GitHubÏÖ200Óàµö¶ü¿â´«²¼Windows¶ñÒâÈí¼þ
°ä²¼¹¦·ò 2026-07-147ÔÂ10ÈÕ£¬¹©¸øÁ´°²È«¹«Ë¾SocketÅû¶£¬ÍþвÐÐΪÕß¹¹½¨ÁËÓÉ200¶à¸öGitHub´úÂë¿â×é³ÉµÄÍøÂ磬ÓÃÓÚ´«²¼Windows¶ñÒâÈí¼þ¡£ÕâÏîÃûΪ¡°ÄཬÓë¸ºÔØÐж¯¡±µÄ»î¶¯Éæ¼°190¸öÕË»§ÖеÄ222¸öµö¶ü²Ö¿â£¬Ö÷ÌâÊÇÒ»¸ö¼Ù×°³ÉDNSɨÃ蹤¾ß£¨»ùÓںϷ¨ÏîÄ¿dnsub£©µÄGoÄ£¿é£¬Ö¼ÔÚ´¥·¢ÆëȫϰȾÁ´¡£×Ô2026Äê1ÔÂ24ÈÕÒÔÀ´£¬¹¥»÷ÕßÒѰ䲼³¬1200¸öÈí¼þ°ü°æ±¾£¬ÆäÖÐÔ¼700¸öΪ¶ñÒâ°æ±¾¡£Òì³£µÄ°ä²¼ÆµÂÊÔ´ÓÚ¹¥»÷ÕßÀûÓÃGitHub Actions¹¤×÷Á÷·´¸´ÌìÉú´ø¹¦·ò´ÁµÄÌá½»ÒÔ¸²¸Ç¶ñÒâÐÔÖÊ¡£¸ÃÄ£¿éÔ̺¬µÄPowerShellºÅÁîÔÚÖ°ºÎɨÃèÂ߼ǰÔËÐУ¬ÀûÓôóÁ¿¿Õ¸ñ°µ²Ø×ÔÉí£¬»ñÈ¡µÄ¾ç±¾¿ÉÈÆ¹ýÖ´ÐÐÕ½ÊõÏÞ¶È£¬ÔÙ´Ó¹«¿ªÍ¶·Åµã»ñÈ¡¼ÓÃÜÓÐÐ§ÔØºÉ£¬¸ÃÔØºÉ³äÈνâÎöÆ÷¡¢ÏÂÔØÆ÷¡¢ÌáÈ¡Æ÷ºÍÆô¶¯Æ÷£¬½âÃÜURL¡¢¼ìË÷ÊÜÃÜÂë±£»¤µÄѹËõ°ü²¢Ö´ÐÐÆäÖÐÄÚÈÝ¡£¹¥»÷ÕßʹÓÃPastebin¡¢YouTube¡¢Telegram¡¢Google DocsµÈ¶à¸ö¹«¹²Æ½Ì¨ÍйܾµÏñ×ÊÁÏ£¬Ìá¸ß¹¥»÷µ¯ÐÔ¡£×îÖÕ²¿ÊðµÄÓÐÐ§ÔØºÉÔ̺¬AsyncRAT¡¢Quasar RAT¡¢RemcosÀàÔ¶¿ØÄ¾Âí¡¢VidarÐÅÏ¢ÇÔÈ¡·¨Ê½£¬ÒÔ¼°XMRig/BitMinerÃÅÂÞ±ÒÍÚ¿ó·¨Ê½¡£
https://www.securityweek.com/network-of-200-github-repositories-used-for-malware-infection/
2. LidlµÚÈý·½·þÎñÉÌÔâ¹¥»÷£¬¶à¹ú¿Í»§Êý¾Ýй¶
7ÔÂ10ÈÕ£¬ÕÛ¿Û³¬ÊоÞÍ·Lidl½üÈÕÏò±ÈÀûʱ¡¢µÂ¹úºÍºÉÀ¼µÄ¹Ë¿Í·¢³ö֪ͨ£¬·î¸æÆäÓ×ÎÒÐÅÏ¢ÒòµÚÈý·½·þÎñÌṩÉ̵ÄIT°²È«ÊÂÎñ¶øÔ⵽й¶¡£ÊÜÓ°Ïì¿Í»§ÒÑÊÕµ½µç×ÓÓʼþ£¬ÖÒ¸æËûÃǾ¯ÌèºóÐø¿ÉÄܳöÏÖµÄÍøÂç´¹µö¹¥»÷¡£Æ¾¾ÝLidl·¢Ë͵ÄÓʼþ×¢Ã÷£¬Ò»¼Òδ¾ßÃûµÄµÚÈý·½·þÎñÌṩÉÌÔâ·ê°²È«ÈëÇÖ£¬µ¼ÖÂÒ»ÃûÉí·Ý²»Ã÷µÄ¹¥»÷Õß»ñÈ¡ÁËLidlÔÚÏßÉ̵êµÄ¾ßÌå¿Í»§ÐÅÏ¢¡£Ð¹Â¶µÄÊý¾Ý×Ö¶ÎÔ̺¬ÐÕÃû¡¢µç»°ºÅÂë¡¢µç×ÓÓʼþµØÖ·¡¢µ®ÉúÈÕÆÚºÍ¿Í»§±àºÅ¡£LidlÔÚ֪ͨÖÐ̹³Ð£º¡°Ä¿Ç°£¬ÎÒÃDz»ÄÜÅųýÕâ´ÎÐ¹Â¶Éæ¼°ÃÜÂë¡¢Õ˵¥µØÖ·¡¢ËÍ»õµØÖ·¡¢ÒøÐÐÕË»§ÐÅÏ¢»òÆäËûÖ§¸¶ÐÅÏ¢¡£¡±µ«¹«Ë¾Í¬Ê±Ç¿µ÷£¬¿Í»§µÄÔÚÏßÕË»§×ÔÉíδÊܵ½Ö±½ÓÓ°Ï죬¼´ÕË»§µÇ¼ƾ֤ºÍÄÚ²¿Ö°ÄÜά³Ö°²È«¡£ÊÂÎñ²úÉúºó£¬Lidl°µÊ¾¸ÃµÚÈý·½·þÎñÌṩÉÌÒѵ±¼´ÏìÓ¦£¬²ÉÈ¡Á˱ØÒª´ëÊ©È«Ãæ¸´ÔÊÜÓ°ÏìµÄITϵͳ¡£Í¬Ê±£¬LidlÒÑÏò¾¯·½±¨°¸£¬²¢ÀñƸ±í²¿°²È«×¨¼Ò¶ÔÊÂÎñ·¢Õ¹µ÷²é£¬ÒÔÈ·¶¨·ì϶µÄµ××ÓÔÒòºÍÈ«ÊýÓ°ÏìÁìÓò¡£±ÈÀûʱ¡¢µÂ¹úºÍºÉÀ¼µÄÊý¾Ý±£»¤¼à¹Ü»ú¹¹¾ùÒÑ»ñϤ´ËÊ£¬LidlÔÚ¹²Í¬Óйز¿ÃŵÄѯÎʺÍÒªÇó¡£
https://cybernews.com/security/microsoft-ai-patch-tuesday-future-security-updates/
3. ÈÕ±¾×î´óµÄ³ö×â³µÔËÓªÉÌÔâ·êÍøÂç¹¥»÷
7ÔÂ13ÈÕ£¬ÈÕ±¾×î´óµÄ³ö×â³µÔËÓªÉÌÈÕ±¾½»Í¨¹«Ë¾½üÈÕ֤ʵ£¬ÆäÄÚ²¿ÏµÍ³ÔÚÖÜÄ©Á賿Ôâ·êÍøÂç¹¥»÷£¬µ¼ÖÂÔ̺¬³ö×â³µµ÷¶ÈϵͳÔÚÄڵĶàÏîÖ÷Ìâ·þÎṉ̃»¾¡£¸Ã¹«Ë¾ÄêÊÕÈëÔ¼10ÒÚÃÀÔª£¬Õ¼Óг¬¹ý1.8ÍòÃûÔ±¹¤£¬ÔËÓª×ÅÓâÍòÁ¾³ö×â³µºÍר³µ¡£¹¥»÷²úÉúºó£¬¹«Ë¾´¹Î£¶Â½ØÊÜϰȾϵͳÒÔÔ¤·ÀÇÖº¦À©É¢£¬µ«Æû³µ×âÁÞ¡¢ÍøÉϼ°µç»°Ô¤Ô¼¡¢µ÷¶ÈÖÎÀíµÈ¶à¸öÄÚ²¿ÏµÍ³ÖÁ½ñÈÔδ¸´Ô¡£ÊÜ´ËÓ°Ï죬¶«¾©¡¢ºá±õ¡¢ˆÎÓñµÈÖØÒª³ÇÊеġ°ÁÙÝê³ö×â³µ¡±·þÎñ±»ÆÈÔÝÍ££¬¸ø¼±Ðè¾ÍÒ½µÄÔи¾´øÀ´¼«´ó²»±ã£»Í¨³£³Ë¿ÍÔò±»½¨Òé¸ÄÓá°GO¡±½Ð³µÀûÓûòǰÍù·±ßÕ¾µãºò³µ¡£ÈÕ±¾½»Í¨ÒÑÀñƸ±í²¿ÍøÂ簲ȫר¼Ò·¢Õ¹µ÷²éºÍϵͳ½¨¸´£¬Ä¿Ç°ËäδȷÈϲúÉúÊý¾Ýй¶£¬µ«ÕýÆÀ¹À¸Ã¿ÉÄÜÐÔ£¬²¢³ÐŵÈçÓÐнøÕ¹½«ÊµÊ±²¼¸æ¡£Í¬Ê±£¬¹«Ë¾ÌáÐѿͻ§¾¯Ìè¼ÙÒâ¹Ù·½µÄ¿ÉÒÉÓʼþ£¬Ô¤·À´ò¿ª¸½¼þ»òµã»÷Á´½Ó¡£½ØÖÁ±¨Â·°ä²¼£¬ÉÐÎÞÀÕË÷ÍÅ»ïÐû³Æ¶ÔÊÂÎñÕÆ¹Ü¡£
https://www.bleepingcomputer.com/news/security/japans-largest-taxi-operator-shuts-systems-after-cyberattack/
4. Jscrambler npm°üÔâ´Û¸Ä£¬½ü1500´ÎÏÂÔØ
7ÔÂ13ÈÕ£¬¿Í»§¶ËÍøÂ簲ȫ¹«Ë¾Jscrambler½üÈÕÅû¶£¬Æä¹Ù·½npm°üÔâÍþвÐÐΪÕߴ۸쬰䲼ÁËÔ̺¬ÐÅÏ¢ÇÔÈ¡¶ñÒâÈí¼þµÄ¶ñÒâ°æ±¾£¬Éæ¼°8.14¡¢8.16¡¢8.17ºÍ8.20Ëĸö°æ±¾¡£ÕâЩ¶ñÒâ°üÔÚ¡°Ô¤×°Öá±¹³×ӽ׶μ´Ö´ÐжñÒâ´úÂ룬ÇÔÈ¡¿ª·¢Õß±¾µØ»·¾³ÖеÄÃô¸ÐÊý¾Ý¡£ÊÂÎñ²úÉúºóµÄÁ½Ó×ʱÄÚ£¬¶ñÒâ°ü±»ÏÂÔØ¶à´ï1479´Î£¬Ö»¹ÜJscramblerѸ¿ìÆúÓÃÎÊÌâ°æ±¾²¢°ä²¼°²È«°æ±¾8.22£¬Í¬Ê±´úÌæÁËÊÜÓ°ÏìµÄËĸöÒÀÀµ°ü£¬µ«Ó°ÏìÁìÓòÒÑÏ൱¿í·º¡£¾ÝÀûÓð²È«¹«Ë¾Socket¼ì²â·ÖÎö£¬¸Ã¶ñÒâÈí¼þÀûÓÃChaCha20-Poly1305¼ÓÃÜËã·¨¶Ô¶ñÒâ´úÂë½øÐи߶ȻìºÏ£¬´ó·ùÔö³¤ÁËÄæÏò·ÖÎöÄѶȣ¬ÆäÇÔȡָ±êº¸ÇÔ´´úÂë¡¢ÏîÄ¿Îļþ¡¢¿ª·¢Õ߯¾Ö¤¡¢Ö÷Á÷ÔÆ·þÎñÃÜÔ¿¡¢AI±àÂ빤¾ßÅäÖᢼÓÃÜÇ®±ÒÇ®°üÖú¼Ç´Ê¡¢ä¯ÀÀÆ÷Cookie¼°±£ÁôµÄÍ´´¦£¬ÉõÖÁÔ̺¬Slack¡¢Discord¡¢TelegramµÈ¼´Ê±Í¨Ñ¶ÀûÓÃÊý¾Ý£¬ÏÕЩ¸²¸ÇÁË¿ª·¢Õß¹¤×÷»·¾³ÖеÄËùÓйؼüÐÅÏ¢¡£Jscrambler°µÊ¾£¬Õâ´ÎÈëÇÖÔ´ÓÚnpm°ä²¼Í´´¦Ð¹Â¶£¬¹«Ë¾Òѳ·ÏúÓÐ¹ØÆ¾Ö¤²¢ÔÚ°ä²¼Á÷³ÌÖÐÔöÉè¶î±í°²È«½ÚÔì´ëÊ©¡£
https://www.bleepingcomputer.com/news/security/hackers-backdoor-jscrambler-npm-package-with-infostealer-malware/
5. macOS¶ñÒâÈí¼þCrashStealerÇÔȡƾ֤¼ÓÃÜÇ®°ü
7ÔÂ13ÈÕ£¬°²È«×êÑÐÈËÔ±·¢ÏÖÒ»¿îÃûΪCrashStealerµÄÐÂÐÍmacOSÐÅÏ¢ÇÔÈ¡¶ñÒâÈí¼þ£¬¼Ù×°³ÉÆ»¹û±ÀÀ£»ã±¨¹¤¾ß£¬Í¨¹ý¾ÊðÃû¹«Ö¤µÄͶ·ÅÆ÷ÈÆ¹ýGatekeeper°²È«»úÔì¡£Æô¶¯ºóÏÔʾαÔìÃÜÂëÌáÐÑ£¬ÆÈ¡Óû§ÊäÈëÒÔ½âËøÔ¿³×´®£¬½ø¶øÇÔÈ¡SafariµÇ¼ÐÅÏ¢¡¢Wi-FiÃÜÂ롢˽Կ¼°Ö¤Ê顣ͬʱ¶Ô×¼80Óà¿î¼ÓÃÜÇ®°üÀ©´ó£¨ÈçMetaMask¡¢Phantom£©ºÍ14¿îÃÜÂëÖÎÀíÆ÷£¨Èç1Password¡¢Bitwarden£©£¬²¢É¨ÃèÓû§ÎĵµÄ¿Â¼ÏµÄÎļþ¡£ÇÔÈ¡Êý¾ÝѡȡAES-256-GCMÇ¿¼ÓÃÜ£¬´ò°üºóÉÏ´«ÖÁºÅÁîÓë½ÚÔì·þÎñÆ÷¡£¸Ã¶ñÒâÈí¼þ5Ô±»·¢ÏÖ¿ª·¢ÖУ¬7Ô³õÒÑÓÃÓÚÏÖʵ¹¥»÷¡£³õʼ´«²¼Í¨¹ý6ÔÂÏÂÑ®×¢²áµÄÐéαÈí¼þÍøÕ¾·Ö·¢£¬ÏÂÔØÐèÊäÈëPINÂ룬Åú×¢¹¥»÷ÓµÓÐÕë¶ÔÐÔ¡£CrashStealer¾ß±¸³ÁÐÂÊðÃûÄÜÁ¦£¬¿É¶¯Ì¬Å¤×ª¹þÏ£ÖµÒÔÌӱܼì²â¡£Ö»¹ÜÓëAtomicµÈ¼Ò×åÖ¸±ê³Áµþ£¬Æä¹ÖÒì¼ÓÃÜ»úÔìºÍÔÉúC++ʵÏÖʹÆä×Ô³ÉÒ»¼Ò¡£°²È«¹«Ë¾JamfÒѰ䲼ÈëÇÖÖ¸±ê»ã±¨£¬½¨ÒémacOSÓû§½ö´Ó¹Ù·½Çþ·ÏÂÔØÈí¼þ£¬¾¯ÌèÒì³£ÃÜÂëÌáÐÑ¡£
https://www.bleepingcomputer.com/news/security/new-crashstealer-malware-poses-as-apple-crash-reporting-tool/
6. ¾Å¹úÖÒ¸æ¶íºÚ¿ÍÀûÓ÷ÓÉÆ÷·ì϶¹¥¹Ø¼üÉèÊ©
7ÔÂ13ÈÕ£¬ÃÀ¹ú¡¢Ó¢¹ú¡¢°Ä´óÀûÑÇ¡¢¼ÓÄôóµÈ¾Å¹úµÄÍøÂ簲ȫ»ú¹¹½üÈÕ½áºÏ°ä²¼ÖҸ棬ָ³Æ¶íÂÞ˹Áª¹ú°²È«¾ÖµÚ16ÖÐÐĵĺڿÍ×éÖ¯ÕýϵͳÐÔµØÒÔ´æÔÚ·ì϶ºÍÅäÖò»µ±µÄ·ÓÉÆ÷ÎªÌø°å£¬ÉøÈë¹Ø¼ü»ù´¡ÉèÊ©ÍøÂç¡£¸Ã×éÖ¯±»×·×ÙΪBerserk Bear¡¢Energetic Bear¡¢DragonflyµÈ¶à¸ö´úºÅ£¬Æä¹¥»÷ÊÖ·¨ÖØÒªÊÇɨÃè¹«ÍøIPµØÖ·¶Î£¬Ñ°ÕÒÈÔʹÓÃĬÈÏ»ò³£¼ûSNMP£¨µ¥Ò»ÍøÂçÖÎÀíºÍ̸£©¼¯Ìå×Ö·û´®µÄ·ÓÉÆ÷£¬ËæºóÀûÓÃαÔìIPµØÖ··¢ËÍÖ¸Á¸´ÔìÉ豸ÅäÖÃÎļþ²¢Í¨¹ýTFTPºÍ̸й¶ÖÁ±í²¿½ÚÔì·þÎñÆ÷¡£´Ë±í£¬FBIÔçÔÚ2025Äê8Ô±ãÖÒ¸æ³Æ£¬Í³Ò»×éÖ¯×Ô2021Äê11ÔÂÒÔÀ´³ÖÐøÀûÓÃCisco IOSºÍIOS XEÈí¼þÖÇÄÜ×°ÖÃÖ°ÄÜÖеĸßΣ·ì϶CVE-2018-0171£¬¶Ô¹Ø¼üÖ¸±êÖ´ÐÐÈëÇÖ¡£ÊÜÍþв×îÑϳÁµÄÐÐÒµÔ̺¬ÄÜÔ´¡¢Í¨Ñ¶¡¢¹ú·À¹¤Òµ»ùµØ¡¢Ò½ÁƱ£½¡¡¢½ðÈÚ·þÎñ¼°µ±¾Ö·þÎñµÈ¡£ÎªÓ¦¶ÔÕâÒ»³ÖÐøÍþв£¬½áºÏÕ÷ѯ»ã±¨ÌṩÁËÏ꾡µÄ»º½â´ëÊ©£¬Ô̺¬Éý¼¶ÖÁ¸ü°²È«µÄSNMPv3¡¢½ûÓÃCisco Smart InstallÖ°ÄÜ¡¢Ç¿ÔìÖ´ÐÐÇ¿ÃÜÂëÕ½Êõ¡¢ÔÚ±ßÔµ·À»ðǽ·â¶ÂTFTPºÍSNMPÁ÷Á¿¡¢ÊµÊ±¸üй̼þ²¢´úÌæÒÑÍ£²úµÄÉ豸¡£
https://www.bleepingcomputer.com/news/security/us-and-allies-share-defense-tips-against-russian-hackers-targeting-critical-infrastructure/


¾©¹«Íø°²±¸11010802024551ºÅ