iRhythmÔâÀÕË÷¹¥»÷£¬³¬Ç§Íò»¼Õß½¡¿µÐÅϢй¶

·¢²¼Ê±¼ä 2026-06-17
1. iRhythmÔâÀÕË÷¹¥»÷£¬³¬Ç§Íò»¼Õß½¡¿µÐÅϢй¶


6ÔÂ16ÈÕ£¬ÃÀ¹úÊý×ÖÒ½Áƹ«Ë¾iRhythm HoldingsÓÚ½üÈÕÅû¶һÆðÖØ´óÊý¾Ýй¶Ê¼þ£¬ºÚ¿Íͨ¹ýÉç»á¹¤³ÌÊֶι¥ÆÆÁËÆäµÚÈý·½ÍйܵÄÒµÎñÓ¦ÓóÌÐò£¬³É¹¦ÇÔÈ¡°üÀ¨»¼ÕßÊܱ £»¤½¡¿µÐÅÏ¢¡¢¸öÈËÉí·ÝÐÅÏ¢¼°¹«Ë¾×¨ÓÐÊý¾ÝÔÚÄÚµÄÃô¸Ð×ÊÁÏ¡£×÷Ϊһ¼ÒרעÓÚÐÄÔà¼à²â·þÎñµÄÖªÃûÆóÒµ£¬iRhythmµÄ¼¼ÊõÒÑÓÃÓÚ·ÖÎö³¬¹ý1200ÍòÃû»¼ÕßÀÛ¼ÆÓâ20ÒÚСʱµÄÐÄÌøÊý¾Ý£¬´Ë´Îй¶²¨¼°·¶Î§Ö®¹ã£¬Òý·¢Òµ½ç¶ÔÒ½ÁÆÊý¾Ý°²È«µÄÉîÇе£ÓÇ¡£¸ù¾Ý¸Ã¹«Ë¾ÓÚ2026Äê6ÔÂ10ÈÕÏòÃÀ¹ú֤ȯ½»Ò×ίԱ»áÌá½»µÄÎļþ£¬Ê¼þ×îÔçÓÚǰһÌ죨6ÔÂ9ÈÕ£©±»·¢ÏÖ£¬µ±ÈÕ¹«Ë¾¼´ÊÕµ½ÍþвÐÐΪÕßµÄÀÕË÷Ðź¯£¬¶Ô·½ÒÔ¹«¿ªÐ¹Â¶±»µÁÊý¾ÝΪҪЮË÷È¡Êê½ð¡£iRhythmÔÚÈ·Èϲ¿·ÖÊý¾ÝÈ·ÒÑ´ÓÓ¦ÓóÌÐòÖÐÍâйºó£¬Ñ¸ËÙÁªºÏÍâ²¿ÍøÂ簲ȫר¼ÒÕ¹¿ªÈ¡Ö¤µ÷²é£¬²¢Æô¶¯Á˼ȶ¨µÄÍøÂ簲ȫÏìÓ¦¼Æ»®ÒÔ¶ôÖÆÊÂ̬À©É¢¡£¼øÓÚDZÔÚÊÜÓ°ÏìµÄÊý¾ÝÁ¿¼«ÎªÅӴ󣬸ù«Ë¾ÓÚ6ÔÂ10ÈÕÕýʽÈ϶¨¸Ãʼþ¹¹³É¡°ÖØ´óÐÔÖÊ¡±µÄÍøÂ簲ȫʹÊ¡£ÖµµÃ×¢ÒâµÄÊÇ£¬iRhythmÔÚÉùÃ÷ÖÐÇ¿µ÷£¬´Ë´ÎÈëÇÖ²¢Î´²¨¼°¹«Ë¾µÄºËÐIJúƷϵͳ¡¢ÁÙ´²»òÒ½ÁÆÉ豸»ù´¡ÉèÊ©¡¢»¼Õß°²È«Ïà¹ØÏµÍ³¡¢ÖÆÔìÓë·ÖÏúÔËÓªÁ´Ìõ£¬Ò²Î´Ó°Ïì²ÆÎñ±¨¸æÏµÍ³£¬Í¬Ê±¸Ã¹«Ë¾Ã÷È·±íʾÆä²»´æ´¢»¼ÕßµÄÖ§¸¶¿¨»ò²ÆÎñÕË»§ÐÅÏ¢£¬´Ó¶øÔÚÒ»¶¨³Ì¶ÈÉÏ»º½âÁ˽ðÈÚÆÛÕ©·çÏÕ¡£


https://www.bleepingcomputer.com/news/security/irhythm-discloses-data-breach-says-hackers-stole-patient-info/


2. ¿Â´ïÔâShinyHuntersÀÕË÷£¬Íþвй¶220ÍòÌõ¼Ç¼


6ÔÂ15ÈÕ£¬½üÈÕ£¬ÓµÓнü150ÄêÀúÊ·µÄÃÀ¹ú³ÉÏñ¼¼Êõ¾ÞÍ·ÒÁÊ¿Âü¿Â´ï¹«Ë¾±»ÁÐÈë³ôÃûÕÑÖøµÄÀÕË÷×éÖ¯ShinyHuntersµÄÐ¹Â¶ÍøÕ¾£¬²¢ÊÕµ½Ò»·Ý´ë´ÇÑÏÀ÷µÄ¡°×îºó¾¯¸æ¡±£¬ÒªÇóÆäÔÚ2026Äê6ÔÂ18ÈÕǰÖ÷¶¯ÁªÏµ¸Ã×éÖ¯²¢Âú×ãÊê½ðÒªÇ󣬷ñÔò½«ÃæÁÙÃô¸ÐÊý¾Ý±»¹«¿ªÐ¹Â¶µÄ·çÏÕ¡£ShinyHuntersÔÚÍøÕ¾ÉÏÉù³ÆÒѳɹ¦ÇÔÈ¡¡°³¬¹ý220ÍòÌõ°üº¬¿Í»§¸öÈËÉí·ÝÐÅÏ¢ºÍÆäËûÄÚ²¿¹«Ë¾Êý¾ÝµÄ¼Ç¼¡±£¬µ«½ØÖÁĿǰ£¬¸Ã×éÖ¯²¢Î´·¢²¼ÈκÎÑù±¾Êý¾Ý»ò¾ßÌåÖ¤¾ÝÀ´Ö§³ÅÆäÕâÒ»ÅÓ´óÉù³Æ£¬¶ø¿Â´ï¹«Ë¾½üÆÚÒ²´ÓδÔÚ¹«¿ª³¡ºÏ³ÐÈÏÔâÓöÈκÎÍøÂçÈëÇÖ¡£Õâ¼ÒÔøÒò½º¾íÎÅÃûÈ«Çò¡¢ºóÓÚ2012ÄêÉêÇëÆÆ²ú²¢¾­Àú³¹µ×ÖØ×éµÄ°ÙÄêÆóÒµ£¬Èç½ñÒÑתÐÍΪÒÔB2BΪÖ÷µÄ¿Æ¼¼ÖÆÔ칫˾£¬ºËÐÄÒµÎñº­¸ÇÉÌÒµÊýÂëÓ¡Ë¢¡¢µçÓ°½ºÆ¬Ó뾲̬½ºÆ¬ÖÆÔì¡¢ÖÆÒ©¼°µç³ØÓÃÏȽø»¯Ñ§Æ·µÄÉú²ú£¬ÒÔ¼°×ÔÓÐÆ·ÅÆÊÚȨµÈÁìÓò£¬´Ë´ÎÍ»ÈçÆäÀ´µÄÀÕË÷ÍþвÎÞÒɸøÆäתÐÍ֮·ÃÉÉÏÒ»²ãÒõÓ°¡ £¿ÉÒÔÔ¤¼ûµÄÊÇ£¬Èô¿Â´ï×îÖÕδÄÜÓëºÚ¿Í´ï³ÉÍ×Э£¬ÆäÅÓ´óµÄ¿Í»§Êý¾Ý¿âÓëÄÚ²¿ÉÌÒµ»úÃÜÒ»µ©Íâй£¬²»½ö½«ÑÏÖØÇÖÊ´Õâ¼ÒÀÏÅÆÆóÒµµÄ¹«ÐÅÁ¦£¬»¹¿ÉÄÜÒý·¢¼à¹ÜÖØ·£Ó뼯ÌåËßËÏ¡£


https://cybernews.com/security/shinyhunters-claims-kodak-hack-2-million-records/


3. CISA½«LiteSpeed cPanel²å¼þ¸ßΣ©¶´ÁÐÈëKEVĿ¼


6ÔÂ16ÈÕ£¬ÃÀ¹úÍøÂ簲ȫºÍ»ù´¡ÉèÊ©°²È«¾Ö£¨CISA£©½üÈÕ½«Ò»ÏîÓ°ÏìLiteSpeed cPanel²å¼þµÄ¸ßΣ°²È«Â©¶´ÁÐÈëÆä¡°ÒÑÖª±»ÀûÓé¶´¡±£¨KEV£©Ä¿Â¼¡£¸Ã©¶´±àºÅΪCVE-2026-54420£¬CVSSÆÀ·ÖΪ8.5£¬ÊôÓÚ¸ßΣ¼¶±ð¡£¸ù¾ÝÒªÇó£¬ÃÀ¹úÁª°îÃñÊÂÐÐÕþ²¿ÃÅ£¨FCEB£©»ú¹¹±ØÐëÔÚ2026Äê6ÔÂ18ÈÕǰÍê³ÉÐÞ¸´£¬ÒÔ·À·¶Ç±ÔÚµÄÍøÂç¹¥»÷·çÏÕ¡£¸Ã©¶´µÄ¼¼Êõ³ÉÒòÔÚÓÚLiteSpeed cPanel²å¼þ£¨2.4.8°æ±¾Ö®Ç°£©¶Ô·ûºÅÁ´½ÓµÄ´¦Àí´æÔÚȱÏÝ¡£¾ßÌå¶øÑÔ£¬µ±·þÎñÆ÷ÔËÐÐCloudLinux»òCageFSÕâÀ๲ÏíÍйܻ·¾³Ê±£¬ÓµÓÐFTP»òWeb Shell·ÃÎÊȨÏÞµÄÓû§¿ÉÒÔÀûÓôË©¶´£¬Í¨¹ý´´½¨¶ñÒâ·ûºÅÁ´½ÓÀ´Í»ÆÆCageFSµÄ¸ôÀë»úÖÆ£¬×îÖÕ½«È¨ÏÞÌáÉýÖÁϵͳ×î¸ß¼¶±ðrootȨÏÞ¡£³É¹¦ÀûÓôË©¶´µÄ¹¥»÷Õß¿ÉÒÔÍêÈ«¿ØÖÆÄ¿±ê·þÎñÆ÷£¬·ÃÎÊ¡¢´Û¸Ä»òÇÔȡͬһ·þÎñÆ÷ÉÏËùÓÐÆäËûÍйÜÍøÕ¾µÄÊý¾Ý¡£LiteSpeed¹Ù·½ÒÑÈ·Èϸé¶´ÕýÔÚ±»»ý¼«ÀûÓã¬Êµ¼Ê¹¥»÷»î¶¯×îÔç¿É×·ËÝÖÁ2026Äê5Ô¡£°²È«³§ÉÌNamecheapÓÚ2026Äê5ÔÂ31ÈÕÏòLiteSpeed±¨¸æÁËÕâÒ»ÎÊÌâ¡£Õë¶ÔÕâÒ»½ôÆÈÍþв£¬LiteSpeed¹Ù·½ÌṩÁËÉý¼¶ÐÞ¸´ºÍÁÙʱ»º½âÁ½ÖÖÓ¦¶Ô·½°¸¡£


https://thehackernews.com/2026/06/cisa-flags-litespeed-cpanel-plugin-flaw.html


4. JetBrains Marketplace¶ñÒâ²å¼þµÁÈ¡AI¿ª·¢ÕßÃÜÔ¿


6ÔÂ16ÈÕ£¬½üÈÕ£¬ÍøÂ簲ȫ¹«Ë¾Aikido SecurityÔÚJetBrains MarketplaceÉÏ·¢ÏÖÁËÒ»³¡ÓÐ×éÖ¯µÄ¶ñÒâÈí¼þ¹¥»÷»î¶¯£¬ÖÁÉÙ15¸öIDE²å¼þ±»Ö²ÈëÇÔÃÜ´úÂ룬רÃŵÁÈ¡¿ª·¢Õß´æ´¢ÔÚ²å¼þÉèÖÃÖеÄAI·þÎñÉÌAPIÃÜÔ¿¡£ÕâЩ²å¼þαװ³ÉAI±àÂëÖúÊÖ¡¢´úÂëÉó²é¹¤¾ßºÍGitʵÓóÌÐò£¬Ðû³Æ¼¯³ÉOpenAI¡¢DeepSeek¡¢SiliconFlowµÈÈÈÃÅAI·þÎñ£¬×îÔçÓÚ2025Äê10Ô·¢²¼£¬Ð²å¼þ³ÖÐø¸üÐÂÖÁ2026Äê6ÔÂ10ÈÕ£¬Àۼư²×°´ÎÊý½Ó½ü7Íò´Î¡£¹¥»÷Õßͨ¹ýÆß¸ö²»Í¬µÄ¹©Ó¦ÉÌÕ˺ŷ¢²¼ÕâЩ²å¼þ£¬ËùÓжñÒâ²å¼þ¾ù¹²Ïí¸ß¶ÈÏàËÆµÄµ×²ã´úÂ룬ÆäºËÐÄÐÐΪÊÇÔÚÓû§ÊäÈëAPIÃÜÔ¿²¢µã»÷¡°Ó¦Óá±°´Å¥µÄ˲¼ä£¬Í¨¹ýδ¼ÓÃܵÄHTTPЭÒ齫ƾ¾ÝÃ÷ÎÄ·¢ËÍÖÁÓ²±àÂë·þÎñÆ÷µÄÖ¸¶¨½Ó¿Ú£¬µ¼ÖÂÃÜÔ¿ÔÚ´«Êä¹ý³ÌÖм«Ò×±»½Ø»ñ»òÖ±½ÓÂäÈë¹¥»÷ÕßÊÖÖС£¸üÁîÈ˾¯ÌèµÄÊÇ£¬²¿·Ö²å¼þ»¹Ìṩ¸¶·Ñ°æ±¾£¬ÆäÔË×÷»úÖÆÒì³ £¿ÉÒÉ£¬Óû§Ö§¸¶ÉÙÁ¿·ÑÓúó£¬Ô¶³Ì·þÎñÆ÷»áÖ÷¶¯Ïò¿Í»§¶Ë·¢»ØÒ»¸ö¿ÉÓõÄAI APIÃÜÔ¿£¬¹©²å¼þÖ±½Óµ÷Óá£AikidoÑо¿ÈËÔ±Ö¸³ö£¬ÈκκϷ¨µÄ·þÎñÔËÓªÉ̶¼²»»á½«²»ÊÜÏÞÖÆµÄ¸¶·ÑAIÌṩÉÌÃÜÔ¿Ö±½Ó½»¸øÓû§£¬ÍƲ⹥»÷ÕߺܿÉÄܽ«´ÓÃâ·ÑÓû§ÄÇÀïÇÔÈ¡À´µÄƾ¾ÝÖØÐ·ַ¢£¬×ªÂô¸ø¸¶·ÑÓû§£¬´Ó¶ø¹¹½¨Ò»Ìõ·Ç·¨Ä²ÀûµÄºÚÉ«²úÒµÁ´¡£


https://www.bleepingcomputer.com/news/security/malicious-jetbrains-marketplace-plugins-steal-ai-api-keys-from-developers/


5. RokarollaľÂíαװÈÈÃÅÓ¦ÓõÁÈ¡½ðÈÚÆ¾Ö¤


6ÔÂ16ÈÕ£¬Ò»ÖÖÃûΪRokarollaµÄÐÂÐÍAndroidÒøÐÐľÂíÕýÔÚ»îÔ¾´«²¥£¬Ëüͨ¹ýαװ³ÉGoogle Chrome»òTikTokÓ¦ÓõĶñÒâÍøÕ¾ÓÕµ¼Óû§°²×°£¬Æù½ñÒѾ߱¸¹¥»÷217¸öÒøÐкͼÓÃÜ»õ±ÒÓ¦ÓóÌÐòµÄÄÜÁ¦£¬²¢ÓµÓжà´ï137ÌõÔ¶³Ì¿ØÖÆÖ¸Áî¡£Òƶ¯°²È«¹«Ë¾ZimperiumÅû¶£¬¸Ã¶ñÒâÈí¼þÔÚ°²×°Ê±³äµ±Í¶·ÅÆ÷£¬»á¼ÙðAndroid¹Ù·½·´¶ñÒâϵͳGoogle Play Protect£¬ÏòÓû§Ìṩ°²×°Chrome»òTikTokµÄÑ¡Ï¶øÎÞÂÛÑ¡ÔñÄÄÒ»Ï×îÖÕÖ²ÈëµÄ¶¼Êǰüº¬Rokarolla¶ñÒâ´úÂëµÄÓ¦Óá£Ò»µ©Æô¶¯£¬¸ÃľÂí»áÁ¢¼´ÇëÇó¸¨Öú¹¦ÄÜ·þÎñȨÏÞ£¬Í¬Ê±Ë÷È¡·ÃÎÊ֪ͨ¡¢¶ÌÐźÍͨ»°µÄÃô¸ÐÊÚȨ£¬ÕâЩȨÏÞÊǺóÐøÊµÊ©¸ß½×¿ØÖÆÓëÆÛÕ©µÄ¹Ø¼üǰÌá¡£Ëæºó£¬RokarollaÓëÃüÁîÓë¿ØÖÆ·þÎñÆ÷½¨Á¢Í¨ÐÅ£¬Êײ½·¢ËͰüº¬ÊÖ»úÐͺš¢Android°æ±¾¡¢ÓïÑÔÇøÓò¡¢ÏÔʾ²ÎÊý¡¢µç³ØµçÁ¿¡¢´æ´¢ÈÝÁ¿¼°¿ÉÓÃRAMµÈÏ꾡µÄÉ豸ÅäÖÃÎļþ£¬·þÎñÆ÷¾Ý´ËΪÿÃûÊܺ¦ÕßÉú³ÉΨһ±êʶ·û£¬ÒÔʵÏÖ¾«×¼²Ù¿Ø¡£¸ÃľÂíµÄºËÐÄÄ¿±êÊÇÇÔÈ¡²ÆÎñÐÅÏ¢¡£Ëü»á½«ÊܸÐȾÉ豸ÓëÄÚÖõÄ217¸öÄ¿±êÓ¦ÓÃÁбíÖðÒ»±È¶Ô£¬Ò»µ©·¢ÏÖÆ¥Å䣬±ã´Ó·þÎñÆ÷ÏÂÔØÕë¶Ô¸ÃÓ¦ÓõĵöÓã¹¥»÷ÔØºÉ¡£µ±Êܺ¦ÕßÕý³£´ò¿ªÄ¿±êÓ¦ÓÃʱ£¬Rokarolla»áʵʱ¸²¸ÇÒ»¸öαÔìµÄµÇ¼½çÃæ£¬ÓÕÆ­Óû§ÊäÈëÕË»§Ãû¡¢ÃÜÂë¡¢ÐÅÓÿ¨ºÅ¼°ÆäËûÃô¸Ð²ÆÎñÊý¾Ý¡£


https://www.bleepingcomputer.com/news/security/new-rokarolla-android-malware-targets-217-banking-crypto-apps/


6. Steam´´Ò⹤·»±ÚÖ½°ü°µ²Ø¶ñÒâÈí¼þ


6ÔÂ16ÈÕ£¬²»·¨·Ö×ÓÕý´ó¹æÄ£ÀÄÓÃValveÆìϵÄSteam´´Ò⹤·»£¬Õâ¸ö±¾ÓÃÓÚ·ÖÏíÓÎÏ·Ä£×é¡¢µØÍ¼¡¢Æ¤·ôµÈÓû§Éú³ÉÄÚÈݵÄÉçÇøÖÐÐÄ£¬½«¶ñÒâÈí¼þαװ³É±ÚÖ½°üÏòÍæ¼ÒÍÆËÍ¡£ÍøÂ簲ȫ¹«Ë¾¿¨°Í˹»ù·¢²¼±¨¸æÅû¶£¬¹¥»÷ÕßÀûÓÃSteamƽ̨Éϱ¸ÊÜ»¶Ó­µÄ¡°Wallpaper Engine¡±×ÀÃæ×Ô¶¨ÒåÓ¦ÓóÌÐò£¬¸ÃÓ¦ÓÃÓµÓнü°ÙÍòÌõÆÀÂÛ£¬Ö§³ÖËÄÖÖ±ÚÖ½ÀàÐÍ£¬ÆäÖС°Ó¦ÓóÌÐò±ÚÖ½¡±±¾ÖÊÉÏÊÇ¿ÉÖ´ÐеÄWindows³ÌÐò£¬¿É°üº¬ÓÎÏ·¡¢Ð¡¹¤¾ß»òϵͳ¼à¿Ø¹¤¾ß£¬ÕâÒ»Éè¼ÆËäÍØÕ¹Á˹¦ÄÜÐÔ£¬È´Ò²ÄÚÖÃÁËÑÏÖØµÄ°²È«·çÏÕ£¬Èç½ñÒѱ»ÍþвÐÐΪÕß¶ñÒâÀûÓá£Ñо¿ÈËԱȷÈÏ£¬ÖÁÉÙ´Ó2025ÄêÄ©Æð£¬¹¥»÷Õ߱㿪ʼÏòSteam´´Ò⹤·»ÉÏ´«Î±×°³É±ÚÖ½µÄ¶ñÒâÎļþ£¬ÓÕÆ­Óû§Í¨¹ýWallpaper Engine°²×°£¬¿¨°Í˹»ùÒÑ·¢ÏÖÊýÊ®¿î´ËÀà¶ñÒâÓ¦ÓóÌÐò±ÚÖ½£¬Ã¿Ò»¿î¾ù±»ÏÂÔØÊýǧÄËÖÁÊýÍò´Î£¬ÀÛ¼ÆÊܺ¦¹æÄ£Ï൱¿É¹Û¡£ÕâЩ¶ñÒâ±ÚÖ½µÄͶµÝÊÖ·¨¶àÑù£¬ÓеĽ«¶ñÒâÈí¼þÖ±½Ó´ò°üÔÚ±ÚÖ½°²×°°üÖУ¬ÓеÄÔò½«ÆäÖÃÓÚÊÜÃÜÂë± £»¤µÄѹËõÎļþÄÚ£¬ÓÕʹÓû§Ö÷¶¯½âѹ²¢ÔËÐС£Ò»µ©Óû§°²×°±ÚÖ½£¬ÓÐÐ§ÔØºÉ±ã»á×Ô¶¯Ö´ÐУ¬ºǫ́ѸËÙÕ¹¿ªÈëÇÖ¡£Ñо¿ÈËÔ±»¹·¢ÏÖ¶àÆðÉæ¼°LummaºÍVidarÐÅÏ¢ÇÔÈ¡³ÌÐò¡¢¼ÓÃÜ»õ±ÒÍÚ¿óľÂí¡¢½©Ê¬ÍøÂç¼ÓÔØ³ÌÐò¡¢RanEngineÀÕË÷Èí¼þµÈÆäËû¶ñÒâ¼Ò×åµÄ¹¥»÷°¸Àý£¬±íÃ÷Õâһ©¶´Òѱ»¶à¸ö²»Í¬µÄ¹¥»÷ÍÅ»ïͬʱÀÄÓá£


https://www.bleepingcomputer.com/news/security/steam-workshop-abused-to-spread-malware-via-wallpaper-engine-app/