±í½»²¿Æ¾Ö¤ÔâÇÔÂô£¬Fortibleed¶¢ÉÏFortinet
°ä²¼¹¦·ò 2026-07-081. ±í½»²¿Æ¾Ö¤ÔâÇÔÂô£¬Fortibleed¶¢ÉÏFortinet
7ÔÂ6ÈÕ£¬Ò»³¡ÃûΪFortibleedµÄÈ«ÇòÐÔÆ¾Ö¤ÇÔÈ¡»î¶¯ÔÚ°µÍøÉÏÏÆÆð²¨À½¡£¾ÝÅû¶£¬¹¥»÷Õßͨ¹ý»ØÊÕÀûÓôËǰй¶µÄµÇ¼ƾ֤£¬¶ÔÃæÏò»¥ÁªÍøµÄFortinet·À»ðǽºÍVPNÍø¹ØÌáÒé×Ô¶¯»¯µÄ±©Á¦ÆÆ½â¹¥»÷£¬ÒÑ´ÓÈ«Çò194¸ö¹ú¶ÈºÍµØÓòµÄ×éÖ¯ÖÐÍøÂçÁ˳¬¹ý3Íò×é¾¹ýÑéÖ¤µÄÓû§ÃûºÍÃÜÂ룬²¢¾Ý´Ë³ÉÁ¢ÁËÒ»¸öÖØ´óµÄ·¸·¨Êý¾Ý¿â¡£ÁîÈ˾¯ÌèµÄÊÇ£¬Ó¢¹ú±í½»²¿£¨FCDO£©¼°¶à¸ö´¦ËùÒé»áµÄÌØÈ¨Æ¾Ö¤ºÕÈ»ÔÚÁУ¬Ò»Ãû»¯ÃûΪ¡°SantaAd¡±µÄÍþвÐÐΪÕßÔÚ°µÍø¶µÏúÕâÅú±»µÁƾ֤£¬Òª¼Û¸ß´ï6ÍòÃÀÔª£¨Ô¼ºÏ4.4ÍòÓ¢°÷£©¡£×êÑÐÈËÔ±ÔÚй¶µÄÊý¾Ý¼¯ÖÐÃ÷È·¼ø±ð³öÓ¢¹úµ±¾Ö¡¢±í½»¼°Áª¹ú·¢Õ¹ÊÂÎñ²¿ÒÔ¼°´¦Ëùµ±¾ÖµÄÕË»§ÐÅÏ¢£¬ÊÜÓ°ÏìµÄ»ú¹¹Ô̺¬Ó¢¹úפ̩¹úºÍëÀïÇó˹´óʹ¹ÝµÄITÈËÔ±£¬ÒÔ¼°µÂ±È¿¤ºÍÎÖ¶ûɪķ´ÔÁÖÒé»áµÄÔ±¹¤¡£´Ë±í£¬ÄÜÔ´¹«Ë¾¡¢Ó¢¹ú¹ú¶ÈÒ½ÁÆ·þÎñϵͳ£¨NHS£©»ú¹¹¡¢Ò©·¿ºÍÒ©Æ·¹©¸øÉÌµÄÆ¾Ö¤Ò²³Ê´Ë¿ÌÊý¾Ý¼¯ÖУ¬½øÒ»²½À©´óÁËÊÂÎñµÄÓ°ÏìÃæ¡£
https://cybernews.com/security/uk-foreign-office-fortibleed-attack-dark-web-logins/
2. °£ÉÕÜÔâÊý¾Ýй¶£¬35GBÔ´Âë±»ÇÔ
7ÔÂ7ÈÕ£¬IT·þÎñ¾ÞÍ·°£ÉÕܽüÈÕ֤ʵ£¬¹«Ë¾Ôâ·êÁËһ·°²È«Ð¹Â¶ÊÂÎñ£¬´ËǰÓÐÍþвÐÐΪÕßÐû³ÆÇÔÈ¡Á˸ù«Ë¾35GBµÄÔ´´úÂë¼°ÆäËûÊý¾Ý¡£°£ÉÕÜÔÚÉêÃ÷ÖаµÊ¾£¬¹«Ë¾ÒÑ֪ϤÕâÒ»¹ÂÁ¢ÊÂÎñ£¬²¢ÒÑ´ÓÔ´Í·½øÐÐÁ˽¨¸´£¬Ç¿µ÷¸ÃÊÂÎñδ¶Ô°£ÉÕܵÄÔËÓªºÍ·þÎñ½»¸¶Ôì³ÉÈκÎÓ°Ïì¡£°£ÉÕÜÊÇÒ»¼ÒÈ«ÇòÐÔµÄרҵ·þÎñ¹«Ë¾£¬ÎªÊÀ½ç¸÷µØµÄÆóÒµºÍµ±¾ÖÌṩÕ÷ѯ¡¢¼¼Êõ¡¢ÔÆ·þÎñ¡¢¹¤³Ì¼°ÍйܷþÎñ¡£Õâ´ÎÊÂÎñµÄ¹«¿ª»ØÓ¦£¬Ô´ÓÚÒ»Ãû´úºÅ¡°888¡±µÄÍþвÐÐΪÕßÔÚÍøÂç·¸×ïÂÛ̳ÉÏ·¢Ìû£¬Ðû³ÆÒÑÓÚ½ñÄê7ÔÂÇÔÈ¡Á˰£ÉÕܵÄÊý¾Ý²¢Õý½«ÆäÏúÊÛ¡£¸ÃÌû×ÓÃ÷ȷд·£¬Õâ´ÎÊý¾Ýй¶µ¼Ö³¬¹ý35GBµÄÔ´´úÂë±»µÁ¡£¾Ý¸ÃÍþвÐÐΪÕ߳ƣ¬Ð¹Â¶µÄÊý¾Ý²»½öÔ̺¬Ô´´úÂ룬»¹Ô̺¬RSAÃÜÔ¿¡¢SSHÃÜÔ¿¡¢AzureÓ×ÎÒ½Ó¼ûÁîÅÆ¡¢Azure´æ´¢½Ó¼ûÃÜÔ¿¼°ÅäÖÃÎļþµÈÃô¸ÐÐÅÏ¢¡£ÎªÖ¤Ã÷Æä˵·¨£¬¸ÃÐÐΪÕß»¹·ÖÏíÁËÒ»ÕŽØÍ¼£¬ÏÔʾÆäÔÚ¿Ë¡һ¸öÍйÜÓÚ°£ÉÕÜÓòÃûϵÄAzure DevOps²Ö¿â¡£
https://www.bleepingcomputer.com/news/security/accenture-confirms-breach-after-hacker-offers-stolen-data-for-sale/
3. Gitea·ìÏ¶ÆØ¹â£¬µ¥Æ¾Óû§Ãû¼´¿ÉÈëÇÖ
7ÔÂ7ÈÕ£¬°²È«×êÑÐÈËÔ±·¢ÏÖ£¬Gitea´úÂëÍÐ¹ÜÆ½Ì¨´æÔÚÒ»¸öÑϳÁ°²È«·ì϶£¨CVE-2026-20896£¬CVSSÆÀ·Ö9.8£©£¬¹¥»÷ÕßÖ»ÐèÌṩһ¸öÓÐЧÓû§Ãû£¬¼´¿ÉÈÆ¹ýÈÏÖ¤»úÔ죬½Ó¼û»¥ÁªÍøÉ϶³öµÄGiteaÊ·ý¡£¸Ã·ìÏ¶ÖØÒªÓ°ÏìGitea¹Ù·½Docker¾µÏñ1.26.3֮ǰµÄ°æ±¾¡£¾Ý·¢Ïָ÷ì϶µÄ×êÑÐÔ±Ali MustafaÚ¹ÊÍ£¬ÎÊÌâ±¾ÔÔÚÓÚÕâЩDocker¾µÏñµÄĬÈÏÉèÖÃÔÊÐíÀ´×ÔÈκÎÔ´IPµØÖ·µÄÏνӣ¬¶ø·ÇÇ¿ÔìÖ´Ðа×Ãûµ¥»úÔì¡£µ±Gitea²¿ÊðÔÚ´úÀí·þÎñÆ÷ºó·½ÇÒÆôÓÃÁË·´Ïò´úÀíÈÏÖ¤Ö°ÄÜʱ£¬±¾Ó¦Ö»ÐÅÀµ´úÀí·þÎñÆ÷ÉèÖõÄÈÏ֤ͷÐÅÏ¢¡£µ«ÓÉÓÚ¸Ãȱµã£¬ÈκοÉÄÜÖ±½Ó½Ó¼ûGiteaÈÝÆ÷HTTP¶Ë¿ÚµÄ¹ý³Ì¶¼Äܹ»ÔÚHTTPÍ·ÖÐÌîÈëÒ»¸öÒÑÖª»ò¿É²Â²âµÄÓÐЧÓû§Ãû£¬´Ó¶ø³É¹¦¼ÙÒâ¸ÃÓû§µÇ¼ϵͳ£¬ÈƹýÕý³£µÄÃÜÂëÑéÖ¤Á÷³Ì¡£¹¥»÷ÕßÓÈÆä»áÒÔÖÎÀíÔ¹ØË»§ÎªÖ¸±ê£¬Ò»µ©µÃÊÖ£¬±ã¿ÉÆëÈ«½ÚÔì¸ÃGiteaÊ·ý£¬½Ó¼ûºÍÅú¸ÄËùÓдúÂë²Ö¿â£¬²¢»ñÈ¡¿ª·¢ÈËԱʧÉ÷Ìá½»µÄAPIÃÜÔ¿¡¢Êý¾Ý¿âƾ֤¡¢²¿ÊðÁîÅÆµÈÃô¸Ð»úÃÜÐÅÏ¢£¬ÒÔ¼°CI/CDÅäÖúͲ¿ÊðÃÜÔ¿£¬ºó¹û¼«ÎªÑϳÁ¡£¾Ýй©£¬¸Ã·ì϶ÔÚ¹«¿ªÅû¶½ö13Ììºó£¬¾Í±»¼ì²âµ½ÔÚÒ°ÀûÓó¢ÊÔ¡£
https://www.securityweek.com/critical-gitea-flaw-under-active-exploitation-researchers-warn/
4. LinuxÄÚºËÏÖ¸ßΣ·ì϶£¬¿ÉÖÂÐé¹¹»úÌÓÒÝ
7ÔÂ7ÈÕ£¬°²È«×êÑÐÈËÔ±½üÈÕÅû¶ÁËÒ»¸öз¢ÏÖµÄLinuxÄں˸ßΣ·ì϶£¬¸Ã·ì϶¿É±»¹¥»÷ÕßÀûÓ㬴ÓÐé¹¹»úÄÚ²¿ÌÓÒÝÖÁËÞÖ÷»ú£¬²¢ÔÚËÞÖ÷»úÉÏÖ´ÐÐËÁÒâ´úÂë¡£¸Ã·ì϶±àºÅΪCVE-2026-53359£¬±»¶¨ÃûΪ¡°Januscape¡±£¬Ó°Ïì»ùÓÚLinuxÄں˵ÄÐé¹¹»ú£¨KVM£©Ðé¹¹»¯Æ½Ì¨ÖеÄÓ°×ÓMMU´úÂë¡£¸Ã·ì϶¶ÔÔËÐв»³ÉÐſͻ§»úÇÒÖ§³ÖǶÌ×Ðé¹¹»¯µÄ¶à×â»§x86¹«ÓÐÔÆ×é³ÉÑϳÁÍþв£¬ÖµÍ×ÌùÐĵÄÊÇ£¬ÕâÊÇÊ׸ö¿ÉͬʱÔÚIntelºÍAMD¼Ü¹¹ÉÏ´¥·¢µÄKVMÌÓÒÝ·ì϶¡£¸Ã·ì϶Óɰ²È«×êÑÐÔ±Hyunwoo Kim·¢ÏÖ£¬²¢ÔÚGoogleµÄkvmCTF·ì϶Éͽð´òËãÖÐÒÔÁãÈÕ·ì϶´ó¾Ö½øÐÐÁËÑÝʾ£¬¸Ã´òËãΪÆëÈ«µÄÐé¹¹»úÌÓÒÝ·ì϶Ìṩ¸ß´ï25ÍòÃÀÔªµÄ¼Î½±¡£ÁîÈËÕ𾪵ÄÊÇ£¬CVE-2026-53359ÔÚLinuxÄÚºËÖÐÂñ·üÁ˳¤´ï16ÄêÖ®¾Ã£¬Ö±ÖÁ½ñÄê6ÔÂ19ÈÕ£¬Ö÷ÏßÄں˲Åͨ¹ý¹é²¢Ìá½»81ccda30b4e8¶ÔÆä½øÐÐÁ˽¨¸´¡£¼øÓڸ÷ì϶ӰÏì¿í·ºÇÒ·çÏÕ¼«´ó£¬ËùÓÐʹÓÃKVMÐé¹¹»¯¼¼ÊõµÄÔÆ·þÎñÌṩÉ̺ÍϵͳÖÎÀíÔ±¸Ãµ±¼´¸üÐÂÄÚºËÖÁ°²È«°æ±¾£¬²¢²é³ÏµÍ³ÈÕÖ¾ÅŲéÒì³£ÐÐΪ£¬ÒÔ·À¹¥»÷ÕßÀûÓô˷ìÏ¶Í»ÆÆÐé¹¹»¯¸ôÀ룬µ¼ÖÂÖ÷Ìâ»ù´¡ÉèÊ©±»ÆëÈ«½ÚÔì¡£
https://www.securityweek.com/linux-kernel-vulnerability-allows-vm-escape-on-intel-and-amd-systems/
5. ÀÕË÷×éÖ¯Ðû³ÆÈëÇÖµÂÒâÖ¾ÒøÐУ¬°ä²¼Ô±¹¤Êý¾Ý
7ÔÂ7ÈÕ£¬ÀÕË÷Èí¼þ×éÖ¯Unsafe½üÈÕÐû³ÆÒѳɹ¦ÈëÇÖµÂÒâÖ¾ÒøÐеÄÄÚ²¿ÏµÍ³£¬²¢ÔÚÆä°µÍøÐ¹Â¶ÍøÕ¾Éϰ䲼ÁËÒÉËÆÔ±¹¤Êý¾Ý¿â¼Í¼×÷Ϊ֤¾Ý¡£¸Ã×éÖ¯½«Õâ¼ÒµÂ¹úÒøÐÐÒµ¾ÞÍ·ÁÐÈëÊܺ¦ÕßÃûµ¥£¬²¢°ä²¼ÁËÊý¾Ý¿âÌáÈ¡Îļþ£¬ÆäÖÐÔ̺¬ÖÕ¶ËÊä³öºÍºÅÁÒÔ¼°Å²ÓÃÃô¸ÐÔ±¹¤Êý¾ÝµÄÊý¾Ý¿â²éÎʽØÍ¼¡£ÕâЩ½ØÍ¼ÏÔʾÁËÔ±¹¤µç×ÓÓʼþµØÖ·¡¢ÃÜÂë¹þÏ£Öµ¡¢ÎïÀíµØÖ·¼°ÄÚ²¿Êý¾Ý¿â¼Í¼µÈÐÅÏ¢£¬°µÊ¾¹¥»÷Õß¿ÉÄÜÒÑÏÖʵ½Ó¼ûÁ˵ÂÒâÖ¾ÒøÐеÄÄÚ²¿ÏµÍ³¡£Ä¿Ç°ÉÐÎÞ·¨È·¶¨Õâ´Îй¶ÊÂÎñÊÇ·ñÉæ¼°¿Í»§Êý¾Ý¡£¼´±ãй¶ÁìÓò½öÏÞÓÚÔ±¹¤ÐÅÏ¢£¬·çÏÕÒÀÈ»²»ÈݺöÊÓ¡£±»µÁÊý¾Ý¿ÉÄܱ»ÓÃÓÚÕë¶ÔÔ±¹¤µÄ¾«×¼´¹µö¹¥»÷¡¢ÀëÏßÆÆ½âÃÜÂ룬»ò×÷Ϊ½øÒ»²½ÉøÈëÆóÒµµÄÌø°å£¬Ô®ÊÖ¹¥»÷Õß»æÔìÄÚ²¿ÍøÂç¼Ü¹¹²¢Ëø¶¨¸ßȨÏÞÓû§¡£UnsafeÀÕË÷Èí¼þѡȡ¡°ÀÕË÷Èí¼þ¼´·þÎñ¡±Ä£Ê½£¬¹ßÓÃË«³ÁÀÕË÷Õ½Êõ£¬¸ÃÍÅ»ïÀûÓÃÁãÈÕ·ìÏ¶ÈÆ¹ý·À»¤£¬Í¶·ÅGrandCrabºÍEmotetµÈ¶ñÒâÈí¼þ£¬²¢¼õÈõ°²È«½ÚÔìÒÔά³Ö½Ó¼û¡£
https://cybernews.com/security/deutsche-bank-ransomware-data-breach/
6. ÒÁÀʺڿÍ×éÖ¯Cavern ManticoreÃ͹¥ÒÔÉ«ÁÐ
7ÔÂ7ÈÕ£¬¾ÝCheck Point ResearchÅû¶£¬Ò»¸öÓëÒÁÀʵ±¾ÖÓйØÁªµÄÐÂÍþв×éÖ¯¡°Cavern Manticore¡±×Ô2026ËêÊ×ÒÔÀ´£¬³ÖÐø¶ÔÒÔÉ«Áе±¾ÐİIT×éÖ¯ÌáÒé¹¥»÷¡£¸Ã×éÖ¯ÓëÒÁÀʵý±¨ºÍ°²È«ÊýÆìϵÄMuddyWaterºÍLyceumÍÅ»ï´æÔÚ¼¼Êõ³Áµþ£¬ÆäÌØµãÊDz¿ÊðÁËÒ»Ì×´Ëǰδ¼Í¼µÄÄ£¿é»¯Ö¸»Ó½ÚÔ죨C2£©¿ò¼Ü¡£×êÑÐÈËÔ±Ö¸³ö£¬¸Ã×éÖ¯ÄÜÔÚÃÀ¾ü¡°Ê·Ê«¿ñÅÐж¯¡±ÆÚ¼ä³É¹¦ÈëÇÖÒÔÉ«Áйú·ÀÓëµ±²¿ÃÅÃÅ£¬ÏÔʾ³öÆä¼±¾çµÄÐж¯½ÚÅĺÍÑϽ÷µÄÖ¸±êÑ¡ÔñÄÜÁ¦¡£Cavern ManticoreµÄ³õʼÈëÇÖͨ³£Í¨¹ýÀÄÓúϷ¨Ô¶³Ì¼à¿ØºÍÖÎÀí£¨RMM£©Èí¼þʵÏÖ£¬½ø¶øÔÚÊܺ¦ÕßÍøÂçÄÚºáÏòÒÆ¶¯£¬²¢¼Ù×°³É¸üÐÂͶµÝ¶ñÒâÈí¼þ£»ÁíÒ»³£Óü¿Á©ÊÇÀûÓûùÓÚä¯ÀÀÆ÷µÄÔ¶³Ì×ÀÃæ¹¤¾ßÇÔÈ¡Êý¾Ý¡£ÆäÄ£¿é»¯C2¿ò¼ÜÝÓÈÆ¹²ÏíµÄ.NET»ù´¡¹¹½¨£¬ÓÉÁ½¸öÖ÷Ìâ×é¼þ×é³É£ºÒ»ÊÇÓÆ¾ÃÐÔºóÃÅ¡°Cavern´úÀí¡±£¬ÕƹÜÓëC2·þÎñÆ÷ͨѶ£¬Ñ¡È¡¶àÖÖ.NET±àÒëÌåʽÒÔÌӱܼì²â£»¶þÊÇ¡°CavernÄ£¿é¡±£¬×¨ÃÅÓÃÓÚ¿úËÅ¡¢Êý¾ÝÇÔÈ¡¡¢Ëí·ºÍºáÏòÒÆ¶¯µÈºóÉøÈ빤×÷£¬Ã¿¸öÄ£¿é¶ÀÁ¢±àÒ룬¿ÉÕë¶Ô·ÖÆçÊܺ¦Õß¶¨Ôì¹¥»÷¡£¸Ã¿ò¼Ü»¹Ñ¡È¡°´Ä£¿é¸ôÀë¼¼Êõ£¬¼´±ãijһ×é¼þ±»·¢ÏÖ£¬ÆäËûÄ£¿éÈÔά³ÖÒñ±Î£¬¼«´óÔö³¤ÁËȡ֤·ÖÎöÄѶȡ£
https://www.infosecurity-magazine.com/news/new-iran-hacking-group-targets/


¾©¹«Íø°²±¸11010802024551ºÅ