´ï¿Æµç×Ó½ÚÔìÆ÷·ì϶¿ÉÖ¸ßËÙÂ·ÅÆÔâ´Û¸Ä

°ä²¼¹¦·ò 2026-07-01
1. ´ï¿Æµç×Ó½ÚÔìÆ÷·ì϶¿ÉÖ¸ßËÙÂ·ÅÆÔâ´Û¸Ä


6ÔÂ30ÈÕ£¬ÍøÂ簲ȫ×êÑÐÈËÔ±½üÈÕÅû¶£¬ÃÀ¹ú´óÐÍLEDÏÔʾϵͳÔì×÷ÉÌ´ï¿Æµç×Ó£¨Daktronics£©Æì϶à¿î½ÚÔìÆ÷´æÔÚÑϳÁ°²È«·ì϶£¬¿ÉÄܱ»ºÚ¿ÍÀûÓÃÀ´´Û¸Ä¸ßËÙ¹«Â·½»Í¨±êÖ¾¡¢Êý×Ö¸æ°×ÅÆ¼°Ô˶¯³¡¹ÝÏÔʾÆÁÄÚÈÝ¡£´ï¿Æµç×ӵIJúÆ·±é²¼È«Çò£¬´Ó¸ßÖÐÌåÓý¹Ý¡¢×¨ÒµÔ˶¯³¡µ½¹ú¼Ê»ú³¡ºÍ³ÇÊиæ°×ÅÆ¾ùÓв¿Êð£¬Ó°ÏìÁìÓò¿í·º¡£Æ¾¾ÝÃÀ¹úÍøÂ簲ȫºÍ»ù´¡ÉèÊ©°²È«¾Ö£¨CISA£©ÉÏÖܰ䲼µÄÕ÷ѯ»ã±¨£¬ÊÜÓ°ÏìµÄ½ÚÔìÆ÷ÐͺÅÔ̺¬VFC-DMP-5000¡¢DMP-5000ºÍDMP-8000£¬¹²´æÔÚÈý¸ö°²È«·ì϶¡£ÆäÖÐ×îÑϳÁµÄÊÇÒ»ÏîÎÞÐèÉí·ÝÑéÖ¤¼´¿ÉÀûÓõÄõè¾¶±éÀúÎÊÌ⣬¹¥»÷Õ߿ɽè´Ëö¾ÙËÁÒâÎļþϵͳõè¾¶£»´Ë±í»¹ÓÐÒ»¸öÐè¾­Éí·ÝÑéÖ¤µÄËÁÒâÎļþÉÏ´«·ì϶£»ÒÔ¼°É豸³ö³§Ê±Ô¤ÉèÇÒδ±»Ç¿Ôì¸ü¸ÄµÄĬÈÏÖÎÀíԱʹ´¦£¬¸ÃÍ´´¦¿ÉÌṩÆëÈ«µÄϵͳ½Ó¼ûȨÏÞ¡£CISAÔÚÕ÷ѯÖÐÖÒ¸æ³Æ£¬³É¹¦ÀûÓÃÕâЩ·ì϶¿Éʹδ¾­Éí·ÝÑéÖ¤µÄÓû§»ñµÃ¶ÔϵͳµÄÆëÈ«¸ù¼¶½Ó¼ûºÍ½ÚÔìȨ¡£´ï¿Æµç×ÓÔÚ»ñϤ·ì϶ºóѸËÙÏìÓ¦£¬ÓÚ2026Äê1Ô³õͨ¹ýCISAµÄVINCEƽ̨½Ó¹Ü»ã±¨£¬²¢ÔÚ3Ô³õ×óÓÒʵÏÖÁ˽¨¸´¹Ì¼þµÄ¿ª·¢¡£´ï¿Æµç×ÓÒÑÕýʽ°ä²¼²¹¶¡£¬²¢Ç¿ÁÒ½¨ÒéÓû§¸ü¸ÄĬÈÏÃÜÂëÒÔÔ¤·ÀδÊÚȨ½Ó¼û¡£


https://www.securityweek.com/new-controller-flaws-expose-highway-signs-and-billboards-to-remote-hacking/


2. NotionÔâÊý¾Ýй¶£¬1.1ÒÚÓû§¼Í¼±»¹ÒÅÆÏúÊÛ


6ÔÂ29ÈÕ£¬½üÈÕ£¬Ò»ÃûÍøÂç¹¥»÷ÕßÔÚ°µÅÌÂÛÌÓð»¯ù³ÆÒÑÈëÇÖÈȵãЧÄܹ¤¾ßNotionµÄÊý¾Ý¿â£¬²¢ÏúÊÛ³¬¹ý1.1ÒÚÌõÓû§¼Í¼¡£ÎªÖ¤Ã÷Æä¿ÉÐŶÈ£¬¹¥»÷Õß¹«¿ªÁË48ÌõÑù±¾Êý¾Ý£¬¾­×êÑÐÈËÔ±Éó²é£¬Ñù±¾ÖÐÔ̺¬µç×ÓÓʼþµØÖ·¡¢ÃÜÂë¹þÏ£Öµ¡¢×¢²á¼°×îºóµÇ¼IP¡¢ÕË»§´´½¨Óë»î¶¯¹¦·ò´Á¡¢µØÓòÊ±ÇøÐÅÏ¢¡¢¹¤×÷ÇøÃû³Æ¼°Óû§½ÇÉ«µÈÃô¸Ð×ֶΣ¬ÄÚ²¿Ò»ÖÂÐԽϸߣ¬µ«ËùÐû³ÆµÄ1.1Òڱʼͼ×ÜÊýÉдý¶ÀÁ¢ÑéÖ¤¡£Notion×÷Ϊһ¿î¼¯±Ê¼Ç¡¢ÖªÊ¶ÖÎÀíºÍºÏ×÷ÓÚÒ»ÌåµÄ³ö²úÁ¦Æ½Ì¨£¬È«ÇòÓû§Òѳ¬¹ý1ÒÚ£¬Æä³ÛÃûÆóÒµ¿Í»§Ô̺¬Ó¢Î°´ï¡¢OpenAI¡¢·áÌïºÍVercel¡£Õâ´Îй¶µÄÊý¾ÝËäÒÔ¹þÏ£Öµ¶ø·ÇÃ÷ÎÄ´ó¾Ö´æ´¢£¬µ«°²È«×¨¼ÒÖ¸³ö·çÏÕÒÀÈ»Ñϸñ¡£¹¥»÷Õß¿ÉÄÜͨ¹ý±©Á¦ÆÆ½â»ò²Êºç±íµÈ·½Ê½³¢ÊÔ»¹Ô­ÈõÃÜÂ룬Èô³É¹¦»ñÈ¡Ã÷ÎÄÃÜÂ룬½«Ö±½ÓÍþвÓû§ÔÚÆäËûƽ̨ÉϵÄÕË»§°²È«£¬Ë¼¿¼µ½´óÁ¿Óû§´æÔÚÃÜÂ븴ÓÃϰ¹ß£¬×²¿â¹¥»÷·çÏÕÓÈΪ͹Æð¡£´Ë±í£¬Ð¹Â¶µÄµç×ÓÓʼþµØÖ·ÓëµÇ¼ԪÊý¾Ý½áºÏ£¬¿É±»ÓÃÓڸ߶ȶ¨Ô컯µÄÓã²æÊ½ÍøÂç´¹µö»î¶¯£¬¼ÙÒâNotion¹Ù·½»òÆäËû¿ÉÕÛ·þÎñÓÕµ¼Óû§½»³ö¸ü¶àÃô¸ÐÐÅÏ¢¡£


https://cybernews.com/security/notion-data-breach-claims/


3. 1-800-DentistÔâ÷è÷ëÀÕË÷£¬»¼ÕßÑÀ¿ÆÊý¾Ý±»ÇÔ


6ÔÂ30ÈÕ£¬÷è÷ëÀÕË÷Èí¼þÍÅ»ï½üÈÕÔÚÆä°µÍøÊܺ¦Õß²©¿ÍÉϰ䷢£¬Òѳɹ¦ÈëÇÖÃÀ¹úÂåɼí¶ÑÀ¿Æ×ªÕï·þÎñ¼°B2BÓªÏú½â¾ö¹æ»®¹«Ë¾1-800-Dentist£¬²¢ÍþвÈô²»Ö§¸¶Êê½ð½«¹«¿ªÈ«ÊýÇÔÈ¡Êý¾Ý¡£¸ÃÍÅ»ïÒѰ䲼11¸öÑù±¾ÎļþÒÔÖ¤Ã÷ÆäÈëÇÖÐÐΪ¡£Ö»¹Ü1-800-DentistÉÐδÕýʽȷÈÏÕâ´Î°²È«ÊÂÎñ£¬µ«Ë¾·¨×¨¼ÒÖҸ棬Õâ´Îй¶¿ÉÄܲ¨¼°Êý°ÙÍòÒÀÀµ¸Ã¹«Ë¾×ªÕïÆ½Ì¨µÄÏû·ÑÕߺÍÑÀ¿ÆÕïËù£¬Éæ¼°´óÁ¿Ãô¸ÐÓ×ÎÒÓ뽡¿µÊý¾Ý¡£÷è÷ëÉÐδÅû¶¾ßÌåÇÔÈ¡µÄÊý¾ÝÁ¿»òÀàÐÍ£¬µ«1-800-DentistËùÍøÂçµÄÐÅÏ¢ÁìÓò¿í·º£¬¿ÉÄÜÔ̺¬»¼ÕßÐÕÃû¡¢µØÖ·¡¢µç»°¡¢µç×ÓÓʼþµÈÁªÏµ·½Ê½£¬ÑÀ¿Æ·þÎñÒªÇó¡¢Ò½ÁÆÓëÑÀ¿Æ²¡Ê·¡¢ÑÀ³Ý»òÑÀö¸Ò½Ñ§Ó°Ïñ£¬ÒÔ¼°¸¶¿î·½Ê½ºÍÑÀ¿Æ±£ÏÕÌṩÉÌÐÅÏ¢¡£´Ë±í£¬»áÔ±ÑÀ¿ÆÕïËùµÄÁªÏµÐÅÏ¢¡¢»¼Õß»ñÈ¡Êý¾ÝºÍÔ±¹¤ÐÅϢͬÑù¿ÉÄܱ»Ð¹Â¶¡£Æ¾¾ÝHIPAAÂÉÀý£¬ÑÀ¿ÆÕïËùÓÐʹÃü±£»¤»¼Õߵĵç×ÓÓ×ÎÒ½¡¿µÐÅÏ¢£¬Ò»µ©µÚÈý·½¹©¸øÉ̲úÉúÊý¾Ýй¶£¬ÕïËù×ÔÉíͬÑùÃæ¶ÔºÏ¹æ×·Ôð·çÏÕ¡£


https://cybernews.com/news/800-dentist-ransomware-health-data-breach-qilin/


4. ˮʦ¹í»êÐж¯£ºPyPIºóÃÅÇÔÈ¡·þÎñÆ÷Êý¾Ý


6ÔÂ30ÈÕ£¬×Ô2025Äê11ÔÂÒÔÀ´£¬Ò»³¡Õë¶ÔPython¿ª·¢ÕßµÄÒñ±Î¹©¸øÁ´¹¥»÷³ÖÐø·¢½Í£¬¹¥»÷Õßͨ¹ý°ä²¼Ä¾Âí»¯µÄPyrogram·ÖÖ§Èí¼þ°ü£¬ÔÚTelegram»úеÈ˹¹½¨»·¾³ÖÐÖ²ÈëºóÃÅ£¬´Ó¶øÊµÏÖÔ¶³ÌËÁÒâÎļþ¶ÁÈ¡ÓëºÅÁîÖ´ÐС£Æ¾¾ÝÀûÓð²È«¹«Ë¾CheckmarxµÄ×êÑл㱨£¬ÕâÏî´úºÅΪ"ˮʦ¹í»êÐж¯"µÄ¶ñÒâ»î¶¯ÒѳÖÐø³¬¹ýÆß¸öÔ£¬½ØÖÁ2026Äê6Ô£¬ÖÁÉÙÓа˸ö¼Ù×°³ÉºÏ·¨Pyrogram·ÖÖ§µÄ¶ñÒâÈí¼þ°ü±»ÉÏ´«ÖÁPython°üË÷Òý£¨PyPI£©£¬ÀÛ¼ÆÏÂÔØÁ¿³¬¹ý2.5Íò´Î¡£ÕâЩÈí¼þ°üÔ̺¬VLifeGram¡¢VLife-Gram¡¢pyrogram-navy¡¢pyrogram-styled¡¢pyrogram-zeeb¡¢kelragram¡¢sepgram¼°pyrogram-kelra£¬ËüÃǾùÔ̺¬Ô­Ê¼PyrogramÔ´´úÂëÒÔά³ÖÖ°ÄÜÕý³££¬µ«¹¥»÷ÕßÔÚhelpersÄ£¿éÖжî±íÖ²ÈëÁËÃûΪsecret.pyµÄºóÃÅÎļþ¡£Pyrogram×÷Ϊһ¿îËäÒÑÖÕ³¡ÊØ»¤µ«ÈÔÔÚ¿í·ºÊ¹ÓõÄTelegram MTProto API¿ò¼Ü£¬ÆäPyPIÔÂÏÂÔØÁ¿¿¿½ü35Íò´Î£¬GitHub·ÖÖ§Êý³¬¹ý1400¸ö£¬ÌìÈ»³ÉΪ¹¥»÷ÕßÃÎÏëµÄͶ¶¾Ö¸±ê¡£¸ÃºóÃŵÄÔË×÷»úÔ켫Ϊ¾«Ãµ±ÊÜϰȾµÄ»úеÈËÆô¶¯Ê±£¬¶ñÒâ´úÂë»á×Ô¶¯×¢²á°µ²ØµÄTelegramºÅÁî´¦Ö÷¨Ê½£¬Ê¹¹¥»÷Õß¿ÉÄÜͨ¹ýÏò»úеÈË·¢ËÍÌØ¶¨Ö¸ÁîÀ´Ô¶³ÌÖ´ÐÐËÁÒâ²Ù×÷¡£


https://www.bleepingcomputer.com/news/security/malicious-pypi-packages-give-hackers-control-of-telegram-bot-servers/


5. RustDuck½èRust³Áд£¬·´¼ì²âDDoSÀ´Ï®


6ÔÂ30ÈÕ£¬×Ô2026Äê2ÔÂÒÔÀ´£¬Ò»¸öÃûΪRustDuckµÄÐÂÐÍÁ½½×¶Î¶ñÒâÈí¼þ¼Ò×åÕý´ó¹æÄ£½Ù³Ö¼ÒÓ÷ÓÉÆ÷¡¢IPÉãÏñÍ·¡¢°²×¿ºÐ×Ó¼°°²È«ÅäÖÃÓÄ΢µÄ·þÎñÆ÷£¬½«Æä±àÖ¯³É¾ß±¸×³´óDDoS¹¥»÷ÄÜÁ¦µÄ½©Ê¬ÍøÂç¡£Óë¶à¶àͬÀà¶ñÒâÈí¼þÏà±È£¬RustDuckƾ½èÁ½´ó¸öÐÔÍÑÓ±¶ø³ö£ºÆäÒ»£¬Ö÷ÌâÄ£¿é´Ó´«Í³µÄC˵»°È«Ãæ³ÁдΪRust˵»°£¬ÏÔÖøÌáÉýÁËÄæÏò·ÖÎöµÄÄѶÈ£»Æä¶þ£¬Ð°汾ÒýÈëÁËÒ»Ì׸´Ôӵķ´·ÖÎöÓë×ÔÎÒ±£»¤»úÔ죬ּÔÚ¶ã±Ü°²È«×êÑÐÈËÔ±µÄ¼ì²âÓë¹ýÎÊ¡£ÔÚ´«²¼Õ½ÊõÉÏ£¬RustDuck²¢Î´ÒÀÀµÈκθ߼¶·ì϶£¬¶øÊÇ»ìºÏʹÓÃÁËһϵÁÐÒÑÖª°²È«È±µã£¬Ñ¡È¡"¹ãÈöÍø"Õ½Êõ¡£ÆäÈëÇÖõè¾¶ÖØÒªÔ̺¬ÈýÀࣺһÊÇÕë¶ÔÔ¶³ÌµÇ¼·þÎñ£¨TelnetºÍSSH£©µÄÈõÃÜÂë»òĬÈÏÃÜÂë½øÐб©Á¦ÆÆ½â£»¶þÊÇÀûÓôóÁ¿Î´½¨¸´µÄÉ豸·ì϶£¬º­¸Ç»ªÎªHG532£¨CVE-2017-17215£©¡¢ÒÑÍ£²úµÄD-Link DIR-823X£¨CVE-2025-29635£©¡¢Totolink X6000R£¨CVE-2024-1781£©ÒÔ¼°Apache CouchDB£¨CVE-2018-8007£©µÈ£¬´Ë±í»¹Õë¶ÔÈñ½Ý¡¢TP-Link¡¢ÖÐÐ˵ȳ§É̵ÄÉ豸ȱµã½øÐй¥»÷£»ÈýÊǶÔ×¼WebÈí¼þÖеÄÒÑÖª·ì϶£¬Ô̺¬ThinkPHP¡¢JenkinsºÍHadoop YARN£¬Ê¹Æä¹¥»÷Ãæ´ÓÁ®¼Û¼ÒÓÃÓ²¼þÀ©´óÖÁÆóÒµ¼¶Â¶³ö·þÎñÆ÷¡£


https://thehackernews.com/2026/06/rustduck-botnet-rebuilds-in-rust-to.html


6. ÈÕ±¾AflacÔâÍøÂç¹¥»÷£¬438Íò¿Í»§ÐÅϢй¶


6ÔÂ30ÈÕ£¬ÈÕ±¾±£ÏÕ¾ÞÍ·AflacÅû¶£¬ÆäÈÕ±¾×Ó¹«Ë¾Aflac Life Insurance JapanÔÚ6ÔÂ15ÈÕÖÁ25ÈÕÆÚ¼äÔâ·êÍøÂç¹¥»÷£¬ºÚ¿ÍÈëÇÔìä±£µ¥³ÖÓÐÈËÃÅ»§ÍøÕ¾¡°Aflac Yoriso Net¡±¼°ÓйØÏµÍ³£¬ÇÔÈ¡ÁËÔ¼438ÍòÃû¿Í»§ºÍ´úÀíÈ˵ÄÓ×ÎÒÐÅÏ¢¡£Æ¾¾Ý¸Ã¹«Ë¾ÏòÃÀ¹ú֤ȯÂòÂôίԱ»áÌá½»µÄ8-K±í¸ñ£¬Õâ´Î·¸·¨½Ó¼ûÓÚ6ÔÂ25ÈÕ±»·¢ÏÖ£¬¹«Ë¾Ëæ¼´ÔÝÍ£ÊÜÓ°ÏìϵͳÒÔ½ÚÔìÊÂ̬£¬Ä¿Ç°²¿Ãſͻ§·þÎñÈÔÁÙʱÎÞ·¨Ê¹Ó㬸´Ô­¹¤×÷ÔÚ½øÐÐÖС£Ð¹Â¶µÄÊý¾ÝÀàÐÍÒò¿Í»§¶øÒ죬¿ÉÄÜÔ̺¬ÐÕÃû¡¢µØÖ·¡¢µç»°ºÅÂë¡¢µ®ÉúÈÕÆÚ¡¢ÐԱ𡢰²È«ÉèÖᢱ£ÏÕÕË»§ÏêÇ飬ÉõÖÁ²¿ÃÅÊÜÓ°ÏìÎļþ»¹Éæ¼°±£µ¥³Ð±£ÁìÓòϸ½Ú¼°ÒøÐÐÕË»§ÐÅÏ¢¡£AflacÇ¿µ÷£¬Õâ´ÎÊÂÎñ½öÏÞÓÚÈÕ±¾ÒµÎñ£¬ÆäÃÀ¹úϵͳδÊܲ¨¼°£¬Ò²Î´±»¹¥»÷Õß½Ó¼û¡£¹«Ë¾ÒÑÔÚ±í²¿ÍøÂ簲ȫר¼ÒЭÖúÏ·¢Õ¹È«Ãæµ÷²é£¬²¢ÒÑÏòÈÕ±¾½ðÈÚÌü¼°ÆäËûÓйز¿ÃÅ´«µÝÇé¿ö£¬´òËãÒÔÐź¯´ó¾ÖÖðһ֪ͨÊÜÓ°ÏìÓ×ÎÒ£¬×¢Ã÷¾ßÌåй¶µÄÊý¾ÝÀà±ð¡£½ØÖÁĿǰ£¬ÉÐδȷÈÏÓÐÐÅÏ¢±»ÀÄÓõÄÇé¿ö²úÉú¡£


https://securityaffairs.com/194488/data-breach/hackers-steal-data-of-4-38-million-aflac-japan-customers.html