Ó¡¶È¾ÞÍ·°Í¼Ö¼ªÆû³µÔâÀÕË÷Èí¼þ¹¥»÷
°ä²¼¹¦·ò 2026-06-266ÔÂ24ÈÕ£¬Ó¡¶ÈÆû³µÔì×÷Òµ¾ÞÍ·°Í¼Ö¼ªÆû³µ¹«Ë¾ÓÚ±¾ÖܶþÕýʽÅû¶£¬Æä×ÔÉí¼°ÆìÏÂרһÓÚ¼¼Êõ¿ª·¢¡¢¹¤³ÌÓë×êÑеÄ×Ó¹«Ë¾°Í¼Ö¼ªÆû³µ¼¼ÊõÓÐÏÞ¹«Ë¾µÄϵͳÔâ·êÁËÀÕË÷Èí¼þ¹¥»÷£¬µ¼Ö²¿ÃÅÔËÓª»·½ÚÊܵ½Ó°Ïì¡£¸Ã¹«Ë¾ÔÚÌá½»¸ø¼à¹Ü»ú¹¹µÄÎļþÖÐ×¢Ã÷£¬¸ÃÊÂÎñÓÚÖܶþÉÏÎç±»·¢ÏÖ£¬ÖÎÀí²ãËæ¼´Æô¶¯Ó¦¼±ÏìÓ¦»úÔ죬²ÉÈ¡ÁËһϵÁÐÔ¤·ÀÐÔ¸ôÀë´ëÊ©ÒÔ¶ôÔìÊÂ̬À©É¢£¬²¢µ÷¶¯ÄÚ²¿¼¼ÊõÍŶÓÓë±í²¿ÍøÂ簲ȫר¼ÒÐͬ´ëÖ᣾ݹ«Ë¾Ðû³Æ£¬½ØÖÁĿǰ£¬ËùÖ´ÐеĻº½â´ëÊ©¡°×¿ÓгÉЧ¡±£¬µ«²¢Î´¾Í¹¥»÷ÊÇ·ñÒÑÆëÈ«½â³ý¡¢¾ßÌåÓ°ÏìÁìÓòÓжà´óµÈÖ÷ÌâÎÊÌâ¸ø³ö¾ßÌå×¢Ã÷¡£ÖµÍ×ÌùÐĵÄÊÇ£¬°Í¼Ö¼ªÆû³µÔÚ¹Ù·½ÉêÃ÷ÖмÈδй©ִÐÐÕâ´Î¹¥»÷µÄÀÕË÷×éÖ¯Éí·Ý£¬Ò²Î´Ã÷È·ÊÇ·ñÓÐÃô¸ÐóÒ×Êý¾Ý»ò¿Í»§ÐÅÏ¢ÔÚÕâ´ÎÊÂÎñÖб»·¸·¨ÇÔÈ¡£¬Í¬Ê±¶ÔÓÚ¹¥»÷ÕßÊÇ·ñÒÑÌá³öÊê½ðÒªÇó¼°¾ßÌå½ð¶îά³ÖĬȻ¡£
https://therecord.media/indian-auto-giant-bajaj-auto-hit-by-ransomware
2. Ú¿ÆÕßÕýÀûÓÃShopify¹Ù·½ÀûÓÃÖ²ÈëÐéα¶©µ¥ÐÐÆ
6ÔÂ25ÈÕ£¬½üÆÚ£¬ÍøÂ簲ȫ¹«Ë¾Gen Digital·¢³öÖҸ棬ÍþвÐÐΪÕßÔÚ´ó¹æÄ£ÀÄÓùãÊÜ»¶ÓµÄµçÉ̹ºÎ︱ÊÖÀûÓÃShop£¬Í¨¹ýÏòÓû§µÄ¶©µ¥º¹ÇàÖÐÖ±½ÓÖ²ÈëÐéα²É°ìÊÕÌõ£¬Ö´Ðо«×¼Ú¿Æ¡£×÷ΪShopifyÆìϵĹٷ½ÀûÓã¬ShopΪÏû·ÑÕßÌṩÁËÒ»¸ö¼¯ÖÐÖÎÀí¶àƽ̨¶©µ¥¡¢×·×ÙÎïÁ÷ºÍ·¢ÏÖÐÂÉÌÆ·µÄ±ã½ÝÇþ·¡£Ú¿ÆÕß½«Î±ÔìµÄ¶©µ¥»ìÈëÓû§ÕæÊµµÄ²É°ì¼Í¼ÖУ¬²¢Ã°ÓÃNorton¡¢McAfee¡¢Apple¼°PayPalµÈ³ÛÃûÆ·ÅÆ£¬ÊÕÌõÉÏ»¹»á¸½ÉÏÒ»¸öËùνµÄ¡°¿Í·þÁªÏµµç»°¡±¡£µ±Óû§Òò²ÂÒÉ»òÓÇÓô¶ø²¦´òµç»°Ê±£¬ÏßÁíÒ»¶ËʵΪ¾«ÐļÙ×°µÄÆ×Ó£¬ËûÃÇ»áʹÓÃÉç»á¹¤³Ìѧ¼¼ÇÉ£¬²½²½ÓÕµ¼Óû§½»³öÕË»§ÃÜÂë¡¢Ö§¸¶¿¨¾ßÌåÐÅÏ¢ÉõÖÁÒ»´ÎÐÔÑéÖ¤Â룬²¿Ãż«¶Ë°¸ÀýÖУ¬Êܺ¦Õß»¹±»ºöӯװÖÃÁË¿ÉÔ¶³Ì½ÚÔìÉ豸µÄ¶ñÒâÈí¼þ¡£×êÑÐÈËÔ±Ö¸³ö£¬ÕâÖÖÐÂÐ͹¥»÷¼¿Á©±È´«Í³µÄ¡°»Ø²¦´¹µö¡±Óʼþ¸ü¾ßºýŪÐÔ£¬ÓÉÓÚÐÂÎÅÔ´×ÔÓû§ÐÅÈεÄÕý¹æÀûÓ㬶ø·Ç¿ÉÒÉµÄ±í²¿Óʼþ¡£¹ÌÈ»²»ÉÙÐéαÊÕÌõ´æÔÚÏÔÖøµÄÓï·¨ÃýÎ󣬵«Ãæ¶Ô´ó¶îÏû·Ñ´øÀ´µÄ½¹ÂÇ£¬ºÜ¶àÓû§¼«Ò׺öÂÔÕâЩÂí½Å¡£Ä¿Ç°£¬¹ØÓÚÕâЩαÔì¶©µ¥ÊÇÈôºÎÈÆ¹ý°²È«»úÔì±»²åÈëÀûÓõľßÌå¼¼Êõϸ½ÚÈÔ²»Ã÷È·£¬ShopµÄ¶©µ¥Í¬²½¿ÉÄÜÉæ¼°µç×ÓÓʼþ½âÎö¡¢ÕË»§¹ØÁªµÈ¶àÖÖÊý¾ÝÔ´£¬µ«¹Ù·½ÉÐδȷÈϾßÌåµÄÉøÈëÇþ·¡£
https://www.bleepingcomputer.com/news/security/order-tracking-app-shop-abused-to-push-callback-phishing-attacks/
3. ¶ñÒâÈí¼þGaslightÓÃÐéᱨ´í¹Æ»ó´óÄ£ÐÍ
6ÔÂ25ÈÕ£¬°²È«¹«Ë¾SentinelOne½üÈÕÅû¶ÁËÒ»¿îÃûΪ¡°Gaslight¡±µÄÐÂÐÍmacOS¶ñÒâÈí¼þ£¬Æä¹ÖÒìÖ®´¦²»ÔÚÓÚ´«Í³µÄ´úÂë»ìºÏ»ò»·¾³Õì²â£¬¶øÊÇרÃÅÕë¶Ôµ±Ç°ÈÕÒæ±é¼°µÄAI¸¨Öú¶ñÒâÈí¼þ·ÖÎö¹¤¾ßÉè¼ÆÁËÒ»Ì×ÉúÀíÕ½Êõ¡£¸Ã¶ñÒâÈí¼þ±»¸ß¶ÈÒÔΪ³ö×ÔÓ볯ÏÊÓйصÄÍþвÐÐΪÕßÖ®ÊÖ£¬Æä±¾ÌåÊÇÒ»¸ö¾ß±¸ºóÃźÍÐÅÏ¢ÇÔȡְÄܵÄRust˵»°¶þ½øÔ취ʽ£¬ÕâÔÚͬÀà¶ñÒâÈí¼þÖв¢²»º±¼û¡£È»¶ø£¬Æä×îÒýÈËÖõÖ÷ÕÅÌØµãÔÚÓÚÒ»¸ö½ö3.5KB´óÓ×µÄÓÐÐ§ÔØºÉ£¬ÆäÖо¹Ç¶ÈëÁ˶à´ï38Ìõ¾«ÐÄ»ú¹ØµÄÐéαϵͳÐÂÎÅ¡£ÕâЩÐÂÎżÙ×°³É¿ª·¢ÕßÈÕÖ¾¡¢±ÀÀ£»ã±¨¡¢µ÷ÊÔÊä³öºÍ·¨Ê½¾¯±¨£¬²¢´óÁ¿Ê¹ÓÃMarkdownÌåʽºÍÄ£°åռλ·û£¬Ê¹Æä¿´ÆðÀ´ÈçÍ¬ÕæÊµµÄ¹ÊÕÏÅŲéÊý¾Ý¡£GaslightµÄ¹¥»÷Âß¼²¢·ÇÕë¶Ô´«Í³É±¶¾Èí¼þ»òɳÏäµÄÖ´Ðл·¾³£¬¶øÊÇÖ±Ö¸ÄÇЩÔÚ×Ô¶¯·ÖÎö¹ý³ÌÖлá¶ÁÈ¡¶þ½øÔìÎļþÖпɶÁ×Ö·û´®µÄ´ó˵»°Ä£ÐÍ£¨LLM£©¸¨Öúϵͳ¡£SentinelOneµÄ×êÑÐÈËÔ±Ö¸³ö£¬ÕâЩƾ¿ÕµÄ¹ÊÕÏÐÅÏ¢Ö¼ÔÚÈÃLLM¸¨ÖúµÄ·ÖÀà´úÀí¡°ÒÉ»ó×Ô¼ºµÄ»á»°¡±£¬¼´Í¨¹ýÏò·ÖÎöÕß¹àÊä´óÁ¿¿´ËÆÑϳÁµÄϵͳÃýÎóºÍ°²È«Òþ»¼£¬ÓÕʹAIÄ£ÐÍÎóÅе±Ç°·ÖÎö»á»°×ÔÉí³öÏÖÁËÎÊÌ⣬»òÒÔΪÑù±¾¹ýÓÚΣÏÕ¡¢Òì³£¶ø×Ô¶¯¶ôÖÆ¡¢½Ø¶Ï·ÖÎö¹¤×÷£¬ÉõÖÁ»Ø¾ø³ÖÐøÊä³öÁ˾֡£
https://www.bleepingcomputer.com/news/security/new-macos-malware-embeds-fake-errors-to-confuse-ai-analysis-tools/
4. Á÷Á¿³¬9.5ÒÚµÄÌåÓýµÁ°æ¾ÞÍ·PirloTV±»µ·»Ù
6ÔÂ25ÈÕ£¬½üÈÕ£¬Ò»³¡ÓÉ´´ÒâÓëÓéÀÖÁªÃË£¨ACE£©Ç£Í·¡¢½áºÏÅ·ÖÞ×ãÇòлáÁªÃË£¨UEFA£©¼°Ä«Î÷¸çµÈ¶à¹ú·¨ÂÉ»ú¹¹µÄ´ó¹æÄ£·´µÁ°æÐж¯»ñµÃ³Á´óÕ½¹û£¬³É¹¦µ·»ÙÁËÓë·¸·¨Á÷ýÌåÆ½Ì¨PirloTVÓйصÄÖØ´óÌåÓýµÁ°æÍøÂ磬¹²¼Æ²é·â44¸ö»îÔ¾ÓòÃû¡£PirloTV×ÔÉí²¢²»Ö±½ÓÔì×÷»òÍйÜÄÚÈÝ£¬¶øÊÇÒ»¸ö¾ÛºÏÐÍÍøÕ¾ÍøÂ磬ͨ¹ýǶÈëδ¾ÊÚȨµÄÌåÓýÈüÊÂÖ±²¥Á´½Ó£¬ÖØÒªÌṩ×ãÇò½ÇÖðµÄÔÚÏßÅÔ¹Û·þÎñ£¬ÆäÔË×÷ģʽÒÀÀµÓÚ¶Ô¸÷´óÊÚȨ¹ã²¥¹«Ë¾Ö±²¥Á÷µÄ¶þ´Î·Ö·¢¡£¸Ãƽ̨×îΪÈËËùÊìÖªµÄÌØµãÊÇÆä¼«Ç¿µÄ¡°ÐÔÃüÁ¦¡±£¬ÔÚÃæ¶ÔÁйú¼à¹Ü»ú¹¹µÄ·´¸´Ï¼ÜÒªÇóºó£¬×ÜÄÜѸËÙÆôÓÃÐÂÓòÃûÒÔά³ÖÔËÓª£¬Áî·¨Âɲ¿ÃÅÆ£ÓÚÓ¦¶Ô¡£È»¶ø£¬±¾´Î¶à±ßÐͬ½ø¹¥³¹µ×¶Â½ØÁËÆäÖ÷ÌâÈë¿Ú£¬¾ÝACE¹Ù·½²¼¸æÅû¶£¬ÕâЩ±»¹Ø¹ØµÄÓòÃûÿÄêÔÚÈ«ÇòÁìÓòÄÚ²úÉúµÄ½Ó¼ûÁ¿×ܼƳ¬¹ý9.5ÒڴΣ¬½öÄ«Î÷¸çÒ»µØ¾Í¹±Ï×ÁËÔ¼2.3ÒڴΣ¬ÆäÊܶàÖØÒª¼¯ÖÐÔÚÀ¶¡ÃÀÖÞ£¬ÓÈÆäÔÚÄ«Î÷¸çºÍ¸çÂ×±ÈÑÇÕ¼ÓÐÖØ´óµÄÓû§»ù´¡£¬Í¬Ê±À´×ÔÎ÷°àÑÀºÍÃÀ¹úµÈÊг¡µÄÁ÷Á¿Ò಻ÈÝÓ×êï¡£Ö»¹ÜÖ÷ÓòÃûÒѱ»²é·â£¬½ØÖÁ±¾ÎÄ·¢¸åʱ£¬¹«¹²ËÑË÷ÒýÇæÈÔÄÜ·¢ÏÖ²¿ÃŲÐÁôµÄ¾µÏñÕ¾µã»òбäÖÖÓòÃû³ÖÐøÌṩ·¸·¨Á÷ýÌå·þÎñ¡£
https://www.bleepingcomputer.com/news/security/pirlotv-sports-piracy-network-disrupted-as-44-domains-seized/
5. AI´¹µö·þÎñBluekit½ø»¯£¬ÐÂÔöBitMÖ°ÄÜÇÔȡƾ֤
6ÔÂ25ÈÕ£¬ÍøÂç´¹µö¼´·þÎñ£¨PhaaS£©Æ½Ì¨¡°Bluekit¡¹ØýÔÚÒÔ¾ªÈ˵ÄËٶȽø»¯£¬Æä×îÐµĹ¥»÷ÄÜÁ¦Óë»ù´¡ÉèÊ©À©ÕÅÒý·¢Á˰²È«ÁìÓòµÄ¸ß¶È¾¯Ìè¡£¾ÝÊý×Ö·çÏÕ±£»¤¹«Ë¾Netcraft×îл㱨Åû¶£¬ÔÚ´ÓǰһÖÜÄÚ£¬¸Ãƽ̨ÒÑÐÂÔö½ü70¸ö¶ñÒâÖ÷»úÃû£¬²¢ÒýÈëÁ˸üΪΣÏÕµÄä¯ÀÀÆ÷ÖÐÑëÈË£¨BitM£©Êý¾ÝÇÔÈ¡»úÔ죬ʹÆä¹¥»÷Á´ÌõÔ½·¢Òñ±ÎºÍ¸ßЧ¡£Bluekit×î³õÓÚ½ñÄê4ÔÂÓÉVaronis×êÑÐÈËÔ±¼Í¼ÔÚ°¸£¬ÆäÖ÷ÌâÂôµãÔÚÓÚÄÚÖÃÁËÒ»¸öÖ§³ÖLlama¡¢GPT-4.1¡¢Claude¡¢GeminiºÍDeepSeekµÈ¶àÖÖ´ó˵»°Ä£Ð͵ÄAI¸±ÊÖ£¬¿ÉÄÜ×Ô¶¯»¯ÌìÉú¼«¾ß¹Æ»óÐԵĴ¹µöÓʼþ£¬Í¬Ê±Ïò¡°¿Í»§¡±Ìṩ³¬¹ý40ÖÖÕë¶ÔOutlook¡¢Gmail¡¢iCloud¼°GitHubµÈÈȵã·þÎñµÄÏÖ³ÉÄ£°å¡£Õâ´ÎÉý¼¶ÖУ¬BluekitÉÕ»ÙÁË´«Í³µÄÖÐÑëÈ˹¥»÷´úÀíģʽ£¬×ª¶øÑ¡È¡»ùÓÚ¿ªÔ´JavaScript¿â¡°rrweb¡±µÄBitM¹æ»®¡£Îª½øÒ»²½É¸Ñ¡¸ß¼ÛÖµÖ¸±ê²¢¶ã±Ü°²È«·ÖÎö£¬BluekitÖ²ÈëÁ˶൵´ÎµÄ·´¼ì²âÓëÊܺ¦Õß×ʸñÈ϶¨ÏµÍ³¡£Í¬Ê±£¬¸Ãƽ̨±£ÁôÁËVaronis´Ëǰ¼Í¼µ½µÄʵʱ¼à¿ØÃæ°å£¬ÔÊÐí¹¥»÷²Ù×÷Ô±ÒÔ5ÃëΪ¾àÀë¹Û²ìÊܺ¦ÕßÔÚÐéαµÇÂ¼Ò³ÃæÉϵÄÿһ²½²Ù×÷£¬ÉõÖÁ×·×ÙÆäµÇ¼ºóµÄÐÐΪ¹ì¼£¡£
https://www.bleepingcomputer.com/news/security/bluekit-phishing-kit-adopts-browser-in-the-middle-for-login-theft/
6. ΢ÈíÅû¶˫³ÁÀÕË÷£ºÁ½»ïºÚ¿ÍͬʱÈëÇÖͳһָ±ê
6ÔÂ25ÈÕ£¬Î¢ÈíÊÂÎñÏìÓ¦ÍŶӣ¨DART£©ÔÚÒ»´ÎÀÕË÷Èí¼þ¹¥»÷µ÷²éÖз¢ÏÖÁ˼«Îªº±¼ûµÄ¹¥»÷³¡¾°£¬Í³Ò»Êܺ¦ÕßµÄÍøÂç»·¾³ÖУ¬¾¹ÓÐÁ½×黥²»ÓйصÄÍþвÐÐΪÕßͬʱ¶ÀÁ¢Ö´ÐÐÈëÇÖ¡£¸Ã¹¥»÷ÊÂÎñµÄ·¢Ô´Ö¸ÏòÊܺ¦Õß±¾µØ²¿ÊðµÄSharePoint·þÎñÆ÷£¬¹¥»÷ÕßÀûÓÃÁËÒѹ«¿ªÅû¶µÄÒÑÖª·ì϶×÷Ϊ³õʼÈë¿Ú¡£µ÷²é³õÆÚ£¬Î¢Èí×êÑÐÈËÔ±·¢ÏÖ¶ñÒâÈí¼þ´Ó×î³õÊÜϰȾµÄ»·¾³ºáÏò´«²¼ÖÁµÚ¶þ¸ö×éÖ¯£¬¾ÁªÏµÈ·ÈÏ£¬ºóÕßͬÑùÔâ·êÁËÀ´×Ô´úºÅΪStorm-2603µÄÀÕË÷Èí¼þÍÅ»ïµÄ¹¥»÷¡£È»¶ø£¬Ëæ×Å΢ÈíÍþвµý±¨²¿ÃŵÄÉî¿ÌËÝÔ´£¬Ò»¸ö¸üΪ¸´ÔӵľÖÃæ¸¡³öË®Ãæ£ºÔÚStorm-2603»î¶¯µÄͬʱ£¬ÁíÒ»ÃûÎ޹صĹ¥»÷ÕßÒ²ÔÚͳһÊܺ¦ÍøÂçÖв¢Ðз¢Õ¹×ŶÀÁ¢µÄ¶ñÒâ²Ù×÷¡£Storm-2603×Ô2025ÄêÄêÖÐÒÔÀ´±ã³ÖÐøÒÔ±¾µØSharePoint·þÎñÆ÷ÎªÍ»ÆÆ¿Ú£¬ÏµÍ³ÐÔµØÀûÓÃÒÑÖª·ì϶£»¶øÁíÒ»Ãû¹¥»÷ÕßÔòÁôÏÂÁ˶¯Ì¬Á´½Ó¿â£¨DLL£©²à¼ÓÔØµÄ¼¼ÊõºÛ¼££¬ÕâÖÖÊÖ·¨¿É½«¶ñÒâ´úÂë°µ²ØÔںϷ¨Èí¼þ¹ý³ÌÖÐÖ´ÐУ¬ÒÔ×°ÖúóÃÅ»òά³ÖÓÆ¾Ã»¯½Ó¼û¡£
https://cybernews.com/security/microsoft-ransomware-group-sharepoint-parallel-attacks/


¾©¹«Íø°²±¸11010802024551ºÅ