¶ñÒâPyPI°ü¼Ù×°PoCÒÀÀµ£¬¶¨Ïò¹¥»÷×êÑÐÔ±
°ä²¼¹¦·ò 2026-07-037ÔÂ1ÈÕ£¬ÍøÂ簲ȫÁìÓòÔÙÆØÕë¶ÔÐÔ¹¥»÷»î¶¯£¬¶à¸öÍйÜÓÚGitHubµÄ¸ÅÏëÑéÖ¤£¨PoC£©·ì϶ÀûÓ÷¨Ê½±»Ö²ÈëºóÃÅ£¬×îÖÕ»áÏòÊܺ¦ÕßϵͳͶµÝÒ»¿îÃûΪChocoPoCµÄPythonÔ¶³Ì½Ó¼ûľÂí£¨RAT£©¡£¸ÃľÂí¾ß±¸ºÅÁîÖ´ÐÐÓëÃô¸ÐÊý¾ÝÇÔÈ¡ÄÜÁ¦£¬¹¥»÷·æÃ¢Ö±Ö¸ÍøÂ簲ȫ×êÑÐÈËÔ±¡¢ÉøÈë²âÊÔÈËÔ±¼°µÍ¼¼ÊõºÚ¿ÍȺÌå¡£¹ÌÈ»½«¶ñÒâ´úÂë¼Ù×°½øPoC·ì϶ÀûÓÃÎļþ²¢·ÇÐÂÏʼ¿Á©£¬µ«±¾´Î¹¥»÷µÄ¹ÖÒìÖ®´¦ÔÚÓÚ£º¶ñÒâÔØºÉ²¢Î´Ö±½ÓǶÈë·ì϶¾ç±¾£¬¶øÊDZ»ÆæÃî°µ²ØÔÚPoCÏîÖ÷ÕÅÒÀÀµÏîÁбíÖУ¬Í¨¹ýPython°üË÷Òý£¨PyPI£©Æ½Ì¨½øÐзַ¢£¬´Ó¶øÊ¹µÃ·ì϶ÀûÓôúÂë×ÔÉíά³Ö¡°¸É¾»¡±ÒÔ¶ã±Ü¾²Ì¬¼ì²â¡£ÍøÂ簲ȫ¹«Ë¾SekoiaÒÑÔÚGitHubÉϼø±ð³öÖÁÉÙÆß¸ö·Ö·¢ChocoPoCµÄPoC²Ö¿â£¬±ðÀëÕë¶ÔFortiWeb¡¢React2Shell¡¢MongoBleed¡¢PAN-OS¡¢Ivanti Sentry¡¢Check Point VPN¼°Joomla SP Page BuilderµÈÈȵã¸ßΣ·ì϶£¬ÆäÖÓ×°skytext¡±°üÔÚLinuxϵͳÉÏÀÛ¼ÆÏÂÔØÔ¼2400´Î£¬ÇÒÔÚijһ¸ßΣ·ì϶Åû¶ºóÏÂÔØÁ¿¼±¾çÅÊÉý£¬ÏÔʾ¹¥»÷ÕßÀûÓÃ×êÑÐÈËÔ±¼±ÓÚÑé֤зì϶µÄÉúÀí½øÐо«×¼ÓÕ²¶¡£
https://www.bleepingcomputer.com/news/security/new-chocopoc-malware-targets-researchers-via-trojanized-poc-exploits/
2. HSIN·þÎñÆ÷Ôâ¹¥»÷£¬DHSÆô¶¯´¹Î£µ÷²é
7ÔÂ1ÈÕ£¬ÃÀ¹úºÓɽ°²È«Êý£¨DHS£©½üÈÕ֤ʵ£¬ÆäÓÃÓÚÁª¹ú¡¢ÖÝ¡¢´¦Ëù¼°Ë½Óª²¿ÃźÏ×÷ͬ°é¼ä¹²ÏíÃô¸ÐÐÅÏ¢µÄÖ÷ÌâÆ½Ì¨ºÓɽ°²È«ÐÅÏ¢ÍøÂ磨HSIN£©Ôâ·êÁËÒ»Â·ÍøÂçÈëÇÖÊÂÎñ¡£¾ÝNextgov±¨Â·£¬Õâ´Î¹¥»÷ÓÉÒ»ÃûÉí·Ý²»Ã÷µÄÍþвÐÐΪÕßÓÚ½ñÄê5ÔÂÏÂÑ®ÖÁ6Ô³õÆÚ¼äÖ´ÐУ¬DHSÒÑÆô¶¯µ÷²é£¬µ«ÉÐ佫¹¥»÷¹é×ïÓÚÈκÎÌØ¶¨ÐÐΪÕß»ò±í¹úµ±¾Ö£¬ÏµÍ³ÖÐÊÇ·ñÓÐÎļþ±»µÁÒ಻Ã÷È·¡£ÖªÁµÈËʿй©£¬¹¥»÷ÕßÖØÒªÕë¶ÔHSIN·þÎñÆ÷¼°ÆäÅäÌ×µÄSharePointºÏ×÷ϵͳ£¬DHSµý±¨Óë·ÖÎö°ì¹«ÊÒÒѶÔ©³¨·¢Õ¹ËðʧÆÀ¹À¡£Õâ´ÎÊÂÎñÒý°ä·¢½ç¸ß¶È¹Ø×¢£¬ÓÉÓÚÃÀ¹úĿǰÕýÕÆ¹Ü¼à¶½ÔÚÈ«¹ú¶àµØ½øÐеÄÊÀ½ç±½ÇÖð°²È«ÊÂÎñ£¬NextgovÓÇÓô¸Ã·ì϶¿ÉÄܶ³ö°²È«´òËã¡¢»ú¹¹¼äе÷¼°Ó¦¼±ÏìÓ¦·¨Ê½µÈÃô¸ÐÄÚÈÝ¡£DHS½²»°ÈËÔÚÉêÃ÷ÖÐÈ·ÈÏÁË´ËÊÂÎñ£¬Í¬Ê±Ç¿µ÷»úÃÜϵͳδÊÜÓ°Ïì¡£DHSÔÚ·¢ÏÖ¹¥»÷ºóµ±¼´¸ôÀëÊÜÓ°ÏìµÄϵͳ¡¢»º½â·ì϶²¢Æô¶¯È«ÃæÈ¡Ö¤µ÷²é£¬Ä¿Ç°ÉÐÎÞ¼£ÏóÅú×¢»úÃÜÍøÂçÊÜËð£¬HSIN¶ÔºÏ×÷ͬ°éÈÔά³Ö¿ÉÓ㬵«Òòµ÷²éÈÔÔÚ½øÐÐÖУ¬ÔÝÎÞ·¨Åû¶¸ü¶à²Ù×÷ϸ½Ú¡£
https://www.bleepingcomputer.com/news/security/dhs-confirms-hackers-breached-hsin-info-sharing-platform/
3. Å·ÖÞ·ÀÎñ¾ÞÍ·IndraÔâGentlemenÀÕË÷Èí¼þ¹¥»÷
7ÔÂ1ÈÕ£¬Å·ÖÞ×î´óµÄ¹ú·À³Ð°üÉÌÖ®Ò»¡¢Î÷°àÑÀ¿ç¹ú¹«Ë¾Indra¼¯ÍŽüÆÚ³ÉΪÀÕË÷Èí¼þ×éÖ¯GentlemenµÄ¹¥»÷Ö¸±ê¡£¸ÃÍÅ»ïÓÚ6ÔÂ30ÈÕÔÚ°µÍøÐ¹ÃÜÍøÕ¾°ä²¼²¼¸æ£¬´ÍÓëIndra¼¯ÍÅ9Ì칦·ò½øÐйµÍ¨£¬²»È»½«¹«¿ª¾Ý³Æ±»µÁµÄÊý¾Ý¡£ÕâÊÇÀÕË÷Èí¼þÍÅ»ïʩѹÊܺ¦ÕßÖ§¸¶Êê½ðµÄ³£¼û¼¿Á©¡£½ØÖÁĿǰ£¬Éв»Ã÷ÏÔÕâ´ÎÒÉËÆÐ¹Â¶Éæ¼°ºÎÖÖÀàÐ͵ÄÊý¾Ý¡£Indra¼¯ÍÅÒÑ֤ʵÆäÒ»¼Ò×Ó¹«Ë¾Ôâ·êÀÕË÷Èí¼þ¹¥»÷£¬µ«Ç¿µ÷¹«Ë¾Òѵ±¼´Æô¶¯ÍÆËã»ú°²È«ÊÂÎñÏìÓ¦ÍŶӣ¬¶Ô¿ÉÄܱ»ÈëÇֵĻ·¾³½øÐзÖÎö¡¢ÑéÖ¤ºÍ°²È«Éó²é£¬²¢ÆÀ¹À¹¥»÷½öÏÞÓÚ²¿ÃÅÇøÓò£¬ÒÑÅųý¼¯ÍÅÆìÏÂÆäËû×Ó¹«Ë¾Êܲ¨¼°µÄ·çÏÕ¡£¹«Ë¾°µÊ¾µ÷²éÈÔÔÚ½øÐÐÖУ¬°²È«·¨Ê½ºÍ½ÚÔì´ëÊ©µÄÉó¼ÆÍ¬²½Íƶ¯¡£Õâ´ÎÕë¶ÔIndraµÄ¹¥»÷²»½öÍþвµ½ÆóÒµ×ÔÉíµÄÊý¾Ý°²È«£¬¸üÒòÆä±±Ô¼³Ð°üÉÌÉí·ÝºÍ¹Ø¼ü¹ú·ÀÒµÎñÐÔÖÊ£¬Òý·¢¶ÔÅ·ÖÞ·ÀÎñ¹©¸øÁ´°²È«¼°¹ú¶ÈÃô¸ÐÐÅϢй¶µÄ¿í·ºÓÇÓô¡£Ä¿Ç°ÊÂÎñÈÔÔÚµ÷²éÖУ¬IndraÄÜ·ñÔÚµ¹¼ÆÊ±ÊµÏÖǰ»¯½âΣ»ú¡¢Êý¾ÝÊÇ·ñÒѱ»±íй£¬¾ùÓдý½øÒ»²½¹Û²ì¡£
https://cybernews.com/security/indra-group-ransomware-attack-data-leak/
4. Alta MontclairÔÆ´æ´¢Ð¹Â¶21Íò·ÝÎļþ
7ÔÂ1ÈÕ£¬ÃÀ¹ú¼ÓÀû¸£ÄáÑÇÖÝÍËÐÝ´òËãÖÎÀí¹«Ë¾Alta Montclair½üÈÕÆØ³ö³Á´óÊý¾Ýй¶ÊÂÎñ£ºÒ»¸öÅäÖÃÃýÎóµÄÑÇÂíÑ·ÍøÂç·þÎñ£¨AWS£©Ôƴ洢Ͱ±»¹«¿ªÖÃÓÚ»¥ÁªÍøÉÏ£¬µ¼Ö´óÁ¿¿Í»§Ãô¸ÐÐÅϢ¶³ö¡£¾Ýµ÷²éÍŶӹÀ¼Æ£¬¸Ã´æ´¢Í°Ô̺¬¶à´ï219,000·ÝÎļþ£¬Éæ¼°¸Ã¹«Ë¾ÖÎÀíµÄ¶à¸öÍËÐÝ´òËã¼°½ðÈÚ·þÎñÌṩÉ̵ÄÓйØÎĵµ£¬ÊÜÓ°ÏìµÄ»ú¹¹Ô̺¬Áú½ðÈÚ·þÎñ¡¢PDL½ðÈÚ·þÎñ¡¢ÍËÐݽÌÓýͬ°é£¨REP£©¼°SPARK×êÑÐËùµÈ¡£Ð¹Â¶µÄÊý¾Ýº¸Ç¼«Îª¿í·ºµÄÓ×ÎÒÓë²ÆÕþÐÅÏ¢£¬Ô̺¬È«Ãû¡¢µ®ÉúÈÕÆÚ¡¢Éç»á°²È«ºÅÂë¡¢¼Òͥסַ¡¢ÁªÏµÐÅÏ¢¡¢ÏÖÈμ°Ç°ÈιÍÖ÷ÏêÇé¡¢ÍËÐÝ´òËãÎļþ¡¢²ÆÕþ¼Í¼¡¢Ë¾·¨Îļþ£¨º¬ÒÅÖö£©£¬²¿ÃżÍ¼ÉõÖÁÔ̺¬ÆëÈ«µÄÐÅÓþ¿¨ÐÅÏ¢¡£¸üÁîÈËÓÇÓôµÄÊÇ£¬´æ´¢Í°Öл¹Ð¹Â¶ÁËSPARK InstituteÓйصĹ«Ô¿ºÍ˽ԿPGPÃÜÔ¿¶Ô£¬Õâ¿ÉÄÜ·ÛËé¼ÓÃÜͨѶºÍÎļþ´«ÊäµÄ»úÃÜÐÔ¡£´Ë±í£¬Ó¶½ð¸ú×ÙÈÕÖ¾¡¢¿Í»§ÎĵµÄ£°å¡¢Óû§ÊֲᡢÄÚ²¿·þÎñÎĵµ¡¢´«Õæ¼Í¼£¨º¬¸ú×ÙºÅÂë¡¢ÊÕ¼þÈËÐÅÏ¢¡¢Ô±¹¤µç×ÓÓʼþ¼°µç»°ºÅÂ룩ÒÔ¼°ÍøÕ¾×ÊÔ´ÎļþµÈÄÚ²¿ÒµÎñ×ÊÁÏÒ²Ò»²¢Â¶³ö¡£Îļþ¹¦·ò¿ç¶È´Ó2014Ä깫˾³ÉÁ¢ÖÁ½ñ£¬µ«´æ´¢Í°¹«¿ª½Ó¼ûµÄ¾ßÌåʱ³¤Éв»Ã÷È·¡£
https://cybernews.com/security/alta-montclair-retirement-data-leak/
5. ShinyHuntersÈëÇÖÃÀ¶ØÁ¦ÖÂÊý¾Ýй¶
7ÔÂ2ÈÕ£¬È«ÇòÒ½ÁÆÆ÷е¾ÞÍ·ÃÀ¶ØÁ¦£¨Medtronic£©½üÈÕÏòÊÜÓ°Ïì¿Í»§·¢³ö֪ͨ£¬È·ÈÏÆä²¿·ÔìóÒµITϵͳÓÚ½ñÄê4ÔÂÔâµ½ºÚ¿Í¹¥»÷£¬µ¼Ö¿ͻ§Ó×ÎÒÊý¾Ý±»Î´¾ÊÚȨµÄµÚÈý·½»ñÈ¡¡£Õâ´Î¹¥»÷ÓɳÛÃûÊý¾ÝÀÕË÷×éÖ¯ShinyHuntersÐû³ÆÕƹܣ¬¸Ã×éÖ¯Ðû³Æ°ÑÎÕÁËÃÀ¶ØÁ¦Ô¼900ÍòÌõÔ̺¬Ó×ÎÒÉí·ÝÐÅÏ¢¼°ÄÚ²¿¹«Ë¾Êý¾ÝµÄ¼Í¼¡£Æ¾¾ÝÃÀ¶ØÁ¦Åû¶µÄµ÷²éÁ˾֣¬Òì³£»î¶¯²úÉúÓÚ2026Äê4ÔÂ13ÈÕÖÁ19ÈÕÆÚ¼ä£¬¹«Ë¾ÔÚ4ÔÂ15ÈÕ¾õ²ìºóµ±¼´½áºÏµÚÈý·½ÍøÂ簲ȫר¼Ò·¢Õ¹µ÷²é£¬ÒÔÈ·¶¨ÊÂÎñµÄÓ°ÏìÁìÓò¡£Ð¹Â¶µÄÊý¾ÝÀàÐÍ¿ÉÄÜÔ̺¬¿Í»§ÐÕÃû¡¢ÁªÏµÐÅÏ¢¡¢µ®ÉúÈÕÆÚ¡¢Éç»á°²È«ºÅÂë¼°½¡È«ÓйØÐÅÏ¢µÈ¸ß¶ÈÃô¸ÐµÄÓ×ÎÒ×ÊÁÏ¡£ShinyHunters×éÖ¯¹ß³£ÔÚÊê½ð½»ÉæÊ§°Üºó°ä²¼±»µÁÊý¾Ý£¬¸Ã×éÖ¯ÓÚ4ÔÂ18ÈÕ½«ÃÀ¶ØÁ¦ÁÐÈë°µÍøÀÕË÷ÃÅ»§ÍøÕ¾£¬²¢ÍþвÈôÔÚ4ÔÂ21ÈÕǰδÊÕµ½Êê½ð±ã½«¹«¿ª¾Ý³Æ³¬¹ý900Íò±Ê¼Í¼¡£È»¶ø£¬µ±ÔÂÍíЩʱ³½ÃÀ¶ØÁ¦µÄÌõ¿î´Ó¸Ã×éÖ¯µÄÊܺ¦ÕßÁбíÖÐÇÄȻɾ³ý¡£ÃÀ¶ØÁ¦ÔÚÏò¿Í»§·¢³öµÄ֪ͨÖÐÇ¿µ÷£¬±»µÁÊý¾Ý²¢Î´ÔÚÏÖÊµÍøÂçÖб»¹«¿ªÐ¹Â¶£¬µ«ÈÔ¶½´ÙÊÜÓ°ÏìÕßά³Ö¾¯Ì裬²¢ÎªÊÜÓ°Ïì¿Í»§ÌṩΪÆÚ24¸öÔµÄÐÅÓþ¼à¿ØºÍÉí·Ý͵ÇÔ±£»¤·þÎñ¡£
https://www.bleepingcomputer.com/news/security/medtronic-notifies-customers-impacted-by-shinyhunters-data-breach/
6. ˼¿ÆUnified CM¸ßΣ·ì϶ÔâÔÚÒ°ÀûÓÃ
7ÔÂ2ÈÕ£¬Ë¼¿Æ¹«Ë¾½üÈÕ֤ʵ£¬¹¥»÷ÕßÕý»ý¼«ÀûÓÃÆäͳһͨѶÖÎÀíÆ÷£¨Unified CM£©²úÆ·ÖеÄÒ»¸ö¸ßΣ·ì϶£¨CVE-2026-20230£©£¬¸Ã·ì϶ÒÑÓÚ6Ô³õ»ñµÃ½¨¸´¡£Unified CM×÷Ϊ˼¿ÆIPµç»°ÏµÍ³µÄÖ÷Ìâ½ÚÔìÆ½Ì¨£¬³Ðµ£×źô½Ð·ÓÉ¡¢É豸ÖÎÀíÓëµç»°Ö°Äܵ÷¶ÈµÈ¹Ø¼ü¹¤×÷¡£´Ë·ì϶ÔÊÐíδ¾ÊÚȨµÄÔ¶³Ì¹¥»÷Õßͨ¹ý»ú¹ØÌض¨µÄHTTPÒªÇó£¬ÒԽϵ͸´ÔÓ¶ÈÌáÒé·þÎñÆ÷¶ËÒªÇóαÔ죨SSRF£©¹¥»÷£¬´Ó¶øÍþвϵͳ°²È«¡£Ë¼¿ÆÓÚ6ÔÂ3ÈÕ°ä²¼°²È«²¹¶¡Ê±Ôø°µÊ¾£¬Æä²úÆ·°²È«ÊÂÎñÏìÓ¦ÍŶÓÒѰÑÎȵ½¸Ã·ì϶µÄ¸ÅÏëÑéÖ¤ÀûÓôúÂëÔÚ¹«¿ªÇþ·Á÷´«£¬µ«Æäʱ²¢Î´·¢ÏÖÏÖʵ¹¥»÷°¸Àý¡£È»¶ø£¬ÊÂ̬ÔÚËæºóÊýÖÜѸ¿ìÉý¼¶£º6ÔÂ22ÈÕ£¬Íþвµý±¨¹«Ë¾DefusedÅû¶¹¥»÷ÕßÒÑÆðÍ·ÀûÓø÷ì϶£¬Í¨¹ý¾«ÐÄ»ú¹ØµÄfile://ºÍ̸ÓÐÐ§ÔØºÉÔÚÖ¸±êÉ豸ÉÏ´´½¨¶ñÒâÎļþ£»´ÎÈÕ£¬SSD Secure°ä²¼¾ßÌå¼¼ÊõÎÄÕ²¢¹«¿ªÁ˸ÅÏëÑéÖ¤ÀûÓ÷¨Ê½£¬½øÒ»²½¼Ó¾çÁË·çÏÕ¡£Ö±µ½±¾ÖÜÈý£¬Ë¼¿Æ×îÖÕÈ·Èϸ÷ì϶ÒÑÔâÔÚÒ°»ý¼«ÀûÓ㬲¢ÔÚ°²È«²¼¸æ¸üÐÂÖж½´Ù¿Í»§µ±¼´²ÉÈ¡·À»¤´ëÊ©¡£
https://www.bleepingcomputer.com/news/security/cisco-finally-confirms-attackers-exploiting-unified-cm-flaw/


¾©¹«Íø°²±¸11010802024551ºÅ