SonicWall·ì϶ÖҸ棺½ö¸üй̼þ²»¼°ÒÔ·ÀÈÆ¹ýMFA

°ä²¼¹¦·ò 2026-05-21

1¡¢SonicWall·ì϶ÖҸ棺½ö¸üй̼þ²»¼°ÒÔ·ÀÈÆ¹ýMFA


5ÔÂ20ÈÕ £¬½üÆÚ £¬ºÚ¿Í³É¹¦±©Á¦ÆÆ½âSonicWallµÚÁù´ú£¨Gen6£©SSL-VPNÉ豸ÉϵÄVPNÍ´´¦ £¬²¢Èƹý¶à³É·ÖÉí·ÝÑéÖ¤£¨MFA£© £¬½ø¶ø²¿ÊðÀÕË÷Èí¼þ¹¥»÷¹¤¾ß¡£ÍøÂ簲ȫ¹«Ë¾ReliaQuestµÄ×êÑÐÈËÔ±»ØÓ¦ÁË2ÔÂÖÁ3Ô¼ä¶àÆðÈëÇÖÊÂÎñ £¬²¢ÒÔ¡°ÖеÈÏàÐŶȡ±ÅжÏ £¬ÕâÊÇÕë¶Ô±àºÅCVE-2024-12802·ì϶µÄ³õ´ÎÏÖʵÀûÓð¸Àý¡£¸Ã·ì϶µÄ²úÉúÔ­ÒòÊÇUPNµÇ¼Ìåʽ¶ÌȱMFAÇ¿ÔìÖ´ÐÐ £¬Ê¹Õ¼ÓÐÓÐЧʹ´¦µÄ¹¥»÷Õß¿ÉÄÜÖ±½ÓÈÏÖ¤²¢ÈƹýMFA±£»¤¡£SonicWallÔÚ°²È«²¼¸æÖÐÃ÷È·Ö¸³ö £¬Gen6É豸½ö×°Öù̼þ¸üв¢²»Äܳ¹µ×½â³ý·ì϶ £¬ÖÎÀíÔ±»¹±ØÐëÊÖ¶¯³ÁÐÂÅäÖÃLDAP·þÎñÆ÷£»²»È»¼´±ãÉ豸ÔËÐÐןüкóµÄ¹Ì¼þ £¬ÒÀÈ»´æÔÚ±»ÈëÇֵķçÏÕ¡£Ïà±È֮Ϡ£¬µÚÆß´úºÍµÚ°Ë´úÉ豸ֻÐè¸üе½Ð°æ¹Ì¼þ¼´¿ÉÆëÈ«½â³ý·çÏÕ¡£ÔÚÏÖʵÈëÇÖ¹ý³ÌÖÐ £¬ºÚ¿Íͨ³£Ö»Ðè30µ½60·ÖÖÓ¾ÍÄÜʵÏֵǼ¡¢ÍøÂç¿úËÅ¡¢²âÊÔÄÚ²¿ÏµÍ³Í´´¦³ÁÓà £¬¶øºóÓÐÒâʶµØ×¢Ïú¡£¼øÓÚµÚÁù´úSSL-VPNÉ豸ÒÑÓÚ½ñÄê4ÔÂ16ÈÕÖÕ³¡Ö§³ÖÇÒ²»Ôٽӹܰ²È«¸üР£¬¹Ù·½½¨ÒéÓû§¾¡¿ìÉý¼¶ÖÁÈÔÔÚ»ý¼«Ö§³ÖµÄ½Ïа汾¡£


https://www.bleepingcomputer.com/news/security/hackers-bypass-sonicwall-vpn-mfa-due-to-incomplete-patching/


2. GrafanaÒò©ÂÖ»»GitHubÁîÅÆÖÂÊý¾Ýй¶


5ÔÂ20ÈÕ £¬½üÆÚ £¬GrafanaÔâ·êÊý¾Ýй¶ÊÂÎñ £¬±¾Ô­ÔÚÓÚÒ»¸öGitHub¹¤×÷Á÷ÁîÅÆÔÚÂÖ»»¹ý³ÌÖб»ÒÅ©¡£¸ÃÁîÅÆµÄ¶³öÔ´ÓÚÉÏÖܲúÉúµÄTanStack npm¹©¸øÁ´¹¥»÷£ºÔÚÕâ´Î¹é×ïÓÚTeamPCPºÚ¿Í×éÖ¯µÄShai-Hulud¶ñÒâÈí¼þ¹¥»÷»î¶¯ÖÐ £¬ÊýÊ®¸öϰȾÁËÆ¾Ö¤ÇÔÈ¡´úÂëµÄTanStackÈí¼þ°ü±»°ä²¼µ½npmË÷ÒýÉÏ £¬µ¼ÖÂÔ̺¬GrafanaÔÚÄڵĿª·¢Õß»·¾³Êܵ½Íþв¡£µ¹ØâЩ¶ñÒânpm°ü±»°ä²¼Ê± £¬GrafanaµÄCI/CD¹¤×÷Á÷¸ÕºÃʹÓÃÁËËüÃÇ £¬ÆäÖеÄÐÅÏ¢ÇÔÈ¡Ä £¿éÔÚÆäGitHub»·¾³ÖÐÖ´ÐÐ £¬´Ó¶ø½«GitHub¹¤×÷Á÷ÁîÅÆÐ¹Â¶¸øÁ˹¥»÷Õß¡£Grafana¹«Ë¾Ú¹ÊͳÆ £¬5ÔÂ1ÈÕËûÃǼì²âµ½ÓÉTanStackÈí¼þ°ü±»ÈëÇÖÒý·¢µÄ¶ñÒâ»î¶¯ºó £¬µ±¼´Æô¶¯ÁËÊÂÎñÏìÓ¦´òËã²¢ÂÖ»»ÁË´óÁ¿GitHub¹¤×÷Á÷ÁîÅÆ¡£È»¶ø £¬ÓÉÓÚºöÂÔ©µôÁËÒ»¸öÁîÅÆ £¬¹¥»÷ÕßÀûÓøÃÁîÅÆ³É¹¦½Ó¼ûÁËGrafanaµÄ˽Óд洢¿â¡£¹«Ë¾ºóÐøÉó²é֤ʵ £¬×î³õ±»ÒÔΪδÊÜÓ°ÏìµÄÌØ¶¨GitHub¹¤×÷Á÷³ÌÏÖʵÉÏÒѱ»·ÛËé¡£¹«Ë¾·¢ÏÖÈëÇÖÕß»¹ÏÂÔØÁËGrafanaÓÃÓÚÆäÒµÎñÔËÓªµÄ¾ßÌåÄÚ²¿ÐÅÏ¢ £¬ÆäÖÐÔ̺¬ÔÚרҵ¹ØÏµÖлụ»»µÄÒµÎñÁªÏµÈËÐÕÃûºÍµç×ÓÓʼþµØÖ·¡£GrafanaÃ÷È·Ö¸³ö £¬ÕâЩÐÅÏ¢²¢·Ç¿Í»§³ö²úÊý¾Ý £¬Ò²²»ÊÇ´Ó³ö²úϵͳ»òGrafanaÔÆÆ½Ì¨ÌáÈ¡»ò´¦ÖõÄÐÅÏ¢¡£


https://www.bleepingcomputer.com/news/security/grafana-breach-caused-by-missed-token-rotation-after-tanstack-attack/


3. µÁË¢ÂÛ̳B1ack¡¯s StashÃâ·Ñ°ä²¼460ÍòÌõÐÅÓþ¿¨Êý¾Ý


5ÔÂ20ÈÕ £¬°µÍøÉÏ×î»îÔ¾µÄ±»µÁÐÅÓþ¿¨ÂòÂôƽ̨֮һB1ack¡¯s Stash £¬½üÈÕÃâ·Ñ°ä²¼ÁË460ÍòÌõÐÅÓþ¿¨¼Í¼ £¬Ô­Òò²¢·Ç·¨Âɽø¹¥»òϵͳ±»ÈëÇÖ £¬¶øÊÇΪÁ˳ÍÖÎÎ¥¹æÂô¼Ò¡£²¿ÃÅͨ¹ý¸Ãƽ̨²É°ì±»µÁÐÅÓþ¿¨Êý¾ÝµÄÂô¼Ò±»·¢ÏÖ½«Êý¾ÝתÊÛµ½ÆäËûƽ̨ £¬Î¥·´ÁË·þÎñÌõ¿î¡£×÷Ϊ»ØÓ¦ £¬Æ½Ì¨ÔËÓªÉÌÔÝÍ£ÁËÓëÕâЩÂô¼ÒÓйصÄ800ÍòÌõ±»µÁCVV2¼Í¼ £¬²¢¾ö¶¨Ãâ·Ñ¿ªÊÍÆäÖÐÒ»²¿ÃÅ¿â´æ £¬¶ø·ÇÖ±½Óɾ³ý¡£ÕâÖÖ¹«¿ªÐ¹Â¶Ï൱ÓÚ°µÍø°æµÄ¡°Ôڹ㳡Éϵã»ðÔßÎ £¬³ÉΪһÖÖ¹ÖÒìµÄ³Í½ä¼¿Á©¡£¾ÝSOCRadar·ÖÎö £¬Õâ´Îй¶µÄÿ±Ê¼Í¼¶¼Òì³£ÆëÈ« £¬Ô̺¬¿¨ºÅ¡¢ÓÐЧÆÚ¡¢CVV2°²È«Âë¡¢³Ö¿¨ÈËÐÕÃû¡¢Õ˵¥µØÖ·¡¢µç×ÓÓʼþµØÖ·¡¢µç»°ºÅÂëºÍIPµØÖ· £¬Ú²Æ­ÕßÖ»ÐèÒ»´Î²Ù×÷¼´¿É»ñÈ¡ËùÓбØÒªÐÅÏ¢¡£SOCRadarÑéÖ¤ºó·¢ÏÖ £¬²¿ÃżÍ¼ÒѹýÆÚ»ò³Á¸´ £¬É¸Ñ¡ºóÔ¼ÓÐ430Íò±Ê¼Í¼¿´ÆðÀ´×îÐÂÇÒ¿ÉÄÜ¿ÉÓᣵØÓòÉ¢²¼ÉÏ £¬Ô¼70%À´×ÔÃÀ¹ú £¬¼ÓÄôó¡¢Ó¢¹ú¡¢·¨¹úºÍÂíÀ´Î÷ÑÇλÁÐǰÎå £¬Ïã¸Û¡¢ÐÂ¼ÓÆÂºÍÌ©¹úµÈÑÇÖÞ½ðÈÚÖÐÐÄÒ²³Ê´Ë¿Ìǰ15Ãû £¬×¢Ã÷Êý¾ÝÔ´×ÔÕë¶ÔÈ«ÇòÓ¢Óï¹ú¶ÈºÍ¸ß²É°ìÁ¦Êг¡µÄÂŴεÁË¢»ò´¹µö»î¶¯¡£


https://securityaffairs.com/192415/cyber-crime/carding-site-b1acks-stash-dumps-4-6-million-stolen-cards-for-free.html


4. GitHubÔ±¹¤×°ÖöñÒâÀ©´ó £¬ÖÂ3800¸öÄÚ²¿´úÂë¿âй¶


5ÔÂ20ÈÕ £¬GitHubÒÑ֤ʵ £¬ÒòÆäÒ»ÃûÔ±¹¤×°ÖÃÁ˶ñÒâµÄVS CodeÀ©´ó·¨Ê½ £¬µ¼ÖÂÔ¼3800¸öÄÚ²¿´æ´¢¿âÔâµ½ÈëÇÖ¡£¸Ã¹«Ë¾ÒÑ´ÓVS CodeÀûÓÃÉ̵êÖÐÒÆ³ýÁËÕâ¿î䶨ÃûµÄľÂíÀ©´ó £¬²¢¶ÔÊÜϰȾÉ豸½øÐÐÁ˸ôÀë±£»¤¡£GitHub°µÊ¾ £¬ÔÚ¼ì²âµ½Ô±¹¤É豸ÔâÈëÇÖÊÂÎñºó £¬µ±¼´ÒƳýÁ˶ñÒâÀ©´ó°æ±¾¡¢¸ôÀëÖն˲¢Æô¶¯ÊÂÎñÏìÓ¦¡£Ä¿Ç°µÄÆÀ¹ÀÒÔΪ £¬Õâ´Î»î¶¯½öÉæ¼°GitHubÄÚ²¿´úÂë¿âµÄÊý¾Ýй¶ £¬¹¥»÷ÕßÐû³ÆÐ¹Â¶ÁËÔ¼3800¸ö´úÂë¿â £¬ÕâÓëµ÷²éÁ˾ִóÌåÎǺÏ¡£GitHubͬʱǿµ÷ £¬Ã»ÓÐÖ¤¾ÝÅú×¢´æ´¢ÔÚÊÜÓ°Ïì´æ´¢¿âÖ®±íµÄ¿Í»§Êý¾ÝÊܵ½ÁËÓ°Ïì¡£¹ÌÈ»GitHubÉÐ佫Õâ´Îй¶ÊÂÎñ¹é×ïÓÚ¾ßÌå×éÖ¯ £¬µ«TeamPCPºÚ¿Í×éÖ¯´ËǰÔÚBreachedÍøÂç·¸×ïÂÛÌÓð»¯ù³Æ»ñµÃÁËGitHubÔ´´úÂëºÍ¡°Ô¼4000¸ö˽ÓдúÂë¿â¡±µÄ½Ó¼ûȨÏÞ £¬²¢ÒªÇóÖÁÉÙ5ÍòÃÀÔªÅâ³¥±»µÁÊý¾Ý¡£¸Ã×éÖ¯°µÊ¾²¢²»ÔÚºõڲƭGitHub £¬Ö»µ«Ô¸ÕÒµ½Âò¼Ò £¬²»È»½«Ãâ·Ñй¶Êý¾Ý¡£


https://www.bleepingcomputer.com/news/security/github-confirms-breach-of-3-800-repos-via-malicious-vscode-extension/


5. Dify AIÆ½Ì¨ÆØÑϳÁ·ì϶£ºµã»÷Á´½Ó¼´¿ÉµÁÈ¡ÕË»§


5ÔÂ20ÈÕ £¬DifyÊÇÒ»¸ö¹ãÊÜÓ­½ÓµÄµÍ´úÂëAIÀûÓÿª·¢Æ½Ì¨ £¬ÔÚGitHubÉÏÕ¼Óг¬¹ý14.2Íò¿ÅÐÇ £¬ÆäDockerÈÝÆ÷Òѱ»À­È¡³¬¹ý1000Íò´Î¡£È»¶ø £¬Imperva×êÑÐÈËÔ±·¢ÏÖ¸ÃÆ½Ì¨´æÔÚÑϳÁ°²È«·ì϶ £¬¹¥»÷ÕßÖ»ÐèÓÕʹÊܺ¦Õßµã»÷Ò»¸öÁ´½Ó¼´¿ÉÆëÈ«ÊÕÊÜÕË»§¡£ImpervaÖÒ¸æ³Æ £¬AI¹¤¾ß¾ºÏàÔö³¤ÐÂÖ°ÄÜÈ´ºöÊÓÁ˰²È«ÐÔ¡£×êÑÐÈËÔ±·¢ÏÖÁËÁ½¸öÑϳÁ·ì϶²¢ÕƹÜÈεØÓèÒÔÅû¶ £¬µ«DifyʼÖÕûÓлØÓ¦ £¬¼¸¸öÔºó·ì϶±»ÍµÍµ½¨¸´¡£µÚÒ»¸ö·ì϶¼«Ò×ÀûÓõ«·çÏÕ¼«´ó £¬Ó°ÏìDifyµÄÎļþÉÏ´«´¦Öá£Dify¹«¿ª´æ´¢ËùÓÐÎļþ £¬ÎÞÐèÉí·ÝÑéÖ¤ £¬URLģʽ¿ÉÔ¤²âÇÒûÓнӼû½ÚÔì¡£¹¥»÷Õ߿ɴ´½¨ÁÙʹØËºÅÉÏ´«¶ñÒâÎļþ £¬¸ü¸ÄÁ´½Óºó·¢Ë͸øÊܺ¦Õß¡£µ±ä¯ÀÀÆ÷äÖȾÀ´×ÔÊÜÐÅÀµÆðÔ´µÄSVGÎļþʱ £¬Ç¶ÈëµÄ¾ç±¾¿ÉÆëÈ«½Ó¼û¸ÃÆðÔ´µÄ»á»°¸ßµÍÎÄ £¬Ô̺¬cookie¡¢±¾µØ´æ´¢ºÍAPIŲÓà £¬Ö»ÐèÒ»´Îµã»÷¼´¿Éµ¼ÖÂÕË»§±»µÁ¡£µÚ¶þ¸ö·ì϶Êǹ²Ïí»·¾³ÖÐ×â»§¸ôÀë²»¼° £¬Dify½«Óû§µÄÀûÓ÷¨Ê½Ë½ÓÐÔ´´úÂë¶³ö¸øÍ³Ò»Æ½Ì¨µÄÆäËûÓû§¡£Ö»¹ÜDifyµÄɳÏäÖ¼ÔÚ¸ôÀë´úÂë £¬µ«PythonÖ´Ðй²ÏíÎļþϵͳµØÎ»²¢ÔÚÒ»ÑùÓ²±àÂëϵͳÉí·ÝÏÂÔËÐÐ £¬¹¥»÷Õ߿ɴӹ²Ïí/tmpÎļþ¼Ð»ñÈ¡ÆäËûÓû§µÄ¾ç±¾¡£


https://cybernews.com/security/dify-critical-vulnerabilities-disclosed/


6. LinuxÏÖ¡°PinTheft¡±ÌáȨ·ì϶ £¬Arch Linux·çÏÕ×î¸ß


5ÔÂ20ÈÕ £¬½üÈÕ £¬Ò»¸öÒѽ¨¸´µÄLinuxȨÏÞÌáÉý·ì϶±»Åû¶Á˹«¿ª¿ÉÓõĸÅÏëÑéÖ¤£¨PoC£©·ì϶ÀûÓ÷¨Ê½ £¬ÔÊÐí±¾µØ¹¥»÷ÕßÔÚÌØ¶¨LinuxϵͳÉÏ»ñµÃrootȨÏÞ¡£¸Ã·ì϶±»V12°²È«ÍŶӶ¨ÃûΪPinTheft £¬Ä¿Ç°ÈÔÔÚÆÚ´ý·ÖÅäCVE±àºÅ £¬Ëü´æÔÚÓÚLinuxÄں˵ÄRDS£¨¿¿µÃסÊý¾Ý±¨Ì×½Ó×Ö£©ÖÐ £¬ÒÑÓÚ±¾Ô³õµÃµ½½¨¸´¡£V12ÍŶÓÚ¹ÊͳÆ £¬PinTheftÊÇÒ»¸öÀûÓÃRDSÁ㿽±´Ë«³Á¿ªÊÍ·ì϶µÄ±¾µØÌáȨ·ì϶ £¬Í¨¹ýio_uring¹Ì¶¨»º³åÇø½«Æäת»¯ÎªÒ³Ã滺´æ¸²¸Ç¡£V12»¹°ä²¼ÁËÒ»¸öPoC·ì϶ÀûÓ÷¨Ê½ £¬¸Ã·¨Ê½»áÇÔÈ¡FOLL_PINÒýÓà £¬Ö±µ½io_uring³ÖÓб»ÇÔÈ¡µÄÒ³ÃæÖ¸Õë £¬´Ó¶ø»ñµÃroot shell¡£È»¶ø £¬PinTheftµÄ³É¹¦ÀûÓñØÒªÌض¨Ç°Ì᣺ÔÚÖ¸±êϵͳÉϼÓÔØRDSÄ £¿é¡¢ÆôÓÃio_uring Linux I/O API¡¢´æÔڿɶÁµÄSUID-root¶þ½øÔìÎļþÒÔ¼°¶Ôx86_64¼Ü¹¹µÄÖ§³Ö¡£ÕâЩǰÌá´ó´óËõÓ×Á˹¥»÷Ãæ¡£V12Ö¸³ö £¬ÔÚ×î³£¼ûµÄLinux¿¯ÐаæÖÐ £¬RDSÄ £¿éĬÈϽöÔÚArch LinuxÉÏÆôÓà £¬ÕâÒâζ×ÅArch LinuxÓû§Ãæ¶ÔµÄ·çÏÕ×î´ó¡£


https://www.bleepingcomputer.com/news/linux/exploit-released-for-new-pintheft-arch-linux-root-escalation-flaw/