iRhythmÔâÀÕË÷¹¥»÷ £¬³¬Ç§Íò»¼Õß½¡È«ÐÅϢй¶

°ä²¼¹¦·ò 2026-06-17
1. iRhythmÔâÀÕË÷¹¥»÷ £¬³¬Ç§Íò»¼Õß½¡È«ÐÅϢй¶


6ÔÂ16ÈÕ £¬ÃÀ¹úÊý×ÖÒ½Áƹ«Ë¾iRhythm HoldingsÓÚ½üÈÕÅû¶һ·³Á´óÊý¾Ýй¶ÊÂÎñ £¬ºÚ¿Íͨ¹ýÉç»á¹¤³Ì¼¿Á©¹¥ÆÆÁËÆäµÚÈý·½ÍйܵÄÒµÎñÀûÓ÷¨Ê½ £¬³É¹¦ÇÔÈ¡Ô̺¬»¼ÕßÊܱ£»¤½¡È«ÐÅÏ¢¡¢Ó×ÎÒÉí·ÝÐÅÏ¢¼°¹«Ë¾×¨º±¼û¾ÝÔÚÄÚµÄÃô¸Ð×ÊÁÏ¡£×÷Ϊһ¼ÒרһÓÚÐÄÔà¼à²â·þÎñµÄ³ÛÃûÆóÒµ £¬iRhythmµÄ¼¼ÊõÒÑÓÃÓÚ·ÖÎö³¬¹ý1200ÍòÃû»¼ÕßÀÛ¼ÆÓâ20ÒÚÓ×ʱµÄÐÄÌøÊý¾Ý £¬Õâ´Îй¶²¨¼°ÁìÓòÖ®¹ã £¬Òý·¢Òµ½ç¶ÔÒ½ÁÆÊý¾Ý°²È«µÄÉîÇÐÓÇÓô¡£Æ¾¾Ý¸Ã¹«Ë¾ÓÚ2026Äê6ÔÂ10ÈÕÏòÃÀ¹ú֤ȯÂòÂôίԱ»áÌá½»µÄÎļþ £¬ÊÂÎñ×îÔçÓÚǰһÌ죨6ÔÂ9ÈÕ£©±»·¢ÏÖ £¬µ±ÈÕ¹«Ë¾¼´ÊÕµ½ÍþвÐÐΪÕßµÄÀÕË÷Ðź¯ £¬¶Ô·½ÒÔ¹«¿ªÐ¹Â¶±»µÁÊý¾ÝΪÍþвË÷È¡Êê½ð¡£iRhythmÔÚÈ·Èϲ¿ÃÅÊý¾ÝÈ·ÒÑ´ÓÀûÓ÷¨Ê½Öбíйºó £¬Ñ¸¿ì½áºÏ±í²¿ÍøÂ簲ȫר¼Ò·¢Õ¹È¡Ö¤µ÷²é £¬²¢Æô¶¯Á˼ȶ¨µÄÍøÂ簲ȫÏìÓ¦´òËãÒÔ¶ôÔìÊÂ̬À©É¢¡£¼øÓÚDZÔÚÊÜÓ°ÏìµÄÊý¾ÝÁ¿¼«ÎªÖØ´ó £¬¸Ã¹«Ë¾ÓÚ6ÔÂ10ÈÕÕýʽÈ϶¨¸ÃÊÂÎñ×é³É¡°³Á´óÐÔÖÊ¡±µÄÍøÂ簲ȫ±äÂÒ¡£ÖµÍ×ÌùÐĵÄÊÇ £¬iRhythmÔÚÉêÃ÷ÖÐÇ¿µ÷ £¬Õâ´ÎÈëÇÖ²¢Î´²¨¼°¹«Ë¾µÄÖ÷Ìâ²úƷϵͳ¡¢ÁÙ´²»òÒ½ÁÆÉ豸»ù´¡ÉèÊ©¡¢»¼Õß°²È«ÓйØÏµÍ³¡¢Ôì×÷Óë·ÖÏúÔËÓªÁ´Ìõ £¬Ò²Î´Ó°Ïì²ÆÕþ»ã±¨ÏµÍ³ £¬Í¬Ê±¸Ã¹«Ë¾Ã÷È·°µÊ¾Æä²»´æ´¢»¼ÕßµÄÖ§¸¶¿¨»ò²ÆÕþÕË»§ÐÅÏ¢ £¬´Ó¶øÔڿ϶¨Ë®Æ½ÉÏ»º½âÁ˽ðÈÚڲƭ·çÏÕ¡£


https://www.bleepingcomputer.com/news/security/irhythm-discloses-data-breach-says-hackers-stole-patient-info/


2. ¿Â´ïÔâShinyHuntersÀÕË÷ £¬Íþвй¶220Íò±Ê¼Í¼


6ÔÂ15ÈÕ £¬½üÈÕ £¬Õ¼Óнü150Ä꺹ÇàµÄÃÀ¹ú³ÉÏñ¼¼Êõ¾ÞÍ·ÒÁÊ¿Âü¿Â´ï¹«Ë¾±»ÁÐÈë³ôÃûÔ¶ÑïµÄÀÕË÷×éÖ¯ShinyHuntersµÄÐ¹Â¶ÍøÕ¾ £¬²¢ÊÕµ½Ò»·Ý´ë´ÇÑϸñµÄ¡°×îºóÖҸ桱 £¬ÒªÇóÆäÔÚ2026Äê6ÔÂ18ÈÕǰ×Ô¶¯ÁªÏµ¸Ã×éÖ¯²¢Âú×ãÊê½ðÒªÇó £¬²»È»½«Ãæ¶ÔÃô¸ÐÊý¾Ý±»¹«¿ªÐ¹Â¶µÄ·çÏÕ¡£ShinyHuntersÔÚÍøÕ¾ÉÏÐû³ÆÒѳɹ¦ÇÔÈ¡¡°³¬¹ý220ÍòÌõÔ̺¬¿Í»§Ó×ÎÒÉí·ÝÐÅÏ¢ºÍÆäËûÄÚ²¿¹«Ë¾Êý¾ÝµÄ¼Í¼¡± £¬µ«½ØÖÁĿǰ £¬¸Ã×éÖ¯²¢Î´°ä²¼ÈκÎÑù±¾Êý¾Ý»ò¾ßÌåÖ¤¾ÝÀ´Ö§³ÖÆäÕâÒ»ÖØ´óÐû³Æ £¬¶ø¿Â´ï¹«Ë¾½üÆÚÒ²´ÓδÔÚ¹«¹²³¡ËùÈÏ¿ÉÔâ·êÈκÎÍøÂçÈëÇÖ¡£Õâ¼ÒÔøÒò½º¾íÎÅÃûÈ«Çò¡¢ºóÓÚ2012ÄêÉêÇëÆÆ²ú²¢¾­Àú³¹µ×³Á×éµÄ°ÙÄêÆóÒµ £¬Èç½ñÒÑתÐÍΪÒÔB2BΪÖ÷µÄ¿Æ¼¼Ôì×÷¹«Ë¾ £¬Ö÷ÌâÒµÎñº­¸ÇóÒ×ÊýÂëÓ¡Ë¢¡¢µçÓ°½ºÆ¬Ó뾲̬½ºÆ¬Ôì×÷¡¢ÔìÒ©¼°µç³ØÓÃÏȽø»¯Ñ§Æ·µÄ³ö²ú £¬ÒÔ¼°×ÔÓÐÆ·ÅÆÊÚȨµÈÁìÓò £¬Õâ´ÎÍ»ÈçÆäÀ´µÄÀÕË÷ÍþвÎÞÒɸøÆäתÐÍ֮·ÃÉÉÏÒ»²ãÒõÓ°¡ £Äܹ»Ô¤¸ÐµÄÊÇ £¬Èô¿Â´ï×îÖÕδÄÜÓëºÚ¿Í´ï³ÉÍ×Э £¬ÆäÖØ´óµÄ¿Í»§Êý¾Ý¿âÓëÄÚ²¿Ã³Ò×»úÃÜÒ»µ©±íй £¬²»½ö½«ÑϳÁÇÖÊ´Õâ¼ÒÀÏÅÆÆóÒµµÄ¹«ÐÅÁ¦ £¬»¹¿ÉÄÜÒý·¢¼à¹Ü³Á·£Ó뼯ÌåËßËÏ¡£


https://cybernews.com/security/shinyhunters-claims-kodak-hack-2-million-records/


3. CISA½«LiteSpeed cPanel²å¼þ¸ßΣ·ì϶ÁÐÈëKEVĿ¼


6ÔÂ16ÈÕ £¬ÃÀ¹úÍøÂ簲ȫºÍ»ù´¡ÉèÊ©°²È«¾Ö£¨CISA£©½üÈÕ½«Ò»ÏîÓ°ÏìLiteSpeed cPanel²å¼þµÄ¸ßΣ°²È«·ì϶ÁÐÈëÆä¡°ÒÑÖª±»ÀûÓ÷ì϶¡±£¨KEV£©Ä¿Â¼¡£¸Ã·ì϶±àºÅΪCVE-2026-54420 £¬CVSSÆÀ·ÖΪ8.5 £¬ÊôÓÚ¸ßΣ¼¶±ð¡£Æ¾¾ÝÒªÇó £¬ÃÀ¹úÁª¹úÃñÊÂÐÐÕþ²¿ÃÅ£¨FCEB£©»ú¹¹±ØÐëÔÚ2026Äê6ÔÂ18ÈÕǰʵÏÖ½¨¸´ £¬ÒÔ·À±¸Ç±ÔÚµÄÍøÂç¹¥»÷·çÏÕ¡£¸Ã·ì϶µÄ¼¼Êõ³ÉÒòÔÚÓÚLiteSpeed cPanel²å¼þ£¨2.4.8°æ±¾Ö®Ç°£©¶Ô·ûºÅÁ´½ÓµÄ´¦ÖôæÔÚȱµã¡£¾ßÌå¶øÑÔ £¬µ±·þÎñÆ÷ÔËÐÐCloudLinux»òCageFSÕâÀ๲ÏíÍйܻ·¾³Ê± £¬Õ¼ÓÐFTP»òWeb Shell½Ó¼ûȨÏÞµÄÓû§Äܹ»ÀûÓô˷ì϶ £¬Í¨¹ý´´½¨¶ñÒâ·ûºÅÁ´½ÓÀ´Í»ÆÆCageFSµÄ¸ôÀë»úÔì £¬×îÖÕ½«È¨ÏÞÌáÉýÖÁϵͳµÚÒ»Á÷±ðrootȨÏÞ¡£³É¹¦ÀûÓô˷ì϶µÄ¹¥»÷ÕßÄܹ»ÆëÈ«½ÚÔìÖ¸±ê·þÎñÆ÷ £¬½Ó¼û¡¢´Û¸Ä»òÇÔȡͳһ·þÎñÆ÷ÉÏËùÓÐÆäËûÍйÜÍøÕ¾µÄÊý¾Ý¡£LiteSpeed¹Ù·½ÒÑÈ·Èϸ÷ì϶ÔÚ±»»ý¼«ÀûÓà £¬ÏÖʵ¹¥»÷»î¶¯×îÔç¿É×·ÒäÖÁ2026Äê5Ô¡£°²È«³§ÉÌNamecheapÓÚ2026Äê5ÔÂ31ÈÕÏòLiteSpeed»ã±¨ÁËÕâÒ»ÎÊÌâ¡£Õë¶ÔÕâÒ»½ôÆÈÍþв £¬LiteSpeed¹Ù·½ÌṩÁËÉý¼¶½¨¸´ºÍһʱ»º½âÁ½ÖÖÓ¦¶Ô¹æ»®¡£


https://thehackernews.com/2026/06/cisa-flags-litespeed-cpanel-plugin-flaw.html


4. JetBrains Marketplace¶ñÒâ²å¼þµÁÈ¡AI¿ª·¢ÕßÃÜÔ¿


6ÔÂ16ÈÕ £¬½üÈÕ £¬ÍøÂ簲ȫ¹«Ë¾Aikido SecurityÔÚJetBrains MarketplaceÉÏ·¢ÏÖÁËÒ»³¡ÓÐ×éÖ¯µÄ¶ñÒâÈí¼þ¹¥»÷»î¶¯ £¬ÖÁÉÙ15¸öIDE²å¼þ±»Ö²ÈëÇÔÃÜ´úÂë £¬×¨ÃŵÁÈ¡¿ª·¢Õß´æ´¢ÔÚ²å¼þÉèÖÃÖеÄAI·þÎñÉÌAPIÃÜÔ¿¡£ÕâЩ²å¼þ¼Ù×°³ÉAI±àÂ븱ÊÖ¡¢´úÂëÉó²é¹¤¾ßºÍGitʵÓ÷¨Ê½ £¬Ðû³Æ¼¯³ÉOpenAI¡¢DeepSeek¡¢SiliconFlowµÈÈȵãAI·þÎñ £¬×îÔçÓÚ2025Äê10Ô°䲼 £¬Ð²å¼þ³ÖÐø¸üÐÂÖÁ2026Äê6ÔÂ10ÈÕ £¬ÀÛ¼Æ×°ÖôÎÊý¿¿½ü7Íò´Î¡£¹¥»÷Õßͨ¹ýÆß¸ö·ÖÆçµÄ¹©¸øÉÌÕ˺Ű䲼ÕâЩ²å¼þ £¬ËùÓжñÒâ²å¼þ¾ù¹²Ïí¸ß¶ÈÀàËÆµÄµ×²ã´úÂë £¬ÆäÖ÷ÌâÐÐΪÊÇÔÚÓû§ÊäÈëAPIÃÜÔ¿²¢µã»÷¡°ÀûÓá±°´Å¥µÄ˲¼ä £¬Í¨¹ýδ¼ÓÃܵÄHTTPºÍ̸½«Í´´¦Ã÷ÎÄ·¢ËÍÖÁÓ²±àÂë·þÎñÆ÷µÄÖ¸¶¨½Ó¿Ú £¬µ¼ÖÂÃÜÔ¿ÔÚ´«Êä¹ý³ÌÖм«Ò×±»½Ø»ñ»òÖ±½ÓÂäÈë¹¥»÷ÕßÊÖÖС£¸üÁîÈ˾¯ÌèµÄÊÇ £¬²¿ÃŲå¼þ»¹Ìṩ¸¶·Ñ°æ±¾ £¬ÆäÔË×÷»úÔìÒì³ £¿ÉÒÉ £¬Óû§Ö§¸¶ÉÙÁ¿ÓöȺó £¬Ô¶³Ì·þÎñÆ÷»á×Ô¶¯Ïò¿Í»§¶Ë·¢»¹Ò»¸ö¿ÉÓõÄAI APIÃÜÔ¿ £¬¹©²å¼þÖ±½ÓŲÓá£Aikido×êÑÐÈËÔ±Ö¸³ö £¬ÈκκϷ¨µÄ·þÎñÔËÓªÉ̶¼²»»á½«²»ÊÜÏ޶ȵĸ¶·ÑAIÌṩÉÌÃÜÔ¿Ö±½Ó½»¸øÓû§ £¬´§Ä¦¹¥»÷ÕߺܿÉÄܽ«´ÓÃâÓöȻ§ÄÇÀïÇÔÈ¡À´µÄÍ´´¦³Áзַ¢ £¬×ªÂô¸ø¸¶ÓöȻ§ £¬´Ó¶ø¹¹½¨Ò»Ìõ·¸·¨Ä²ÀûµÄÐþÉ«²úÒµÁ´¡£


https://www.bleepingcomputer.com/news/security/malicious-jetbrains-marketplace-plugins-steal-ai-api-keys-from-developers/


5. RokarollaľÂí¼Ù×°ÈȵãÀûÓõÁÈ¡½ðÈÚÆ¾Ö¤


6ÔÂ16ÈÕ £¬Ò»ÖÖÃûΪRokarollaµÄÐÂÐÍAndroidÒøÐÐľÂíÔÚ»îÔ¾´«²¼ £¬Ëüͨ¹ý¼Ù×°³ÉGoogle Chrome»òTikTokÀûÓõĶñÒâÍøÕ¾ÓÕµ¼Óû§×°Öà £¬Æù½ñÒѾ߱¸¹¥»÷217¸öÒøÐкͼÓÃÜÇ®±ÒÀûÓ÷¨Ê½µÄÄÜÁ¦ £¬²¢Õ¼Óжà´ï137ÌõÔ¶³Ì½ÚÔìÖ¸Áî¡£Òƶ¯°²È«¹«Ë¾ZimperiumÅû¶ £¬¸Ã¶ñÒâÈí¼þÔÚ×°ÖÃʱ³äÈÎͶ·ÅÆ÷ £¬»á¼ÙðAndroid¹Ù·½·´¶ñÒâϵͳGoogle Play Protect £¬ÏòÓû§ÌṩװÖÃChrome»òTikTokµÄÑ¡Ïî £¬¶øÎÞÂÛÑ¡ÔñÄÄÒ»Ïî £¬×îÖÕÖ²ÈëµÄ¶¼ÊÇÔ̺¬Rokarolla¶ñÒâ´úÂëµÄÀûÓá£Ò»µ©Æô¶¯ £¬¸ÃľÂí»áµ±¼´ÒªÇó¸¨ÖúÖ°ÄÜ·þÎñȨÏÞ £¬Í¬Ê±Ë÷È¡½Ó¼û֪ͨ¡¢¶ÌÐźÍͨ»°µÄÃô¸ÐÊÚȨ £¬ÕâЩȨÏÞÊǺóÐøÖ´Ðи߽׽ÚÔìÓëڲƭµÄ¹Ø¼üǰÌá¡£Ëæºó £¬RokarollaÓëºÅÁîÓë½ÚÔì·þÎñÆ÷³ÉÁ¢Í¨Ñ¶ £¬Êײ½·¢ËÍÔ̺¬ÊÖ»úÐͺš¢Android°æ±¾¡¢Ëµ»°ÇøÓò¡¢ÏÔʾ²ÎÊý¡¢µç³ØµçÁ¿¡¢´æ´¢ÈÝÁ¿¼°¿ÉÓÃRAMµÈÏ꾡µÄÉ豸ÅäÖÃÎļþ £¬·þÎñÆ÷¾Ý´ËΪÿÃûÊܺ¦ÕßÌìÉúΨһ±êʶ·û £¬ÒÔʵÏÖ¾«×¼²Ù¿Ø¡£¸ÃľÂíµÄÖ÷ÌâÖ¸±êÊÇÇÔÈ¡²ÆÕþÐÅÏ¢¡£Ëü»á½«ÊÜϰȾÉ豸ÓëÄÚÖõÄ217¸öÖ¸±êÀûÓÃÁбíÖðÒ»±È¶Ô £¬Ò»µ©·¢ÏÔì¥Åä £¬±ã´Ó·þÎñÆ÷ÏÂÔØÕë¶Ô¸ÃÀûÓõĴ¹µö¹¥»÷ÔØºÉ¡£µ±Êܺ¦ÕßÕý³£´ò¿ªÖ¸±êÀûÓÃʱ £¬Rokarolla»áʵʱ¸²¸ÇÒ»¸öαÔìµÄµÇ¼½çÃæ £¬ÓÕÆ­Óû§ÊäÈëÕË»§Ãû¡¢ÃÜÂë¡¢ÐÅÓþ¿¨ºÅ¼°ÆäËûÃô¸Ð²ÆÕþÊý¾Ý¡£


https://www.bleepingcomputer.com/news/security/new-rokarolla-android-malware-targets-217-banking-crypto-apps/


6. Steam´´Ò⹤·»±ÚÖ½°ü°µ²Ø¶ñÒâÈí¼þ


6ÔÂ16ÈÕ £¬·¸·¨·Ö×ÓÕý´ó¹æÄ£ÀÄÓÃValveÆìϵÄSteam´´Ò⹤·» £¬Õâ¸ö±¾ÓÃÓÚ·ÖÏíÓÎÏ·Ä£×é¡¢µØÍ¼¡¢Æ¤·ôµÅ×û§ÌìÉúÄÚÈݵÄÉçÇøÖÐÐÄ £¬½«¶ñÒâÈí¼þ¼Ù×°³É±ÚÖ½°üÏòÍæ¼ÒÍÆËÍ¡£ÍøÂ簲ȫ¹«Ë¾¿¨°Í˹»ù°ä²¼»ã±¨Åû¶ £¬¹¥»÷ÕßÀûÓÃSteamƽ̨Éϱ¸ÊÜÓ­½ÓµÄ¡°Wallpaper Engine¡±×ÀÃæ×Ô½ç˵ÀûÓ÷¨Ê½ £¬¸ÃÀûÓÃÕ¼Óнü°ÙÍòÌõÆÀÂÛ £¬Ö§³ÖËÄÖÖ±ÚÖ½ÀàÐÍ £¬ÆäÖÓ×°ÀûÓ÷¨Ê½±ÚÖ½¡±ÐÔÖÊÉÏÊÇ¿ÉÖ´ÐеÄWindows·¨Ê½ £¬¿ÉÔ̺¬ÓÎÏ·¡¢Ó×¹¤¾ß»òϵͳ¼à¿Ø¹¤¾ß £¬ÕâÒ»Éè¼ÆËäÍØÕ¹ÁËÖ°ÄÜÐÔ £¬È´Ò²ÄÚÖÃÁËÑϳÁµÄ°²È«·çÏÕ £¬Èç½ñÒѱ»ÍþвÐÐΪÕß¶ñÒâÀûÓá£×êÑÐÈËԱȷÈÏ £¬ÖÁÉÙ´Ó2025ËêĺÆð £¬¹¥»÷Õß±ãÆðÍ·ÏòSteam´´Ò⹤·»ÉÏ´«¼Ù×°³É±ÚÖ½µÄ¶ñÒâÎļþ £¬ÓÕÆ­Óû§Í¨¹ýWallpaper Engine×°Öà £¬¿¨°Í˹»ùÒÑ·¢ÏÖÊýÊ®¿î´ËÀà¶ñÒâÀûÓ÷¨Ê½±ÚÖ½ £¬Ã¿Ò»¿î¾ù±»ÏÂÔØÊýǧÉõÖÁÊýÍò´Î £¬ÀÛ¼ÆÊܺ¦¹æÄ£Ï൱¿É¹Û¡£ÕâЩ¶ñÒâ±ÚÖ½µÄͶµÝÊÖ·¨¶àÑù £¬ÓеĽ«¶ñÒâÈí¼þÖ±½Ó´ò°üÔÚ±ÚÖ½×°ÖðüÖÐ £¬ÓеÄÔò½«ÆäÖÃÓÚÊÜÃÜÂë±£»¤µÄѹËõÎļþÄÚ £¬ÓÕʹÓû§×Ô¶¯½âѹ²¢ÔËÐС£Ò»µ©Óû§×°ÖñÚÖ½ £¬ÓÐÐ§ÔØºÉ±ã»á×Ô¶¯Ö´ÐÐ £¬ºó¶ÜѸ¿ì·¢Õ¹ÈëÇÖ¡£×êÑÐÈËÔ±»¹·¢ÏÖ¶àÆðÉæ¼°LummaºÍVidarÐÅÏ¢ÇÔÈ¡·¨Ê½¡¢¼ÓÃÜÇ®±ÒÍÚ¿óľÂí¡¢½©Ê¬ÍøÂç¼ÓÔØ·¨Ê½¡¢RanEngineÀÕË÷Èí¼þµÈÆäËû¶ñÒâ¼Ò×åµÄ¹¥»÷°¸Àý £¬Åú×¢ÕâÒ»·ì϶Òѱ»¶à¸ö·ÖÆçµÄ¹¥»÷ÍÅ»ïͬʱÀÄÓá£


https://www.bleepingcomputer.com/news/security/steam-workshop-abused-to-spread-malware-via-wallpaper-engine-app/