µØÖ·¡¢Éç»á±£ÏÕºÅÂë¡¢¼ÝÊ»ÅÆÕÕºÅÂ룬ÒÔ¼°²ÆÕþÐÅÏ¢ÈçÕ˺źÍÐÅÓþ¿¨ºÅ¡¢Ò½Áƺͽ¡¿µ±£ÏÕÐÅÏ¢£¬²¿ÃÅÇé¿öÏ»¹Éæ¼°»¤ÕÕºÅÂëºÍÄÉ˰È˼ø±ðºÅ¡£¹«Ë¾ÏòÓ¡µÚ°²ÄÉÖÝ×ܼì²ì³¤°ì¹«Êһ㱨³Æ£¬¹²ÓÐ525,306ÈËÊܵ½Ó°Ïì¡£×÷Ϊ»ØÓ¦£¬IMA Diligence Services½«ÎªÊÜÓ°ÏìÓ×ÎÒÌṩΪÆÚ12¸öÔµÄÃâ·ÑÐÅÓþ¼à¿ØºÍÉí·Ý¸´Ô·þÎñ¡£¹ÌÈ»¹«Ë¾Í¨ÖªÎ´Åû¶¹¥»÷Õßϸ½Ú£¬µ«GenesisÀÕË÷Èí¼þ×éÖ¯ÒÑÐû³Æ¶Ô´ËÕÆ¹Ü¡£1ÔÂÏÂÑ®£¬¸ÃÍŻォÆäÁÐÈë»ùÓÚTorµÄÐ¹Â¶ÍøÕ¾£¬Ðû³Æ´Ó¸Ã¹«Ë¾ÇÔÈ¡ÁË700GBÊý¾Ý£¬Ô̺¬Ó×ÎÒÐÅÏ¢¡¢Ã³Ò×ÎļþºÍ»úÃÜÎļþ¡£
https://www.securityweek.com/ima-diligence-services-data-breach-impacts-525000-people/
5. AndroidÁãÈÕ·ì϶CVE-2025-48595ÒÑÔâÀûÓÃ
6ÔÂ3ÈÕ£¬¹È¸èÓÚ2026Äê6Ô°䲼ÁËAndroid°²È«¸üУ¬½¨¸´Á˸ÃÒÆ¶¯²Ù×÷ϵͳÖеÄ124¸ö·ì϶¡£ÆäÖбàºÅΪCVE-2025-48595¡¢CVSSÆÀ·Ö¸ß´ï8.4µÄ·ì϶ÓÈΪΣÏÕ£¬ÓÉÓÚËüÒѱ»ÓÃÓÚÏÖʵ¹¥»÷¡£¸Ã·ì϶ӰÏìÔËÐÐAndroid 14¡¢15¡¢16¼°Android 16 QPR2µÄÉ豸£¬ÓÉÕûÊýÒç³öÎÊÌâÒý·¢£¬¿Éµ¼Ö´úÂëÖ´ÐкÍȨÏÞÌáÉý¡£¹¥»÷Õß¿ÉÄÜÔÚÎÞÐè¶î±íȨÏÞµÄÇé¿öÏ»ñµÃϵͳ¸ß¼¶½Ó¼ûȨÏÞ¡£¹È¸è֤ʵ£¬Óм£ÏóÅú×¢¸Ã·ì϶ÕýÔâ·ê¡°ÓÐÏ޵ġ¢ÓÐÕë¶ÔÐÔµÄÀûÓá±£¬µ«Î´Ð¹Â©¹¥»÷ÕßÉí·Ý¡¢Êܺ¦ÕßÊýÁ¿¼°¾ßÌåÀûÓ÷½Ê½¡£ÏÖ½×¶ÎÉÐÎÞ¹«¿ªÖ¤¾Ý½«¸Ã·ì϶ÓëÌØ¶¨¹¥»÷Õß¹ØÁª£¬µ«¶àÏî¼£ÏóÅú×¢ÕâÊÇÒ»Ìõ¸´ÔӵĹ¥»÷Á´¡£¸Ã·ì϶λÓÚAndroid¿ò¼Ü£¬²Ù×÷ϵͳ×îÃô¸ÐµÄ²ã¼¶Ö®Ò»£¬ÎÞÐèÓû§½»»¥¼´¿É´¥·¢¡£×êÑÐÈËÔ±ÒÔΪ£¬×î¿ÉÄܵÄÇé¾°ÊǶñÒâÀûÓ÷¨Ê½ÔÚ×°ÖúóÀûÓø÷ì϶»ñÈ¡¸ü¸ßȨÏÞ£¬×îÖÕÆëÈ«½ÚÔìÉ豸¡£ÃÀ¹úÍøÂ簲ȫºÍ»ù´¡ÉèÊ©°²È«¾ÖÒÑÓÚ2026Äê6ÔÂ2ÈÕ½«¸Ã·ì϶ÁÐÈëÒÑÖªÀûÓ÷ì϶Ŀ¼£¬ÒªÇóÁª¹úÃñÊÂÐÐÕþ²¿ÃÅ»ú¹¹ÔÚ6ÔÂ5ÈÕǰʵÏÖ½¨¸´¡£
https://securityaffairs.com/193057/breaking-news/google-patches-actively-exploited-android-flaw-affecting-millions-of-devices.html
6. °¬ÃÀ½±¹ÙÍøÐ¹Â¶AWSƾ֤£¬ÄÚ²¿×ÊÔ´ÏÕÔâÈëÇÖ
6ÔÂ3ÈÕ£¬ËÄÔ³õ£¬ÍøÂ簲ȫ×êÑÐÍŶÓÊÕµ½ÄäÃû¾Ù±¨£¬³Æ°¬ÃÀ½±¹Ù·½Æ½Ì¨Emmy.tv´æÔÚÑϳÁ°²È«·ì϶¡£ÃÀ¹ú¹ú¶ÈµçÊÓÒÕÊõÓë¿ÆÑ§Ñ§ÔºµÄ¹Ù·½Æ½Ì¨ÔÚÒ»´Î¸üкó£¬ÑÇÂíÑ·ÍøÂç·þÎñƾ֤±»Òâ±íй¶¡£¹ÌÈ»ÎÞ·¨°Ù·ÖÖ®°ÙÈ·¶¨ÔÒò£¬µ«ÔÚ´óÎÞÊý´ËÀàÊÂÎñÖУ¬±¨´ðÃýÎóÊÇÖØÒª³É·Ö¡£ÕâЩƾ֤×÷Ϊ¹«¿ª¿É½Ó¼ûµÄHTML´úÂëµÄÒ»²¿ÃŰ䲼£¬ËùÓÐä¯ÀÀÆ÷ÔÚ½Ó¼ûÍøÕ¾Ê±³ÇÊÐÏÂÔØ¸Ã´úÂ롣ƾ¾Ý±¬ÁÏÐÅÏ¢£¬Ð¹Â¶µÄƾ֤¶³öÁ˰¬ÃÀ½±³ö²ú»·¾³ÖÐÃô¸Ð×ÊÔ´µÄÔÆ´æ´¢Í°ÁÐ±í£¬Ô̺¬Slack¡¢Jira¡¢Zoom¼°°¬ÃÀ½±µç×ÓÓʼþÕË»§µÈ¶à¶àÃô¸Ð·þÎñ¡£ÆäËû¶³öµÄ»ù´¡ÉèÊ©»¹Ô̺¬EmmysµÄAndroid¡¢FireTV¡¢iOSºÍRokuÀûÓã¬ÒÔ¼°¶à¸öÄÚ²¿Êý¾Ý¿â¡£×êÑÐÍŶÓÖ¸³ö£¬AWSƾ֤ÅÔ±ßÖ¸¶¨µÄ´æ´¢Í°ÉõÖÁûÓÐÉèÖýӼû±£»¤£¬ÇÒÍйÜÁ˰¬ÃÀ½±µÄ³ÉÔ±Ìá½»ÄÚÈÝ£¬Ô̺¬Ô¤±¨Æ¬ºÍ¾ç±¾¡£×êÑÐÍŶӺËʵÁËÄäÃû×êÑÐÈËÔ±µÄ˵·¨£¬²¢ÔÚÊÕµ½ÏßË÷ºóÒ²·¢ÏÖÁ˱»ÆØ¹âµÄƾ֤£¬µ«²¢Î´ÀûÓÃй¶ƾ֤½Ó¼ûÈκηþÎñ¡£ÍŶÓÉó²é×ÊÔ´Áбíºó·¢ÏÖ£¬ÆäÖÐһЩ×ÊÔ´ÎÞÐèÈÎºÎÆ¾Ö¤¼´¿ÉÖ±½Ó½Ó¼û¡£ÔÚÁªÏµ°¬ÃÀ½±ºó£¬½ØÖÁ5ÔÂ6ÈÕ£¬ÓÐ¹ØÆ¾Ö¤ÒѲ»ÔÙй¶¡£
https://cybernews.com/security/emmy-awards-platform-data-leak/


¾©¹«Íø°²±¸11010802024551ºÅ