WP Maps ProÏÖ¸ßΣ·ì϶£¬¿ÉδÊÚȨ´´½¨ÖÎÀíÔ¹ØË»§
°ä²¼¹¦·ò 2026-06-011. WP Maps ProÏÖ¸ßΣ·ì϶£¬¿ÉδÊÚȨ´´½¨ÖÎÀíÔ¹ØË»§
5ÔÂ31ÈÕ£¬½üÆÚ£¬°²È«×êÑÐÈËÔ±·¢ÏÖ£¬ºÚ¿ÍÕý»ý¼«ÀûÓÃWordPress²å¼þWP Maps ProÖдæÔÚµÄÒ»¸ö¸ßΣ·ì϶½øÐй¥»÷¡£¸Ã·ì϶±àºÅΪCVE-2026-8732£¬ÑϳÁ¼¶±ð±»ÆÀ¶¨Îª¡°ÑϳÁ¡±£¬Ó°Ïì°æ±¾Îª6.1.0¼°¸üÔç°æ±¾¡£·ì϶Óɰ²È«×êÑÐÔ±David Brown·¢ÏÖ²¢»ã±¨¡£WP Maps ProÊÇÒ»¿îÓÃÓÚ¹¹½¨½»»¥Ê½µØÍ¼ºÍµêÆÌ¶¨Î»Æ÷µÄ¸ß¼¶²å¼þ£¬Ö§³ÖGoogle Maps¡¢OpenStreetStackµÈ¶àÖÖµØÍ¼·þÎñÌṩÉÌ£¬Í¨³£±»±ØÒªÕ¹Ê¾¶à¸öλÏàÐÅÏ¢µÄÆóÒµ¡¢·¿µØ²úÍøÕ¾¡¢ÓÎÀÀƽ̨¡¢Ä¿Â¼ÀàÍøÕ¾µÈʹÓ᣸òå¼þÔÚEnvato MarketÉϵÄÏúÁ¿Òѳ¬¹ý15,800¼þ¡£±¾´Î·ì϶µÄ±¾ÔÔÚÓÚ²å¼þÄÚÖõġ°Ò»Ê±½Ó¼û¡±Ö°ÄÜ£¬¸ÃÖ°ÄÜÕý±¾Éè¼ÆÓÃÓÚÔÊÐí¹©¸øÉ̼¼ÊõÖ§³ÖÈËÔ±Ô¶³Ì½Ó¼û¿Í»§ÍøÕ¾½øÐйÊÕÏÅŲ顣Brown·¢ÏÖ£¬¸ÃÖ°ÄܶÔÓ¦µÄAJAX¶Ëµã¿É±»Î´¾Éí·ÝÑéÖ¤µÄÓû§Ö±½Ó½Ó¼û¡£¾ÝWordPress°²È«¹«Ë¾DefiantµÄ×êÑÐÈËÔ±¹Û²ì£¬´Óǰ24Ó×ʱÄÚ£¬ËûÃÇÒѾÀ¹½ØÁ˳¬¹ý3600´ÎÕë¶Ô¸Ã·ì϶µÄÀûÓó¢ÊÔ¡£BrownÓÚ3ÔÂ24ÈÕ½«·ì϶»ã±¨¸øWordfence£¬·ì϶¾È·ÈϺóÓÚ5ÔÂ16ÈÕ֪ͨÁ˲å¼þ¹©¸øÉÌ¡£5ÔÂ20ÈÕ£¬WP Maps Pro 6.1.1°æ±¾Õýʽ°ä²¼£¬½¨¸´Á˸÷ì϶¡£
https://www.bleepingcomputer.com/news/security/wp-maps-pro-bug-exploited-to-create-admin-accounts-on-wordpress-sites/
2. Palo Alto Networks£ºGlobalProtect·ì϶Ôâ»îÔ¾ÀûÓÃ
5ÔÂ30ÈÕ£¬Palo Alto Networks½üÈÕ·¢³öÖҸ棬ºÚ¿ÍÔÚ»ý¼«ÀûÓÃÆäPAN-OSÈí¼þÖеÄGlobalProtectÉí·ÝÑéÖ¤ÈÆ¹ý·ì϶£¨±àºÅCVE-2026-0257£©¹¥»÷δ´ò²¹¶¡µÄÉ豸£¬ÊÔͼÈëÇÔìóÒµÍøÂç¡£¸Ã·ì϶×î³õÓÚ±¾Ô³õ±»½¨¸´Ê±ÆÀΪÖеÈÑϳÁÐԵȼ¶£¬ÓÉÓÚÀûÓÃǰÌáÒªÇóÉ豸ÅäÖÃÆôÓÃÉí·ÝÑéÖ¤¸²¸Çcookie²¢¾ß±¸Ìض¨µÄÖ¤ÊéÅäÖá£È»¶ø£¬Ëæ×ÅÏÖʵ¹¥»÷µÄ³öÏÖ£¬Palo Alto Networks¸üÐÂÁ˰²È«²¼¸æ£¬½«ÑϳÁÐÔÆÀ¼¶Ìá¸ßÖÁ¡°¸ß¡±£¬²¢È·ÈÏÒѰÑÎȵ½ÔÚδ²ÉÈ¡»º½â´ëÊ©µÄÉ豸ÉÏ´æÔÚ·ì϶ÀûÓó¢ÊÔ¡£°²È«¹«Ë¾Rapid7½øÒ»²½Åû¶£¬ËûÃÇ×Ô2026Äê5ÔÂ17ÈÕÆð¾Í¹Û²ìµ½¸Ã·ì϶±»¿í·ºÀûÓ㬵¼Ö¶à¶à¿Í»§Ôâ·êËðʧ¡£½ØÖÁ5ÔÂ29ÈÕ£¬¸Ã·ì϶Òѱ»ÕýʽÁÐÈëCISAµÄÒÑÖªÀûÓ÷ì϶Ŀ¼£¨KEV£©¡£¹¥»÷¹ý³ÌʼÓÚºÚ¿ÍʹÓÃαÔìµÄÉí·ÝÑéÖ¤¸²¸Çcookie¶ÔGlobalProtectÍø¹Ø½øÐÐÉí·ÝÑéÖ¤£¬Ö¸±êÖ±Ö¸±¾µØÖÎÀíÔ¹ØË»§¡£Rapid7·¢ÏÖ£¬¹¥»÷Ê×ÏÈÕë¶ÔVultrÍйܵĻù´¡ÉèÊ©£¬ËæºóÓÚ5ÔÂ21ÈÕ¼ì²âµ½µÚ¶þ²¨Ô´×ÔDromatics SystemsµÄ¹¥»÷¡£¸ÃȱµãµÄµ××ÓÔÒòÔÚÓÚPAN-OS¶ÔÉí·ÝÑéÖ¤¸²¸ÇcookieµÄÑéÖ¤»úÔì´æÔÚ·ì϶¡£
https://www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-attacks/
3. ShinyHuntersй¶Charter CommunicationsÊý¾Ý
5ÔÂ30ÈÕ£¬ÃÀ¹ú×î´óµÄµçÐŹ«Ë¾Ö®Ò»Charter Communications½üÈÕÔâ·êÀÕË÷¹¥»÷¡£ÔÚCharter»Ø¾øÖ§¸¶Êê½ðºó£¬³ôÃûÔ¶ÑïµÄShinyHuntersÀÕË÷×éÖ¯°ä²¼Á˾ݳƴӸù«Ë¾ÇÔÈ¡µÄÊý¾Ý¡£CharterÆìÏÂSpectrumÆ·ÅÆÎªÊýǧÍòסլºÍóÒ×Óû§Ìṩ»¥ÁªÍø¡¢ÓÐÏßµçÊÓ¡¢Òƶ¯ºÍµç»°·þÎñ¡£¾ÝÓйر¨Â·£¬Ð¹Â¶µÄÐÅÏ¢Ô̺¬³¬¹ý4200ÍòÌõ¿Í»§¼Í¼ºÍ¿Í»§×¨ÓÐÍøÂçÐÅÏ¢£¨CPNI£©¡£È»¶ø£¬Æ¾¾ÝÊý¾Ýй¶֪ͨ·þÎñHaveIBeenPwned£¨HIBP£©µÄͳ¼Æ£¬ÏÖʵÊÜÓ°ÏìµÄÓ×ÎÒÊýÁ¿Ô¼Îª490Íò¡£HIBPÖ¸³ö£¬¸Ã×éÖ¯°ä²¼µÄÊý¾Ýй¶ÁË490Íò¸öΨһµÄµç×ÓÓʼþµØÖ·£¬ÒÔ¼°ÐÕÃû¡¢µç»°ºÅÂëºÍÏÖʵµØÖ·¡£ÆäÖÐÔ¼ÓÐ8.5Íò±Ê¼Í¼À´×ÔÄÚ²¿Ô±¹¤Ãû¼£¬»¹Ô̺¬ÁËְλÐÅÏ¢¡£Charter¹«Ë¾ÒÑÈ·ÈÏ֪Ϥ´ËÊÂÎñ£¬µ«°µÊ¾Ã»ÓÐÃô¸ÐÓ×ÎÒÐÅÏ¢»òCPNI±»Ð¹Â¶¡£¹«Ë¾ÒÑÆô¶¯°²È«·¨Ê½£¬²¢Õý¹²Í¬Óйز¿ÃÅ·¢Õ¹µ÷²é¡£¾ÝϤ£¬Õâ´ÎÊÂÎñÓ°ÏìÁËÓÃÓÚÖÎÀíÏÖÓÓעǰºÍDZÔÚ¿Í»§µÄÏúÊÛÓйØÏµÍ³¡£
https://securityaffairs.com/192907/uncategorized/shinyhunters-leaks-charter-communications-data-potentially-impacting-5-million-customers.html
4. ºÉÀ¼¾¯·½¹Ø¹Ø1700Íǫ̀É豸×é³ÉµÄ¾ÞÐͽ©Ê¬ÍøÂç
5ÔÂ30ÈÕ£¬ºÉÀ¼µ±¾Ö½üÈճɹ¦¹Ø¹ØÁËÒ»¸ö¹æÄ£ÖØ´óµÄ½©Ê¬ÍøÂ磬¸ÃÍøÂçÖÁÉÙÔ̺¬1700Íǫ̀ÊÜϰȾµÄÉ豸£¬º¸ÇµçÄÔ¡¢Æ½°åµçÄÔºÍÖÇÄÜÊÖ»ú¡£Õâ´ÎÐж¯ÓɺÉÀ¼¾¯·½Óë¹ú¶ÈÍøÂ簲ȫÖÐÐÄ£¨NCSC£©ºÏ×÷·¢Õ¹¡£¾ÝNCSC°ä²¼µÄÐÂΟ壬һÃû°²È«×êÑÐÈËÔ±Ê×ÏÈ·¢ÏÖ¸ÃÍøÂç²¢ÏòNCSC»ã±¨£¬NCSCËæ¼´Í¨Öª¾¯·½£¬Ë«·½¹²Í¬½Ó°ì°¸¼þ²¢·¢Õ¹µ÷²é¡£µ÷²éÏÔʾ£¬ÓÃÓÚÍйܸöñÒâ»ù´¡ÉèÊ©µÄ200̨·þÎñÆ÷λÓÚºÉÀ¼¾³ÄÚ¡£¾¯·½²é·âÁ˶ą̀·þÎñÆ÷ÒÔ½øÐÐȡ֤·ÖÎö£¬¶øÓйØÍйܷþÎñÌṩÉÌÔÚÈ·Èϸûù´¡ÉèÊ©±»ÓÃÓÚ·¸×ï»î¶¯ºó½«Æä¹Ø¹Ø¡£¾Ý±¨Â·£¬¸Ã½©Ê¬ÍøÂçÓëÒ»¼ÒÃûΪASOCKSµÄ¹«Ë¾ÓйØÁª£¬¸Ã¹«Ë¾ÊÇÒ»¼Òסլ´úÀí·þÎñÆ÷ÏúÊÛÉÌ£¬ÌṩּÔÚ°µ²ØÓû§ÔÚÏßÉí·ÝºÍµØÎ»µÄ·þÎñ¡£ÕâÀà·þÎñ¿É±»ÀÄÓÃÓÚ¶àÖÖÍøÂç·¸×ï»î¶¯£¬Ô̺¬DDoS¹¥»÷¡¢ÍøÂç´¹µö¡¢½©Ê¬ÍøÂçÔË×÷ºÍÍøÒ³×¥È¡¡£ºÉÀ¼µ±¾ÖÖÒ¸æ³Æ£¬×¡Õ¬´úÀí·þÎñÆ÷»áʹ¶ñÒâÁ÷Á¿¼Ù×°³ÉºÏ·¨Á÷Á¿£¬µ¼Ö¼ì²â»ººÍ½â¹¤×÷Ô½·¢¸´ÔÓ£¬ÓÉÓÚ¹¥»÷¿ÉÄÜ¿´ÆðÀ´ÏñÊÇÀ´×Ôͨ³£µÄ±¾µØ»¥ÁªÍøÓû§¡£
https://securityaffairs.com/192890/malware/botnet-of-17-million-devices-dismantled-in-the-netherlands.html
5. ¹¥»÷ÕßÀÄÓÃChatGPT¹²ÏíÖ°ÄÜ´«²¼¶ñÒâÈí¼þ
5ÔÂ29ÈÕ£¬ÍþвÐÐΪÕßÕýÀûÓÃChatGPTµÄÄÚÈݹ²ÏíÖ°ÄÜÌáÒéÐÂÐ͹¥»÷»î¶¯£¬¸Ã»î¶¯±»Push Security¶¨ÃûΪ¡°LLMShare¡±¡£µ±Óû§µã»÷¶ñÒâ¸æ°×ºó£¬»á±»´øµ½Ò»¸öÕæÊµµÄChatGPT¹²ÏíÒ³Ãæ£¬µ«¿´µ½µÄ²¢·ÇÕý³£Ì¸ÌìÄÚÈÝ£¬¶øÊÇÒ»ÌõäÖȾºóµÄÐéα¹ÊÕÏ֪ͨ¡£¸Ã֪ͨÐû³Æ£º¡°ÎÒÃÇĿǰ½Ó¼ûÁ¿½Ï´ó¡£ÓÉÓÚÓû§ÊýÁ¿¹ý¶à£¬mansion88Ã÷ÉýÍøÕ¾ÁÙʱÎÞ·¨½Ó¼û¡£ÇëÏÂÔØmansion88Ã÷Éý×ÀÃæÀûÓ÷¨Ê½³ÖÐøÊ¹Óᣡ±Ó봫ͳÍйÜÔÚ¹¥»÷Õß½ÚÔìµÄ»ù´¡ÉèÊ©ÉϵĴ¹µöÒ³Ãæ·ÖÆç£¬ÕâÌõÐéα¹ÊÕÏ֪ͨÊÇͨ¹ýChatGPT×ÔÉí³öÏֵġ£¹¥»÷ÕßÀûÓÃChatGPTµÄäÖȾְÄÜ´´½¨ÁË×Ô½ç˵HTMLÒ³Ãæ£¬²¢Í¨¹ýchatgpt.com/s/Á´½Ó°ä²¼£¬´Ó¶øÊµÏÖÁ˴ӺϷ¨ChatGPT URLÏÔʾÐéαÄÚÈÝ¡£¸ÃÒ³ÃæÔ̺¬¡°ÏÔʾ´úÂ롱ºÍ¡°Ê¹ÓÃChatGPT½øÐлìÒô¡±¿Ø¼þ£¬Åú×¢Ðéα¹ÊÕÏ֪ͨÏÖʵÉÏÊÇÓÉChatGPTÌáÐÑäÖȾµÄ×Ô½ç˵HTMLºÍCSSÌìÉúµÄ¡£ÈôÊǷÿ͵ã»÷ÏÂÔØ°´Å¥£¬»á±»Êèµ¼ÖÁopenew[.]appÍøÕ¾£¬¸ÃÍøÕ¾·ÂÕÕÁËOpenAIµÄ¹Ù·½×ÀÃæÀûÓ÷¨Ê½ÏÂÔØÃÅ»§¡£×êÑÐÈËÔ±Ö¸³ö£¬¸ÃÍøÕ¾Ñ¡È¡Á˼Ù×°¼¼Êõ£¬½öÏòÌØ¶¨Ö¸±êÊܺ¦ÕßÏÔʾ¶ñÒâÄÚÈÝ£¬¶øµ±URLScanµÈ°²È«Æ½Ì¨½Ó¼û¸ÃURLʱ£¬¿´µ½µÄÈ´ÊÇÒ»¸öÎÞº¦µÄAR/VR¹«Ë¾ÍøÕ¾¡£¸ÃÍøÕ¾ÌṩmacOSºÍWindowsÁ½¸ö°æ±¾µÄÏÂÔØÁ´½Ó£¬ÕâЩװÖðüÏÖʵ»áÔÚÉ豸ÉÏÖ²Èë¶ñÒâÈí¼þ¡£
https://www.bleepingcomputer.com/news/security/chatgpt-share-links-abused-to-host-fake-outage-pages-to-deliver-malware/
6. Rich Products¹©¸øÉÌÔâ´¹µö¹¥»÷ÖÂÊý¾Ýй¶
5ÔÂ29ÈÕ£¬ÃÀ¹ú´óÐÍ˽ӪʳƷ¹«Ë¾Rich Products Corporation½üÈÕÅû¶ÁËһ·Êý¾Ýй¶ÊÂÎñ£¬¸ÃÊÂÎñÔ´ÓÚÆä¹©¸øÉÌFirst Advantage CorporationÔâ·êµÄÍøÂç´¹µö¹¥»÷£¬µ¼ÖÂÓëRich ProductsÓйصÄÔ¼200ÃûÔ±¹¤µÄÃô¸ÐÓ×ÎÒÊý¾Ý±»Ð¹Â¶¡£¾ÝFirst AdvantageÅû¶£¬2025Äê11ÔÂ17ÈÕ£¬¸Ã¹«Ë¾ÔÚÒ»´Î¡°¸´ÔÓµÄÍøÂç´¹µö¡±¹¥»÷ºó·¢ÏÖ£¬Î´¾ÊÚȨµÄµÚÈý·½½Ó¼ûÁËÆäÒ©ÎïºÍÖ°Òµ½¡¿µÉ¸²é²¿ÃÅÒ»ÃûÔ±¹¤µÄÕË»§¡£¾µ÷²é£¬¹¥»÷ÕßÓÚ2025Äê11ÔÂ13ÈÕ×óÓÒ½Ó¼ûÁ˸ÃÕË»§£¬²¢ÏÂÔØÁ˸ÃÔ±¹¤µç×ÓÓʼþÊÕ¼þÏäµÄÈ«ÊýÄÚÈÝ¡£First Advantage°µÊ¾ÒѽûÓñ»µÁÓõÄÕË»§£¬²¢ÔÚϵͳÖÐÖ´ÐÐÁ˶î±íµÄ°²È«·À»¤´ëÊ©ÒÔÔ¤·ÀÀàËÆÊÂÎñÔٴβúÉú¡£È»¶ø£¬Ïû·ÑÕßֱ֪ͨµ½2026Äê4ÔÂ22ÈղůðÍ··¢³ö£¬¾à³õʼй¶ÒÑ´ÓǰÊýÔ¡£Æ¾¾ÝRich Products¹«¿ª°ä²¼µÄ֪ͨÐÅ£¬±»µÁÊý¾ÝÔ̺¬È«ÃûºÍ¡°ÆäËûÓ×ÎÒÉí·ÝÐÅÏ¢¡±¡£¶øFirst AdvantageÏòÂíÈøÖîÈûÖÝÏû·ÑÕßÊÂÎñºÍóÒ×¼à¹Ü°ì¹«ÊÒÌá½»µÄ»ã±¨½øÒ»²½Åû¶£¬Éç»á±£ÏÕºÅÂëºÍ¼ÝÊ»ÅÆÕÕÐÅÏ¢Ò²ÔÚ±¾´Îй¶ÊÂÎñÖб»µÁ¡£ÕâЩÐÅÏ¢µÄÃô¸ÐÐÔ¼«¸ß£¬ÊÜÓ°ÏìµÄÓ×ÎÒÃæ¶ÔÉí·Ý͵ÇÔ¡¢½ðÈÚڿƺͶ¨ÏòÍøÂç´¹µö¹¥»÷µÄÏÔÖø·çÏÕ¡£
https://cybernews.com/security/rich-products-data-breach-phishing/


¾©¹«Íø°²±¸11010802024551ºÅ