ÈÎÌìÌõÚÈý·½·þÎñÔâÈëÇÖ£¬ÀÕË÷×éÖ¯Ë÷Òª200ÍòÃÀÔª
°ä²¼¹¦·ò 2026-06-226ÔÂ18ÈÕ£¬ÈÎÌìÌÃÃÀ¹ú¹«Ë¾½üÈÕ֤ʵ£¬ÆäÄÚ²¿Ê¹ÓõĵÚÈý·½Ô±¹¤µ÷²éƽ̨TinyPulseÔâ·êÊý¾Ýй¶£¬µ«ÈÎÌìÌÃ×ÔÓÐϵͳδ±»¹¥ÆÆ£¬¿Í»§Ó×ÎÒÊý¾Ý¼°²ÆÕþÐÅÏ¢¾ùδÊÜÓ°Ïì¡£Õâ´ÎÊÂÎñÆØ¹âÔ´ÓÚÀÕË÷×éÖ¯Shadowbyt3$Ðû³ÆÇÔÈ¡ÁËÈÎÌìÌÃÃÀ¹úÔ±¹¤µÄÃô¸ÐÊý¾Ý¡£ÈÎÌìÌÃÔÚÉêÃ÷ÖÐÇ¿µ÷£¬Ð¹Â¶ÄÚÈݽöÏÞÓÚͨ¹ýTinyPulseÍøÂçµÄÄÚ²¿Ô±¹¤µ÷²éÐÅÏ¢£¬Éæ¼°Ò»Óײ¿ÃÅÔ±¹¤£¬ÇÒ´ó²¿ÃÅÊý¾Ý¿É×·ÒäÖÁÊýÄêǰ¡£¸Ã¹«Ë¾°µÊ¾ÕýÓë·þÎñÌṩÉÌçÇÃܺÏ×÷½â¾ö´ËÎÊÌâ¡£Shadowbyt3$ÍÅ»ïÔòÔÚÆäйÃÜÍøÕ¾ÉÏÐû³ÆÇÔÈ¡Á˽ü1GBÊý¾Ý£¬Ô̺¬Ô±¹¤È«Ãû¡¢µç×ÓÓʼþµØÖ·¡¢·ÖÎö¼°µ÷²éÊý¾Ý¡¢ÒøÐжÔÕ˵¥¡¢º¬Ô±¹¤IDµÄW-9˰±í¡¢Ö°Òµ·¢Õ¹´òËãÒÔ¼°2016ÄêÖÁ2026Äê¼äµÄÄÚ²¿»ã±¨¡£¹¥»÷Õß×î³õ´ÍÓëÈÎÌìÌÃ48Ó×ʱ½»ÉæÆÚÏÞ£¬ÒªÇóÖ§¸¶200ÍòÃÀÔªÊê½ð£¬²¢ÍþвÓâÆÚ½«¹«¿ªÊý¾Ý¡£ÔÚºóÐøÐÂÎÅÖУ¬¸Ã×éÖ¯³ÎÇåÕâ´ÎÊÂÎñ²»Ó°ÏìÈÎÌìÌÃÓÎÏ·ÒµÎñ£¬½öÉæ¼°ÔøÊ¹ÓÃTinyPulseµÄÔ±¹¤ÈºÌ壬²¢½øÒ»²½°ä²¼Á˾ݳÆÔ̺¬Ô±¹¤Ö®¼äÖ±½ÓÐÂÎźͶԻ°µÄй¶Êý¾ÝÁ´½Ó£¬°µÊ¾ÈÎÌìÌÃδ֧¸¶Êê½ð¡£
https://www.bleepingcomputer.com/news/security/nintendo-confirms-data-stolen-in-webmd-subsidiary-cyberattack/
2. ShapedPlugin¸¶·Ñ²å¼þÔ⹩¸øÁ´¹¥»÷
6ÔÂ18ÈÕ£¬WordPress²å¼þ¿ª·¢ÉÌShapedPlugin½üÈÕÔâ·êһ·ÑϳÁµÄ¹©¸øÁ´¹¥»÷£¬¹¥»÷Õßͨ¹ýÆä¹Ù·½¸üÐÂϵͳÏò¸¶·Ñ¿Í»§ÍÆËÍÁ˱»Ï°È¾µÄ²å¼þ°æ±¾¡£ÊÜÓ°ÏìµÄÊÇÈý¿î¸¶·Ñ²å¼þ£ºProduct Slider Pro¡¢Real Testimonials ProºÍSmart Post Show Pro¡£ShapedPluginÆìÏÂÃâ·Ñ²úÆ·µÄ×Ü»îÔ¾×°ÖÃÁ¿³¬¹ý40Íò£¬µ«Õâ´ÎÊÂÎñ½ö²¨¼°ÉÏÊö¸¶·Ñ²úÆ·¡£¾ÝWordfence·À»ðǽÊý¾Ý£¬ºóÃÅÓÚ5ÔÂ21ÈÕ±»×¢Èëµ½Pro°æ±¾¹¹½¨ÖУ¬6ÔÂ10ÈÕ³öÏÖÊ×ÅúÓû§¹ØÓÚ¶ñÒâ¸üеĻ㱨£¬×êÑÐÈËÔ±ÓÚ6ÔÂ12ÈÕ´Ó¹ÙÍøÏÂÔØÏ°È¾²å¼þºóÈ·ÈÏÈëÇÖ£¬¹©¸øÉÌÓÚ6ÔÂ16ÈÕ¹«¿ªÈÏ¿ÉÊÂÎñ²¢³ÐŵÒѲÉÈ¡»º½â´ëÊ©£¬ÔÚÑéÖ¤¸üа汾¡£Wordfence·ÖÎöÏÔʾ£¬±»Ï°È¾µÄ²å¼þÔ̺¬Ò»¸ö¶ñÒâ¼ÓÔØÎļþLicenseLoader.php£¬µ±ÖÎÀíÔ±½Ó¼ûºó¶Üʱ£¬¸ÃÎļþ»á¼¤»î²¢ÏνӺÅÁîÓë½ÚÔ죨C2£©·þÎñÆ÷£¬ÏÂÔØµÚ¶þ½×¶ÎºóÃÅ£¬½«Æä¼Ù×°³ÉÃûΪwoocommerce-subscription»òwoocommerce-notificationµÄÐéα²å¼þ×°Ö㬲¢Ïò¹¥»÷Õ߻㱨£¬Ëæºó×ÔÎÒɾ³ýÒÔ½â³ýºÛ¼£¡£¸ÃÐéα²å¼þÔÚWordPress²å¼þÁбíÖаµ²Ø£¬ÖØÒªÇÔÈ¡ÒÔÏÂÐÅÏ¢£ºWordPressµÇ¼ʹ´¦¡¢Ö÷Á÷°²È«²å¼þµÄË«³É·ÖÈÏÖ¤£¨2FA£©ÃÜÔ¿¡¢wp-config.phpÖеÄÊý¾Ý¿âÍ´´¦ºÍÈÏÖ¤ÃÜÔ¿¡¢ÖÎÀíÔ¹ØË»§ÏêÇé¡¢SMTP/Óʼþ·þÎñÍ´´¦£¬ÒÔ¼°½üÈý¸öÔµÄWooCommerce¶©µ¥Êý¾Ý¡£
https://www.bleepingcomputer.com/news/security/shapedplugin-update-flow-hacked-to-infect-wordpress-sites/
3. ¼ÓÄôóÓÀÃ÷ÈËÊÙÓâ550Íò±Ê¼Í¼Ôâ°µÍø¶µÏú
6ÔÂ19ÈÕ£¬Ò»ÃûÍøÂç·¸×ï·Ö×ÓÔÚ°µÍøÂÛ̳ÉϹ«¿ª½ÐÂôÒ»¸ö¾Ý³ÆÔ̺¬³¬¹ý550Íò±Ê¼Í¼µÄÖØ´óÊý¾Ý¿â£¬¸ÃÊý¾ÝÓë¼ÓÄôó×î´óµÄ±£ÏÕ¹«Ë¾¼ÓÄôóÓÀÃ÷ÈËÊÙ£¨Sun Life Canada£© Óйأ¬¾Ý³Æ½«Ê¹¸Ã¹«Ë¾µÄ´óÁ¿¿Í»§ºÍÔ±¹¤Ãæ¶Ô°²È«·çÏÕ¡£¸ÃÌû×Ó½üÆÚ³Ê´Ë¿ÌÍøÂç·¸×ï»î¶¯ÆµÈԵĵØÏÂÊг¡ÖУ¬Ðû³ÆÊý¾Ý¼¯º¸ÇÁËÓë¼ÓÄôóÓÀÃ÷ÈËÊÙÓйصĿͻ§¡¢Ô±¹¤¼°Æ½Ì¨ÐÅÏ¢¡£¼ÓÄôóÓÀÃ÷ÈËÊÙ×ܲ¿Î»ÓÚÎÂÄá²®£¬ÎªÔ¼1400Íò¿Í»§Ìṩ·þÎñ£¬ÊDZ±ÃÀ×î´óµÄ±£ÏÕÓë²Æ¸»ÖÎÀí¹«Ë¾Ö®Ò»¡£ÍþвÐÐΪÕßͬʱ°ä²¼ÁËÊý¾ÝÑù±¾ÒÔ×ôÖ¤Æä˵·¨£¬¾ÝÍþвÐÐΪÕß°ä²¼µÄÇåµ¥£¬¸ÃÊý¾Ý¿âÔ̺¬³¬¹ý550Íò±Ê¼Í¼£¬Éæ¼°¿í·ºµÄÓ×ÎÒÓë×éÖ¯ÐÅÏ¢£¬¾ßÌåÔ̺¬£ºÐÕÃû¡¢µç×ÓÓʼþµØÖ·¡¢¹«Ë¾ÐÅÏ¢¡¢²¿ÃÅÃû³Æ¡¢Ö°Î»Ãû³Æ¡¢µØÖ·ÓйØÊý¾Ý¡¢¹ú¶ÈÓëλÏàÐÅÏ¢¡¢Óû§ÕË»§ÔªÊý¾Ý¡¢Ô±¹¤±êʶ·û¡¢¾ÀíÓëÉóÅúÈËÏêÇé¡¢Óû§È¨ÏÞ¡¢½Ó¼û½ÚÔìÐÅÏ¢¡¢¹µÍ¨Æ«ºÃ¼°Í¨ÖªÉèÖõȡ£Êý¾ÝÑù±¾ÏÔʾ£¬Æä½á¹¹ÌصãÓëSalesforceµÈCRM£¨¿Í»§¹ØÏµÖÎÀí£©Æ½Ì¨Öд洢µÄÊý¾Ý¸ß¶ÈÒ»Ö£¬×êÑÐÈËÔ±¾Ý´ËÈ·ÈÏ¡°Êý¾ÝËÆºõÊÇ´Ó¼ÓÄôóÓÀÃ÷ÈËÊÙSalesforce»·¾³ÖÐÌáÈ¡µÄ¡±¡£
https://cybernews.com/security/canada-life-salesforce-data-leak/
4. °£Äá·¨¹ú·Ö¹«Ë¾½ü9ÍòB2B¿Í»§ÕË»§ÐÅÏ¢±»¶µÏú
6ÔÂ19ÈÕ£¬¾Ý³ÆÓëÒâ´óÀû¿ç¹úÄÜÔ´¾ÞÍ·°£ÄἯÍÅ£¨ENI£©·¨¹ú·Ö¹«Ë¾ÓйصĿͻ§Êý¾Ý¿â½üÈճʴ˿ÌÍøÂç·¸×ïÂÛ̳ÉÏ£¬Ò»Ãû×Ô³ÆÓëLapsus$ ÍøÂç·¸×ïÉú̬ϵͳÓйØÁªµÄÍþвÐÐΪÕßÔÚ¹«¿ª¶µÏú¸ÃÊý¾Ý¼¯¡£°£ÄἯÍÅÔÚÈ«Çò62¸ö¹ú¶ÈÔËÓª£¬Õ¼ÓÐÔ¼3.2ÍòÃûÔ±¹¤£¬ÄêÊÕÈë¸ß´ï946ÒÚÃÀÔª¡£Âô¼ÒÐû³Æ£¬¸ÃÊý¾Ý¼¯Ô̺¬Ô¼89,463ÌõÓë°£Äá·¨¹ú¹«Ë¾Óйصļͼ£¬Éæ¼°¿Í»§ÕË»§¼°Ó×ÎÒ×ÊÁÏÖÎÀíÊý¾Ý¡£¹ÌÈ»Ñù±¾±í±í¿´ËƺϷ¨£¬µ«Éó²éÁËй¶Ñù±¾µÄ×êÑÐÈËÔ±Ö¸³ö£¬ÓÉÓÚ´æÔÚ³Á¸´¼Í¼£¬ÏÖʵÊý¾ÝÁ¿¿ÉÄܱ»¿ä´ó¡£¾Ý·ÖÎö£¬¸ÃÊý¾Ý¿âÖØÒªÔ̺¬B2BÕË»§ÐÅÏ¢£¬¶ø·Çͨ³£Ïû·ÑÕßÄÜÔ´¿Í»§¼Í¼¡£Ð¹Â¶µÄÊý¾ÝÑù±¾Ô̺¬£ºÐÕÃû¡¢µç×ÓÓʼþµØÖ·¡¢¿Í»§ÀàÐÍ·ÖÀà¡¢ÕË»§×´Ì¬¡¢¿Í»§²Î¿¼±àºÅ¡¢¹«Ë¾Ãû³Æ¡¢ÕË»§´´½¨ÈÕÆÚ¼°ÉϴεǼ¹¦·ò´Á¡£ÊÜÓ°ÏìʵÌ庸ǵ±¾Ö»ú¹¹¡¢´óѧ¡¢¾Æµê¼°¸÷ÀàÖÐÓׯóÒµµÈ¡£Ö»¹Üй¶ÐÅÏ¢²»Ô̺¬Ö§¸¶ÏêÇé»ò¸ß¶ÈÃô¸ÐµÄÓ×ÎҼͼ£¬µ«ÆóÒµÕË»§Êý¾Ý¿âÈÔ¿ÉΪ¹¥»÷ÕßÌṩ¹óÖØµý±¨£¬ÕË»§´´½¨ÈÕÆÚºÍ×îºóµÇ¼¹¦·ò´ÁÓÐÖúÓÚ¼ø±ð»îÔ¾ÕË»§£¬¶ø»îÔ¾ÕË»§¸üÓпÉÄܻظ´Ú²ÆÐÔͨѶ£¬´Ó¶ø±»ÓÃÓÚÌáÒé¸ß¶ÈÕë¶ÔÐÔµÄÍøÂç´¹µö¹¥»÷¡£
https://cybernews.com/security/eni-france-customer-data-breach/
5. ±ß½®º½¿Õ±»ÆØÑϳÁ·ì϶£¬µÇ»úÅÆ¼´¿ÉÇÔȡȫÌ×ÒþÖÔ
6ÔÂ19ÈÕ£¬°²È«×êÑÐÔ±¡°bobdahacker¡±½üÈÕÅû¶£¬ÃÀ¹ú±ß½®º½¿Õ£¨Frontier Airlines£©µÄԤԼϵͳ´æÔÚÑϳÁ°²È«·ì϶¡£ÈκÎÈËÖ»ÐèÆ¾½èµÇ»úÅÆÉÏÃ÷ÎÄÓ¡ÓеÄÁùλԤԼ±àÂ루PNR£©ºÍ³Ë¿ÍÐÕÊÏ£¬¼´¿Éͨ¹ýº½¿Õ¹«Ë¾µÄÒÆ¶¯API»ò¹ÙÍø¡°ÖÎÀíÎÒµÄÔ¤Ô¼¡±Ò³Ã棬δ¾ÈκÎÓÐЧÉí·ÝÑéÖ¤£¬Ö±½Ó»ñÈ¡¸ÃÔ¤Ô¼ÏÂËùÓÐ³Ë¿ÍµÄÆëÈ«ÄÚ²¿µµ°¸¡£ÕâÒâζ×Å£¬Ò»ÕÅ˳ÊÖÅׯú»òÔÚÉ罻ýÌåÉÏɹ³öµÄµÇ»úÅÉ˾Ƭ£¬¾Í×ãÒÔ³ÉΪһ°Ñ¡°È«ÄÜÔ¿³×¡±¡£¾ÝÅû¶£¬Í¨¹ý¸Ã·ì϶¿É»ñÈ¡µÄÊý¾Ý¼«ÎªÏ꾡£¬ÏÕЩº¸ÇÁËÒ»Ãû´î¿ÍµÄÈ«ÊýÖ÷ÌâÒþÖÔ¡£¾ßÌåÔ̺¬£ºÆëÈ«µÄ¼Òͥסַ¡¢µç×ÓÓÊÏä¡¢µç»°ºÅÂ룻Ô̺¬Î´³ÉÄêÈËÔÚÄ򵀮ëÈ«µ®ÉúÈÕÆÚ£»Î´×öÈκÎÍÑÃô´¦ÖÃµÄÆëÈ«»¤ÕÕºÅÂ롢ǩ·¢¹ú¼°ÓÐЧÆÚ£»ÓÃÓÚTSA PreCheckµÄÒÑÖª´î¿Í±àºÅ£¨KTN£©¼°±ß½®º½¿Õ»áÔ±ºÅ¡£¸üÁîÈËÓÇÓôµÄÊÇ£¬Ö§¸¶ÐÅÏ¢Ò²½üºõ¡°Âã±¼¡±£ºAPI·µ»ØµÄÊý¾ÝÔ̺¬ÐÅÓþ¿¨µÄǰÁù루BIN£©ºÍºóËÄλ¡¢³Ö¿¨ÈËÐÕÃû¡¢ÓÐЧÆÚ¼°ÆëÈ«Õ˵¥µØÖ·¡£
https://cybernews.com/security/frontier-airlines-data-breach/
6. ÎÖ´ï·á°Ä´óÀûÑÇÍøÂçÊàŦ¹ÊÕÏÖ´ó¹æÄ£ÖжÏ
6ÔÂ18ÈÕ£¬°Ä´óÀûÑǵçÐÅÔËÓªÉÌÎÖ´ï·á£¨Vodafone£¬´ÓÊôTPG Telecom£©ÓÚ±¾ÖÜËÄÈ·ÈÏ£¬Òò¹«Ë¾ÆìÏÂÒ»¸öÍøÂçÊàŦ²úÉú¼¼Êõ¹ÊÕÏ£¬µ¼Ö´óÁ¿¿Í»§Ôâ·ê¼äЪÐÔÍøÂçÏνÓÎÊÌâ¡£¾ÝÍøÂç¼à²âƽ̨downdetector.comÊý¾ÝÏÔʾ£¬¹ÊÕϲúÉúÔÚµ±ÈÕÔ糿£¬·åֵʱ¶ÎÓг¬¹ý8000ÃûÓû§»ã±¨ÎÞ·¨Õý³£Ê¹ÓÃÒÆ¶¯ÍøÂç·þÎñ¡£ÎÖ´ï·á½²»°ÈËÔÚÏò·͸Éç°ä²¼µÄµç×ÓÓʼþÉêÃ÷ÖаµÊ¾£¬Õâ´ÎÖжÏÔ´ÓÚij¸öÍøÂçÊàŦÔÚµ±ÌìÁ賿ͻ·¢¹ÊÕÏ£¬¾´¹Î£ÇÀ½¨£¬ÎÊÌâÒѵõ½½â¾ö£¬´ó²¿ÃÅ·þÎñÔÚÖ𲽸´Ô¡£µ«¸Ã½²»°ÈËͬʱ²¹³äÌáÐÑ£¬¡°ÓÉÓÚÉ豸±ØÒª³ÁÐÂÏνӣ¬²¿ÃÅ·þÎñ¿ÉÄÜÈÔ»á¼äЪÐÔ³öÏÖÎÊÌ⡱£¬Óû§ÆëÈ«¸´ÔÕý³£Ê¹ÓÃÈÔÐèÒ»°´¹¦·ò¡£Ä¿Ç°£¬ÎÖ´ï·áδÅû¶Õâ´Î¹ÊÕϵľßÌå¼¼ÊõÔÒò£¬Ò²Î´»ØÓ¦ÊÇ·ñ»áÏòÊÜÓ°ÏìÓû§ÌṩÅâ³¥¡£¡£Ëæ×Å·þÎñÖ𲽸´Ô£¬±í½ç¹Ø×¢½¹µã»ò½«×ªÏòÔËÓªÉÌÈôºÎ´ÓÔì¶ÈºÍ¼¼Êõ²ãÃæÔ¤·ÀÀàËÆÊÂÎñÔٴβúÉú£¬ÒÔ³Á½¨¹«¼Ò¶ÔµçÐÅÍøÂç¿¿µÃסÐÔµÄÐÅÀµ¡£
https://cybernews.com/security/thousands-vodafone-australia-network-disruption/


¾©¹«Íø°²±¸11010802024551ºÅ