ºÚ¿ÍÂÛ̳½ÐÂôÄÍ¿ËÊý¾Ý£¬ÕæÊµÐÔÓëÆðÔ´´æÒÉ

°ä²¼¹¦·ò 2026-07-13
1. ºÚ¿ÍÂÛ̳½ÐÂôÄÍ¿ËÊý¾Ý£¬ÕæÊµÐÔÓëÆðÔ´´æÒÉ


7ÔÂ9ÈÕ£¬»î¶¯·þ×°¾ÞÍ·ÄͿ˽üÈÕÔٶȳʴ˿̺ڿÍÂÛ̳ÉÏ£¬Ò»ÃûÐÂÊÖÍþвÐÐΪÕß·¢ÌûÐû³ÆÏúÊÛÊý°ÙÍòÌõ¿Í»§¼Í¼£¬Ðû³ÆÇÔÈ¡ÁËÔ̺¬¿Í»§×¢²áÐÅÏ¢ºÍ¶©µ¥ÏêÇéÔÚÄÚµÄÊý¾Ý¼¯£¬Î´Ñ¹ËõÌå»ý´ï40GB£¬ÇÒ¾ùΪ2026ÄêÊý¾Ý£¬²»Ô̺¬º¹Çà¼Í¼¡£¹¥»÷ÕßÐû³Æ¡°Êý°ÙÍòÌõ¿Í»§Êý¾Ý±»ÇÔÈ¡¡±£¬²¢¹ÀËãÊý¾Ý¼ÛÖµ¸ß´ï°ËλÊý¡£È»¶ø£¬ÍøÂçÐÂÎÅ×êÑÐÈËÔ±ÔÚÉó²éÆä°ä²¼µÄÊý¾ÝÑù±¾ºó·¢ÏÖÖî¶àÒɵ㣺Ñù±¾ÄÚÈÝ»ìÂÒ£¬»ìºÏÁËJSONÎĵµÓëÀûÓ÷¨Ê½ÈÕÖ¾£¬ÇÒÉæ¼°Óû§Ó×ÎÒÉí·ÝÐÅÏ¢µÄ²¿ÃÅ´æÔÚ´óÁ¿³Á¸´¼Í¼£¬Ê¹µÃÏÖʵÔ̺¬¼¸¶à¶ÀÁ¢¿Í»§Êý¾ÝÄÑÒÔÅж¨¡£¸ü¹Ø¼üµÄÊÇ£¬Êý¾ÝÖÐÄÍ¿ËÖØÒª³Ê´Ë¿ÌÀûÓ÷¨Ê½Àà±ðºÅ³ÆÖУ¬¶ø·ÇÖ±½Ó¹ØÁª¸Ã¹«Ë¾µÄ×ֶΣ¬ÈÕÖ¾·ÖÎöÅú×¢Êý¾ÝºÜ¿ÉÄÜͨ¹ýAmazon Simple Queue Service£¨SQS£©´ÓÔËÐÐÓÚAWSÉϵÄÀûÓ÷¨Ê½ÍøÂç¶øÀ´¡£×êÑÐÈËÔ±¾Ý´Ë´§¶È£¬Õâ´Îй¶Êý¾Ý¸ü¿ÉÄÜÆðÔ´ÓÚÄͿ˵ĵÚÈý·½·þÎñÌṩÉÌ£¬¶ø·ÇÄÍ¿Ë×ÔÉíϵͳÔâÖ±½ÓÈëÇÖ¡£


https://cybernews.com/security/nike-customer-data-breach-claims/


2. RedHook¶ñÒâÈí¼þбäÖÖÎÞÏß½Ù³Ö°²×¿µ÷ÊÔȨÏÞ


7ÔÂ12ÈÕ£¬ÍøÂ簲ȫ¹«Ë¾Group-IBÅû¶£¬Android¶ñÒâÈí¼þRedHookµÄа汾ͨ¹ý´´Ð¼¿Á©ÀÄÓÃÎÞÏßADBµ÷ÊÔÖ°ÄÜ£¬ÎÞÐèÏνÓÍÆËã»ú¼´¿É»ñÈ¡shell¼¶±ðȨÏÞ¡£¹¥»÷¹Ø¼üÔÚÓÚ¶ÔAndroidÎÞÏßµ÷ÊÔ»úÔìµÄÆæÃîÀûÓá£RedHookÏÅ×ÕÆ­Óû§ÊÚÓ踨ÖúÖ°ÄÜȨÏÞ£¬Ëæºó×Ô¶¯°Ñ³ÖÉèÖÃÆôÓÿª·¢ÕßÑ¡ÏîºÍÎÞÏßµ÷ÊÔ£¬¼ìË÷ÆÁÄ»ÉÏÏÔʾµÄÅä¶ÔÂ룬ͨ¹ý»Ø»·½Ó¿ÚʵÏÖÓëÊÖ»úADB·þÎñµÄÅä¶Ô£¬´Ó¶ø»ñµÃshell£¨UID 2000£©È¨ÏÞ£¬Ô¶¸ßÓÚͨ³£ÀûÓõ«Î´´ïroot¼¶±ð£¬ÇÒÎÞÐèroot£¬¿ÉÓ°ÏìËùÓÐAndroidÉ豸¡£½Ó×Å£¬¶ñÒâÈí¼þ²¿Êð»ùÓÚShizukuµÄ¿ò¼Ü£¬ÒÔUID 2000ŲÓÃÌØÈ¨API£¬Ö´ÐÐshellºÅÁî¡¢ÊÚÓè×ÔÉíȨÏÞ¡¢Åú¸ÄϵͳÉèÖᢾ²Ä¬×°Öûòɾ³ýÀûÓᣵ±Ç°°æ±¾Ö§³Ö53ÌõÖ¸ÁÔ̺¬ÆÁÄ»´®Á÷¡¢·ÂÕÕÊÖÊÆ¡¢Éè±¸Ëø¶¨/½âËø¡¢ÀûÓÃÖÎÀí¡¢ÍøÂçÁªÏµÈ˶ÌÐÅ¡¢´´½¨ÐéαÑéÖ¤¶Ô»°¿ò¡¢Æô¶¯ÉãÏñÍ·¼°³ÁÆôÉ豸µÈ¡£Óƾû¯·½Ã棬RedHookÀûÓþ²ÒôÒôƵÌá¸ß¹ý³ÌÓÅÏȼ¶£¬Ê¹ÓÃWakeLocksÔ¤·ÀCPUÐÝÃߣ¬Ë«·þÎñÏ໥¼à¿Ø³ÁÆô£¬²¢ÉèÖÿ´ÃŹ·°´Ê±Æ÷¡¢¿ª»ú×ÔÆô¼°µ÷Õûoom_score_adjÖÁ-1000ÒÔ½µµÍ±»ÖÕÖ¹·çÏÕ¡£¸Ã¶ñÒâÈí¼þͨ¹ý¼ÙÒâµ±¾Ö»ò½ðÈÚ»ú¹¹£¬ÒÔ¶ÌÐź͵绰ÓÕµ¼Óû§½Ó¼û·ÂðGoogle PlayÍøÕ¾´«²¼¡£


https://www.bleepingcomputer.com/news/security/redhook-android-malware-now-uses-wireless-adb-for-shell-access/


3. CISA´¹Î£ÁÐÈëÁ½ÏîJoomlaÀ©´ó¸ßΣ·ì϶


7ÔÂ11ÈÕ£¬ÃÀ¹úÍøÂ簲ȫºÍ»ù´¡ÉèÊ©°²È«¾Ö£¨CISA£©½üÈÕ½«Á½¸öÓ°ÏìJoomlaÀ©´ó·¨Ê½µÄÑϳÁ·ì϶ÄÉÈëÆäÒÑÖª¿ÉÀûÓ÷ì϶£¨KEV£©Ä¿Â¼£¬ÒªÇóÁª¹ú»ú¹¹ÔÚ2026Äê7ÔÂ13ÈÕǰ´¹Î£½¨¸´¡£ÕâÁ½¸ö·ì϶±ðÀëΪCVE-2026-48939ºÍCVE-2026-56291£¬¾ùÉæ¼°²»ÊÜÏ޶ȵÄÎļþÉÏ´«ÀàÐÍÎÊÌ⣬ÇÒCVSSÆÀ·Ö¾ù´ïµ½×î¸ßµÄ10.0·Ö£¬Åú×¢Æä·çÏյȼ¶¼«ÎªÑϳÁ¡£CVE-2026-48939Ó°ÏìiCagenda£¬ÕâÊÇÒ»¸ö¿í·ºÊ¹ÓõÄJoomla¿ªÔ´»î¶¯ÖÎÀíÀ©´ó£¬ÓÃÓÚÔ®ÊÖÍøÕ¾ÖÎÀíÔ±ÔÚJoomlaƽ̨ÉÏ´´½¨¡¢×éÖ¯ºÍչʾ¸÷Àà»î¶¯£¬ÎÞÐè½øÐÐ×Ô½ç˵¿ª·¢¡£¸Ã·ì϶´æÔÚÓÚÎļþ¸½¼þÖ°ÄÜÖУ¬ÔÊÐí¹¥»÷ÕßÉÏ´«ËÁÒâÀàÐ͵ÄÎļþ£¬³ö¸ñÊǶñÒâµÄPHP¾ç±¾£¬×îÖÕʵÏÖ´úÂëÉÏ´«²¢ÔÚ·þÎñÆ÷ÉÏÖ´ÐУ¬´Ó¶øÆëÈ«½ÚÔìÊÜÓ°ÏìµÄÍøÕ¾¡£µÚ¶þ¸ö·ì϶CVE-2026-56291ÔòÉæ¼°Balbooa Forms£¬ÕâÊÇÒ»¿îÃæÏòJoomlaµÄóÒ×±íµ¥¹¹½¨Æ÷À©´ó£¬Ê¹ÖÎÀíÔ±ÎÞÐè±àд´úÂë¼´¿É¼±¾ç´´½¨¸ß¼¶Web±íµ¥¡£¸ÃȱµãÊôÓÚδ¾­Éí·ÝÑéÖ¤µÄËÁÒâÎļþÉÏ´«·ì϶£¬¹¥»÷ÕßÎÞÐèÈκεǼƾ֤¼´¿ÉÉÏ´«¿ÉÖ´ÐÐÎļþ£¬½ø¶øÊµÏÖÆëÈ«µÄÔ¶³Ì´úÂëÖ´ÐУ¨RCE£©£¬¶ÔÍøÕ¾Êý¾ÝºÍ·þÎñÆ÷°²È«×é³ÉÖ±½ÓÍþв¡£


https://securityaffairs.com/195164/security/u-s-cisa-adds-icagenda-and-balbooa-forms-flaws-to-its-known-exploited-vulnerabilities-catalog.html


4. U-BootÁù´ó¸ßΣ·ì϶²¨¼°´óÁ¿Ç¶ÈëʽÉ豸


7ÔÂ11ÈÕ£¬°²È«»ú¹¹BinarlyÅû¶ÁË¿ªÔ´Êèµ¼¼ÓÔØ·¨Ê½U-BootÖеÄÁù¸öÑϳÁ·ì϶£¬Ó°Ïì×Ô2013.07°æ±¾ÒÔÀ´µÄ³¬¹ý50¸ö¿¯Ðаæ£¬²¨¼°¼ÒÓ÷ÓÉÆ÷¡¢ÖÇÄÜÉãÏñÍ·¡¢·þÎñÆ÷ÖÎÀí½ÚÔìÆ÷¼°´óÁ¿Ç¶ÈëʽӲ¼þ¡£ÓÉÓÚU-BootÔÚ²Ù×÷ϵͳºÍ°²È«Èí¼þ֮ǰÔËÐУ¬¹¥»÷ÕßÔڴ˽׶ÎÖ²Èë¶ñÒâ´úÂ뽫³¹µ×·ÛËéºóÐøËùÓз¨Ê½µÄ¼ÓÔØÖ´ÐУ¬ÇÒ¼«ÄѼì²â¶Ï¸ù¡£ËùÓзì϶¾ùÔÚÑéÖ¤FIT¾µÏñʱ´¥·¢£¬FITÊÇU-Boot´ò°üÄںˡ¢É豸Ê÷µÈ×é¼þµÄ³ß¶ÈÌåʽ£¬Ô̺¬ÊðÃûÑéÖ¤»úÔì¡£ÆäÖÐÁ½¸ö·ì϶¿Éµ¼ÖÂËÁÒâ´úÂëÖ´ÐУ¬Ëĸö¿ÉÒý·¢»Ø¾ø·þÎñ¹¥»÷¡£·ÛËé¸Ã×é¼þ½«³¹µ×Íß½âÑéÖ¤Æô¶¯»úÔ죬´Ëǰͳһ´úÂëõè¾¶ÒÑÅû¶¹ý¶à¸öCVE·ì϶¡£Binarly±ç²µÁËÊèµ¼¼ÓÔØ·¨Ê½·ì϶ÐèÎïÀí½Ó´¥ÄÜÁ¦ÀûÓõĴ«Í³¸ÅÏ룬¹¥»÷ÕßÈô¿É½Ó¼ûÔ¶³ÌÖÎÀí½Ó¿Ú¼´¿ÉÈÆ¹ýÑé֤ˢÈë¶ñÒâ¾µÏñ¡£Áù¸ö²¹¶¡ÒÑͨ¹ýÉÏÓÎÉóºË²¢¹é²¢ÖÁÖ÷·ÖÖ§£¬½¨¸´Ô̺¬¿ÕÖµ²é³­¼°Éî¶È¼ÆÊýÆ÷ÏÞ¶È¡£É豸³§ÉÌÓ¦¾¡¿ì°ä²¼¸üУ¬BinarlyÒÑÌṩ¸ÅÏëÑéÖ¤¾µÏñºÍ¸´ÏÖ²½Öè¡£


https://securityaffairs.com/195150/security/critical-u-boot-bugs-undermine-secure-boot-on-millions-of-devices.html


5. GitHub APIÔâÀÄÓ㬹í»êÕË»§´ó¹æÄ£¿úËÅ


7ÔÂ11ÈÕ£¬Datadog°²È«ÍŶӽüÈÕÅû¶£¬ÍþвÐÐΪÕßÕýϵͳÐÔµØÀÄÓÃGitHub API£¬¶Ô×éÖ¯¡¢´æ´¢¿âºÍÓû§ÕË»§·¢Õ¹´ó¹æÄ£Ã¶¾Ù¿úËŻ¡£¸Ã»î¶¯ÒѳÖÐøÊýÔ£¬Éæ¼°¶à¸ö³ÁµþµÄ¹¥»÷²¨´Î£¬Æä»ù´¡ÉèÊ©ÒÀÀµÓÚÁ½µ½ÎåÄêǰע²á¡¢³Ö¾Ã´¦ÓÚÐÝÃß״̬µÄ¡°¹í»êÕË»§¡±£¬ÕâЩÕË»§ÔÚ½üÆÚ±»³Á줻îÓÃÓÚ·¢ËͶñÒâAPIÒªÇó¡£GitHub APIµÄ´ó²¿ÃÅÖ°ÄÜÎÞÐèÉí·ÝÑéÖ¤¼´¿É½Ó¼û£¬Ô̺¬Áгö×éÖ¯µÄ¹«¿ª²Ö¿â¡¢±éÀúÓû§µÄ¹Ø×¢Õߺ͹Ø×¢ÁÐ±í¡¢Ã¶¾Ùgist¡¢¼ÓÐDZêµÄ²Ö¿âºÍ×éÖ¯³ÉÔ±£¬ÒÔ¼°¶Ô¹«¹²¶ÔÏóÔËÐÐGraphQL²éÎʵȲÙ×÷£¬ËùÓÐÕâЩ³ÇÊзµ»ØÊý¾Ý²¢ÌìÉúHTTP 200ÏìÓ¦£¬²»»á·¢³öÈκÎÉí·ÝÑé֤ʧ°ÜÐźÅ¡£¹¥»÷ÕßÕýÊÇÀûÓÃÕâÒ»¸öÐÔ£¬½«¶ñÒâÒªÇó»ìºÏÔÚÕý³£Á÷Á¿ÖУ¬ÏµÍ³ÐÔµØÓ³ÉäÖ¸±ê×éÖ¯µÄ½á¹¹¡¢³ÉÔ±×é³É¼°Æä½Ó¼ûµÄÏîÄ¿£¬´Ó¶øÎªºóÐø¸üÉî¿ÌµÄÈëÇÖÍøÂç¹Ø¼üµý±¨¡£×Ô2025Äê10ÔÂÒÔÀ´£¬ÒÑÓг¬¹ý50¸ö¹í»êÕË»§²Î¼ÓÆäÖУ¬¹¥»÷ÖÜÆÚͨ³£³ÖÐø1ÖÁ3ÖÜ£¬Éæ¼°¶à¸ö×éÖ¯¡£ÕâЩÕË»§Ê¹ÓõÄÓû§´úÀíÃû³Æ¼Ù×°³ÉÊý¾Ýй¶·ÖÎö¹¤¾ß¡¢ÒDZíÅÌÈí¼þ»ò°²È«É¨ÃèÆ÷£¬ÒÔ½µµÍ±»·¢ÏֵĸÅÂÊ¡£ÒªÇóÀàÐÍÒÔGraphQLΪÖ÷£¬Í¬Ê±¸¨ÒÔREST·ÓÉŲÓá£


https://www.securityweek.com/ghost-accounts-abuse-github-api-in-mass-recon-campaign/


6. Zimbra¾­µä¿Í»§¶ËÆØXSS·ì϶£¬¶íºÚ¿ÍÔøÆµÈÔÀûÓÃ


7ÔÂ10ÈÕ£¬Zimbra°²È«ÍŶӽüÈÕ¶½´Ù¿Í»§´¹Î£½¨¸´Ò»¸öÓ°ÏìZimbra CollaborationÌ×¼þ¾­µäWeb¿Í»§¶Ë£¨Classic UI£©µÄÑϳÁ´æ´¢ÐÍ¿çÕ¾¾ç±¾£¨XSS£©·ì϶¡£Ä¿Ç°¸Ã·ì϶ÉÐδ·ÖÅäCVE±àºÅ£¬Ôö³¤ÁË×·×ÙÄѶÈ¡£¹¥»÷Õß¿Éͨ¹ý¾«ÐÄ»ú¹ØµÄµç×ÓÓʼþÀûÓô˷ì϶£¬ÔÚÊÕ¼þÈË´ò¿ªÓʼþʱִÐжñÒâ´úÂ룬´Ó¶øÇÔÈ¡»á»°Êý¾Ý¡¢ÕË»§ÉèÖü°ÓÊÏäÐÅÏ¢¡£ZimbraÒÑÓÚ±¾Öܶþ°ä²¼10.1.19°æ±¾½øÐн¨¸´£¬²¢Ã÷È·°µÊ¾¡°ËùÓÐʹÓþ­µäWeb¿Í»§¶ËµÄ¿Í»§¶¼Ó¦¾¡¿ìÉý¼¶¡±£¬ÓÉÓÚ¸ÃÎÊÌâ½öÓ°Ïì¾­µä½çÃæÓû§¡£¹ÌÈ»ZimbraδȷÈϸ÷ì϶Òѱ»ÔÚÒ°ÀûÓ㬵«·¢ÏÖ·½Îª¹È¸èÍþв·ÖÎöÓ××飬¸ÃÓ××éʱʱ´«µÝÓɹú¶ÈÖ§³ÖºÚ¿Í×éÖ¯Õë¶Ô¸ß·çÏÕÓ×ÎÒ£¨Ô̺¬·ñ¾öÅÉÕþÖμҡ¢Òì¼ûÈËÊ¿ºÍ¼ÇÕߣ©²¿ÊðµÄÁãÈÕ·ì϶£¬°µÊ¾´Ë·ì϶¿ÉÄÜÒÑÊܵ½¸ß¼¶ÍþвÐÐΪÕߵĹØ×¢¡£¶íÂÞ˹¹ú¶ÈÖ§³ÖµÄºÚ¿Í×éÖ¯½üÄêÀ´ÆµÈÔÀûÓÃZimbra·ì϶ÌáÒé¹¥»÷¡£°²È«×¨¼ÒÇ¿ÁÒ½¨ÒéËùÓÐʹÓþ­µäWeb¿Í»§¶ËµÄZimbraÓû§µ±¼´Éý¼¶ÖÁ10.1.19°æ±¾£¬ÒÔ·À±¸Ç±ÔڵĹú¶È¼¶ÍøÂç¹¥»÷ºÍÊý¾Ýй¶·çÏÕ¡£


https://www.bleepingcomputer.com/news/security/zimbra-urges-customers-to-patch-critical-web-client-xss-flaw/