iRhythmÔâÀÕË÷¹¥»÷£¬³¬Ç§Íò»¼Õß½¡¿µÐÅϢй¶

°ä²¼¹¦·ò 2026-06-17
1. iRhythmÔâÀÕË÷¹¥»÷£¬³¬Ç§Íò»¼Õß½¡¿µÐÅϢй¶


6ÔÂ16ÈÕ£¬ÃÀ¹úÊý×ÖÒ½Áƹ«Ë¾iRhythm HoldingsÓÚ½üÈÕÅû¶һ·³Á´óÊý¾Ýй¶ÊÂÎñ£¬ºÚ¿Íͨ¹ýÉç»á¹¤³Ì¼¿Á©¹¥ÆÆÁËÆäµÚÈý·½ÍйܵÄÒµÎñÀûÓ÷¨Ê½£¬³É¹¦ÇÔÈ¡Ô̺¬»¼ÕßÊܱ £»¤½¡¿µÐÅÏ¢¡¢Ó×ÎÒÉí·ÝÐÅÏ¢¼°¹«Ë¾×¨º±¼û¾ÝÔÚÄÚµÄÃô¸Ð×ÊÁÏ¡£×÷Ϊһ¼ÒרһÓÚÐÄÔà¼à²â·þÎñµÄ³ÛÃûÆóÒµ£¬iRhythmµÄ¼¼ÊõÒÑÓÃÓÚ·ÖÎö³¬¹ý1200ÍòÃû»¼ÕßÀÛ¼ÆÓâ20ÒÚÓ×ʱµÄÐÄÌøÊý¾Ý£¬Õâ´Îй¶²¨¼°ÁìÓòÖ®¹ã£¬Òý·¢Òµ½ç¶ÔÒ½ÁÆÊý¾Ý°²È«µÄÉîÇÐÓÇÓô¡£Æ¾¾Ý¸Ã¹«Ë¾ÓÚ2026Äê6ÔÂ10ÈÕÏòÃÀ¹ú֤ȯÂòÂôίԱ»áÌá½»µÄÎļþ£¬ÊÂÎñ×îÔçÓÚǰһÌ죨6ÔÂ9ÈÕ£©±»·¢ÏÖ£¬µ±ÈÕ¹«Ë¾¼´ÊÕµ½ÍþвÐÐΪÕßµÄÀÕË÷Ðź¯£¬¶Ô·½ÒÔ¹«¿ªÐ¹Â¶±»µÁÊý¾ÝΪÍþвË÷È¡Êê½ð¡£iRhythmÔÚÈ·Èϲ¿ÃÅÊý¾ÝÈ·ÒÑ´ÓÀûÓ÷¨Ê½Öбíйºó£¬Ñ¸ËÙ½áºÏ±í²¿ÍøÂ簲ȫר¼Ò·¢Õ¹È¡Ö¤µ÷²é£¬²¢Æô¶¯Á˼ȶ¨µÄÍøÂ簲ȫÏìÓ¦´òËãÒÔ¶ôÔìÊÂ̬À©É¢¡£¼øÓÚDZÔÚÊÜÓ°ÏìµÄÊý¾ÝÁ¿¼«ÎªÖش󣬸ù«Ë¾ÓÚ6ÔÂ10ÈÕÕýʽÈ϶¨¸ÃÊÂÎñ×é³É¡°³Á´óÐÔÖÊ¡±µÄÍøÂ簲ȫ±äÂÒ¡£ÖµÍ×ÌùÐĵÄÊÇ£¬iRhythmÔÚÉêÃ÷ÖÐÇ¿µ÷£¬Õâ´ÎÈëÇÖ²¢Î´²¨¼°¹«Ë¾µÄÖ÷Ìâ²úƷϵͳ¡¢ÁÙ´²»òÒ½ÁÆÉ豸»ù´¡ÉèÊ©¡¢»¼Õß°²È«ÓйØÏµÍ³¡¢Ôì×÷Óë·ÖÏúÔËÓªÁ´Ìõ£¬Ò²Î´Ó°Ïì²ÆÕþ»ã±¨ÏµÍ³£¬Í¬Ê±¸Ã¹«Ë¾Ã÷È·°µÊ¾Æä²»´æ´¢»¼ÕßµÄÖ§¸¶¿¨»ò²ÆÕþÕË»§ÐÅÏ¢£¬´Ó¶øÔڿ϶¨Ë®Æ½ÉÏ»º½âÁ˽ðÈÚڲƭ·çÏÕ¡£


https://www.bleepingcomputer.com/news/security/irhythm-discloses-data-breach-says-hackers-stole-patient-info/


2. ¿Â´ïÔâShinyHuntersÀÕË÷£¬Íþвй¶220Íò±Ê¼Í¼


6ÔÂ15ÈÕ£¬½üÈÕ£¬Õ¼Óнü150Ä꺹ÇàµÄÃÀ¹ú³ÉÏñ¼¼Êõ¾ÞÍ·ÒÁÊ¿Âü¿Â´ï¹«Ë¾±»ÁÐÈë³ôÃûÔ¶ÑïµÄÀÕË÷×éÖ¯ShinyHuntersµÄÐ¹Â¶ÍøÕ¾£¬²¢ÊÕµ½Ò»·Ý´ë´ÇÑϸñµÄ¡°×îºóÖҸ桱£¬ÒªÇóÆäÔÚ2026Äê6ÔÂ18ÈÕǰ×Ô¶¯ÁªÏµ¸Ã×éÖ¯²¢Âú×ãÊê½ðÒªÇ󣬲»È»½«Ãæ¶ÔÃô¸ÐÊý¾Ý±»¹«¿ªÐ¹Â¶µÄ·çÏÕ¡£ShinyHuntersÔÚÍøÕ¾ÉÏÐû³ÆÒѳɹ¦ÇÔÈ¡¡°³¬¹ý220ÍòÌõÔ̺¬¿Í»§Ó×ÎÒÉí·ÝÐÅÏ¢ºÍÆäËûÄÚ²¿¹«Ë¾Êý¾ÝµÄ¼Í¼¡±£¬µ«½ØÖÁĿǰ£¬¸Ã×éÖ¯²¢Î´°ä²¼ÈκÎÑù±¾Êý¾Ý»ò¾ßÌåÖ¤¾ÝÀ´Ö§³ÖÆäÕâÒ»ÖØ´óÐû³Æ£¬¶ø¿Â´ï¹«Ë¾½üÆÚÒ²´ÓδÔÚ¹«¹²³¡ËùÈÏ¿ÉÔâ·êÈκÎÍøÂçÈëÇÖ¡£Õâ¼ÒÔøÒò½º¾íÎÅÃûÈ«Çò¡¢ºóÓÚ2012ÄêÉêÇëÆÆ²ú²¢¾­Àú³¹µ×³Á×éµÄ°ÙÄêÆóÒµ£¬Èç½ñÒÑתÐÍΪÒÔB2BΪÖ÷µÄ¿Æ¼¼Ôì×÷¹«Ë¾£¬Ö÷ÌâÒµÎñº­¸ÇóÒ×ÊýÂëÓ¡Ë¢¡¢µçÓ°½ºÆ¬Ó뾲̬½ºÆ¬Ôì×÷¡¢ÔìÒ©¼°µç³ØÓÃÏȽø»¯Ñ§Æ·µÄ³ö²ú£¬ÒÔ¼°×ÔÓÐÆ·ÅÆÊÚȨµÈÁìÓò£¬Õâ´ÎÍ»ÈçÆäÀ´µÄÀÕË÷ÍþвÎÞÒɸøÆäתÐÍ֮·ÃÉÉÏÒ»²ãÒõÓ°¡ £Äܹ»Ô¤¸ÐµÄÊÇ£¬Èô¿Â´ï×îÖÕδÄÜÓëºÚ¿Í´ï³ÉÍ×Э£¬ÆäÖØ´óµÄ¿Í»§Êý¾Ý¿âÓëÄÚ²¿Ã³Ò×»úÃÜÒ»µ©±íй£¬²»½ö½«ÑϳÁÇÖÊ´Õâ¼ÒÀÏÅÆÆóÒµµÄ¹«ÐÅÁ¦£¬»¹¿ÉÄÜÒý·¢¼à¹Ü³Á·£Ó뼯ÌåËßËÏ¡£


https://cybernews.com/security/shinyhunters-claims-kodak-hack-2-million-records/


3. CISA½«LiteSpeed cPanel²å¼þ¸ßΣ·ì϶ÁÐÈëKEVĿ¼


6ÔÂ16ÈÕ£¬ÃÀ¹úÍøÂ簲ȫºÍ»ù´¡ÉèÊ©°²È«¾Ö£¨CISA£©½üÈÕ½«Ò»ÏîÓ°ÏìLiteSpeed cPanel²å¼þµÄ¸ßΣ°²È«·ì϶ÁÐÈëÆä¡°ÒÑÖª±»ÀûÓ÷ì϶¡±£¨KEV£©Ä¿Â¼¡£¸Ã·ì϶±àºÅΪCVE-2026-54420£¬CVSSÆÀ·ÖΪ8.5£¬ÊôÓÚ¸ßΣ¼¶±ð¡£Æ¾¾ÝÒªÇó£¬ÃÀ¹úÁª¹úÃñÊÂÐÐÕþ²¿ÃÅ£¨FCEB£©»ú¹¹±ØÐëÔÚ2026Äê6ÔÂ18ÈÕǰʵÏÖ½¨¸´£¬ÒÔ·À±¸Ç±ÔÚµÄÍøÂç¹¥»÷·çÏÕ¡£¸Ã·ì϶µÄ¼¼Êõ³ÉÒòÔÚÓÚLiteSpeed cPanel²å¼þ£¨2.4.8°æ±¾Ö®Ç°£©¶Ô·ûºÅÁ´½ÓµÄ´¦ÖôæÔÚȱµã¡£¾ßÌå¶øÑÔ£¬µ±·þÎñÆ÷ÔËÐÐCloudLinux»òCageFSÕâÀ๲ÏíÍйܻ·¾³Ê±£¬Õ¼ÓÐFTP»òWeb Shell½Ó¼ûȨÏÞµÄÓû§Äܹ»ÀûÓô˷ì϶£¬Í¨¹ý´´½¨¶ñÒâ·ûºÅÁ´½ÓÀ´Í»ÆÆCageFSµÄ¸ôÀë»úÔ죬×îÖÕ½«È¨ÏÞÌáÉýÖÁϵͳµÚÒ»Á÷±ðrootȨÏÞ¡£³É¹¦ÀûÓô˷ì϶µÄ¹¥»÷ÕßÄܹ»ÆëÈ«½ÚÔìÖ¸±ê·þÎñÆ÷£¬½Ó¼û¡¢´Û¸Ä»òÇÔȡͳһ·þÎñÆ÷ÉÏËùÓÐÆäËûÍйÜÍøÕ¾µÄÊý¾Ý¡£LiteSpeed¹Ù·½ÒÑÈ·Èϸ÷ì϶ÔÚ±»»ý¼«ÀûÓã¬ÏÖʵ¹¥»÷»î¶¯×îÔç¿É×·ÒäÖÁ2026Äê5Ô¡£°²È«³§ÉÌNamecheapÓÚ2026Äê5ÔÂ31ÈÕÏòLiteSpeed»ã±¨ÁËÕâÒ»ÎÊÌâ¡£Õë¶ÔÕâÒ»½ôÆÈÍþв£¬LiteSpeed¹Ù·½ÌṩÁËÉý¼¶½¨¸´ºÍһʱ»º½âÁ½ÖÖÓ¦¶Ô¹æ»®¡£


https://thehackernews.com/2026/06/cisa-flags-litespeed-cpanel-plugin-flaw.html


4. JetBrains Marketplace¶ñÒâ²å¼þµÁÈ¡AI¿ª·¢ÕßÃÜÔ¿


6ÔÂ16ÈÕ£¬½üÈÕ£¬ÍøÂ簲ȫ¹«Ë¾Aikido SecurityÔÚJetBrains MarketplaceÉÏ·¢ÏÖÁËÒ»³¡ÓÐ×éÖ¯µÄ¶ñÒâÈí¼þ¹¥»÷»î¶¯£¬ÖÁÉÙ15¸öIDE²å¼þ±»Ö²ÈëÇÔÃÜ´úÂ룬רÃŵÁÈ¡¿ª·¢Õß´æ´¢ÔÚ²å¼þÉèÖÃÖеÄAI·þÎñÉÌAPIÃÜÔ¿¡£ÕâЩ²å¼þ¼Ù×°³ÉAI±àÂ븱ÊÖ¡¢´úÂëÉó²é¹¤¾ßºÍGitʵÓ÷¨Ê½£¬Ðû³Æ¼¯³ÉOpenAI¡¢DeepSeek¡¢SiliconFlowµÈÈȵãAI·þÎñ£¬×îÔçÓÚ2025Äê10Ô°䲼£¬Ð²å¼þ³ÖÐø¸üÐÂÖÁ2026Äê6ÔÂ10ÈÕ£¬ÀÛ¼Æ×°ÖôÎÊý¿¿½ü7Íò´Î¡£¹¥»÷Õßͨ¹ýÆß¸ö·ÖÆçµÄ¹©¸øÉÌÕ˺Ű䲼ÕâЩ²å¼þ£¬ËùÓжñÒâ²å¼þ¾ù¹²Ïí¸ß¶ÈÀàËÆµÄµ×²ã´úÂ룬ÆäÖ÷ÌâÐÐΪÊÇÔÚÓû§ÊäÈëAPIÃÜÔ¿²¢µã»÷¡°ÀûÓá±°´Å¥µÄ˲¼ä£¬Í¨¹ýδ¼ÓÃܵÄHTTPºÍ̸½«Í´´¦Ã÷ÎÄ·¢ËÍÖÁÓ²±àÂë·þÎñÆ÷µÄÖ¸¶¨½Ó¿Ú£¬µ¼ÖÂÃÜÔ¿ÔÚ´«Êä¹ý³ÌÖм«Ò×±»½Ø»ñ»òÖ±½ÓÂäÈë¹¥»÷ÕßÊÖÖС£¸üÁîÈ˾¯ÌèµÄÊÇ£¬²¿ÃŲå¼þ»¹Ìṩ¸¶·Ñ°æ±¾£¬ÆäÔË×÷»úÔìÒì³ £¿ÉÒÉ£¬Óû§Ö§¸¶ÉÙÁ¿ÓöȺó£¬Ô¶³Ì·þÎñÆ÷»á×Ô¶¯Ïò¿Í»§¶Ë·¢»¹Ò»¸ö¿ÉÓõÄAI APIÃÜÔ¿£¬¹©²å¼þÖ±½ÓŲÓá£Aikido×êÑÐÈËÔ±Ö¸³ö£¬ÈκκϷ¨µÄ·þÎñÔËÓªÉ̶¼²»»á½«²»ÊÜÏ޶ȵĸ¶·ÑAIÌṩÉÌÃÜÔ¿Ö±½Ó½»¸øÓû§£¬´§Ä¦¹¥»÷ÕߺܿÉÄܽ«´ÓÃâÓöȻ§ÄÇÀïÇÔÈ¡À´µÄÍ´´¦³Áзַ¢£¬×ªÂô¸ø¸¶ÓöȻ§£¬´Ó¶ø¹¹½¨Ò»Ìõ·¸·¨Ä²ÀûµÄÐþÉ«²úÒµÁ´¡£


https://www.bleepingcomputer.com/news/security/malicious-jetbrains-marketplace-plugins-steal-ai-api-keys-from-developers/


5. RokarollaľÂí¼Ù×°ÈȵãÀûÓõÁÈ¡½ðÈÚÆ¾Ö¤


6ÔÂ16ÈÕ£¬Ò»ÖÖÃûΪRokarollaµÄÐÂÐÍAndroidÒøÐÐľÂíÔÚ»îÔ¾´«²¼£¬Ëüͨ¹ý¼Ù×°³ÉGoogle Chrome»òTikTokÀûÓõĶñÒâÍøÕ¾ÓÕµ¼Óû§×°Öã¬Æù½ñÒѾ߱¸¹¥»÷217¸öÒøÐкͼÓÃÜÇ®±ÒÀûÓ÷¨Ê½µÄÄÜÁ¦£¬²¢Õ¼Óжà´ï137ÌõÔ¶³Ì½ÚÔìÖ¸Áî¡£Òƶ¯°²È«¹«Ë¾ZimperiumÅû¶£¬¸Ã¶ñÒâÈí¼þÔÚ×°ÖÃʱ³äÈÎͶ·ÅÆ÷£¬»á¼ÙðAndroid¹Ù·½·´¶ñÒâϵͳGoogle Play Protect£¬ÏòÓû§ÌṩװÖÃChrome»òTikTokµÄÑ¡Ï¶øÎÞÂÛÑ¡ÔñÄÄÒ»Ï×îÖÕÖ²ÈëµÄ¶¼ÊÇÔ̺¬Rokarolla¶ñÒâ´úÂëµÄÀûÓá£Ò»µ©Æô¶¯£¬¸ÃľÂí»áÁ¢¼´ÒªÇó¸¨ÖúÖ°ÄÜ·þÎñȨÏÞ£¬Í¬Ê±Ë÷È¡½Ó¼û֪ͨ¡¢¶ÌÐźÍͨ»°µÄÃô¸ÐÊÚȨ£¬ÕâЩȨÏÞÊǺóÐøÖ´Ðи߽׽ÚÔìÓëڲƭµÄ¹Ø¼üǰÌá¡£Ëæºó£¬RokarollaÓëºÅÁîÓë½ÚÔì·þÎñÆ÷³ÉÁ¢Í¨Ñ¶£¬Êײ½·¢ËÍÔ̺¬ÊÖ»úÐͺš¢Android°æ±¾¡¢Ëµ»°ÇøÓò¡¢ÏÔʾ²ÎÊý¡¢µç³ØµçÁ¿¡¢´æ´¢ÈÝÁ¿¼°¿ÉÓÃRAMµÈÏ꾡µÄÉ豸ÅäÖÃÎļþ£¬·þÎñÆ÷¾Ý´ËΪÿÃûÊܺ¦ÕßÌìÉúΨһ±êʶ·û£¬ÒÔʵÏÖ¾«×¼²Ù¿Ø¡£¸ÃľÂíµÄÖ÷ÌâÖ¸±êÊÇÇÔÈ¡²ÆÕþÐÅÏ¢¡£Ëü»á½«ÊÜϰȾÉ豸ÓëÄÚÖõÄ217¸öÖ¸±êÀûÓÃÁбíÖðÒ»±È¶Ô£¬Ò»µ©·¢ÏÔì¥Å䣬±ã´Ó·þÎñÆ÷ÏÂÔØÕë¶Ô¸ÃÀûÓõĴ¹µö¹¥»÷ÔØºÉ¡£µ±Êܺ¦ÕßÕý³£´ò¿ªÖ¸±êÀûÓÃʱ£¬Rokarolla»áʵʱ¸²¸ÇÒ»¸öαÔìµÄµÇ¼½çÃæ£¬ÓÕÆ­Óû§ÊäÈëÕË»§Ãû¡¢ÃÜÂë¡¢ÐÅÓþ¿¨ºÅ¼°ÆäËûÃô¸Ð²ÆÕþÊý¾Ý¡£


https://www.bleepingcomputer.com/news/security/new-rokarolla-android-malware-targets-217-banking-crypto-apps/


6. Steam´´Ò⹤·»±ÚÖ½°ü°µ²Ø¶ñÒâÈí¼þ


6ÔÂ16ÈÕ£¬·¸·¨·Ö×ÓÕý´ó¹æÄ£ÀÄÓÃValveÆìϵÄSteam´´Ò⹤·»£¬Õâ¸ö±¾ÓÃÓÚ·ÖÏíÓÎÏ·Ä£×é¡¢µØÍ¼¡¢Æ¤·ôµÅ×û§ÌìÉúÄÚÈݵÄÉçÇøÖÐÐÄ£¬½«¶ñÒâÈí¼þ¼Ù×°³É±ÚÖ½°üÏòÍæ¼ÒÍÆËÍ¡£ÍøÂ簲ȫ¹«Ë¾¿¨°Í˹»ù°ä²¼»ã±¨Åû¶£¬¹¥»÷ÕßÀûÓÃSteamƽ̨Éϱ¸ÊÜ»¶Ó­µÄ¡°Wallpaper Engine¡±×ÀÃæ×Ô½ç˵ÀûÓ÷¨Ê½£¬¸ÃÀûÓÃÕ¼Óнü°ÙÍòÌõÆÀÂÛ£¬Ö§³ÖËÄÖÖ±ÚÖ½ÀàÐÍ£¬ÆäÖÓ×°ÀûÓ÷¨Ê½±ÚÖ½¡±ÐÔÖÊÉÏÊÇ¿ÉÖ´ÐеÄWindows·¨Ê½£¬¿ÉÔ̺¬ÓÎÏ·¡¢Ó×¹¤¾ß»òϵͳ¼à¿Ø¹¤¾ß£¬ÕâÒ»Éè¼ÆËäÍØÕ¹ÁËÖ°ÄÜÐÔ£¬È´Ò²ÄÚÖÃÁËÑϳÁµÄ°²È«·çÏÕ£¬Èç½ñÒѱ»ÍþвÐÐΪÕß¶ñÒâÀûÓá£×êÑÐÈËԱȷÈÏ£¬ÖÁÉÙ´Ó2025ËêĺÆð£¬¹¥»÷Õß±ãÆðÍ·ÏòSteam´´Ò⹤·»ÉÏ´«¼Ù×°³É±ÚÖ½µÄ¶ñÒâÎļþ£¬ÓÕÆ­Óû§Í¨¹ýWallpaper Engine×°Ö㬿¨°Í˹»ùÒÑ·¢ÏÖÊýÊ®¿î´ËÀà¶ñÒâÀûÓ÷¨Ê½±ÚÖ½£¬Ã¿Ò»¿î¾ù±»ÏÂÔØÊýǧÉõÖÁÊýÍò´Î£¬ÀÛ¼ÆÊܺ¦¹æÄ£Ï൱¿É¹Û¡£ÕâЩ¶ñÒâ±ÚÖ½µÄͶµÝÊÖ·¨¶àÑù£¬ÓеĽ«¶ñÒâÈí¼þÖ±½Ó´ò°üÔÚ±ÚÖ½×°ÖðüÖУ¬ÓеÄÔò½«ÆäÖÃÓÚÊÜÃÜÂë± £»¤µÄѹËõÎļþÄÚ£¬ÓÕʹÓû§×Ô¶¯½âѹ²¢ÔËÐС£Ò»µ©Óû§×°ÖñÚÖ½£¬ÓÐÐ§ÔØºÉ±ã»á×Ô¶¯Ö´ÐУ¬ºó¶ÜѸËÙ·¢Õ¹ÈëÇÖ¡£×êÑÐÈËÔ±»¹·¢ÏÖ¶àÆðÉæ¼°LummaºÍVidarÐÅÏ¢ÇÔÈ¡·¨Ê½¡¢¼ÓÃÜÇ®±ÒÍÚ¿óľÂí¡¢½©Ê¬ÍøÂç¼ÓÔØ·¨Ê½¡¢RanEngineÀÕË÷Èí¼þµÈÆäËû¶ñÒâ¼Ò×åµÄ¹¥»÷°¸Àý£¬Åú×¢ÕâÒ»·ì϶Òѱ»¶à¸ö·ÖÆçµÄ¹¥»÷ÍÅ»ïͬʱÀÄÓá£


https://www.bleepingcomputer.com/news/security/steam-workshop-abused-to-spread-malware-via-wallpaper-engine-app/