免责声明：以下内容原文来自互联网的公共方式，仅用于有限分享，译文内容不代表蚁景网安实验室观点，因此第三方对以下内容进行分享、传播等行为，以及所带来的一切后果与译者和蚁景网安实验室无关。以下内容亦不得用于任何商业目的，若产生法律责任，译者与蚁景网安实验室一律不予承担。

1、Solarwinds 发布更新修复新的严重漏洞

https://www.securityweek.com/new-code-execution-flaws-solarwinds-orion-platform

2、OpenSSL 发布1.1.1k修补了两个高危漏洞

https://www.securityweek.com/openssl-111k-patches-two-high-severity-vulnerabilities

3、黑客开始利用Thrive Theme WordPress插件中的最新漏洞

https://www.securityweek.com/hackers-start-exploiting-recent-vulnerabilities-thrive-theme-wordpress-plugins

4、Mamba Ransomware利用DiskCryptor进行加密

https://www.securityweek.com/mamba-ransomware-leverages-diskcryptor-encryption-fbi-warns

5、3000万美国人受Astoria公司数据泄露的影响

https://securityaffairs.co/wordpress/115934/breaking-news/astoria-company-data-leak.html

6、Microsoft修复Windows PSExec特权提升漏洞

https://www.bleepingcomputer.com/news/security/microsoft-fixes-windows-psexec-privilege-elevation-vulnerability

7、英国服装零售商Fat Face遭黑客入侵数据泄露

https://www.inforisktoday.com/british-clothing-retailer-fat-face-discloses-data-breach-a-16249

8、安全机构在互联网上的Exchange中检测到数十万个Webshell

https://searchsecurity.techtarget.com/news/252498373/Nearly-100000-web-shells-detected-on-Exchange-servers

9、XcodeSpy 通过Xcode项目传播恶意软件

https://cyware.com/news/trojanized-xcode-project-spreads-macos-malware-1a2f1982

10、Slack Connect DM新功能存在安全隐患

https://www.securityweek.com/new-slack-connect-dm-feature-raises-security-concerns