漏洞 Vulnerability FireFox发布漏洞预警通告 https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/ 安全事件 Security Incident Lazarus BTC 转换器——​重构JS嗅探器，窃取加密货币 https://mp.weixin.qq.com/s/mDFjuLisuTDLWus4eqmcqg Lazarus APT conceals malicious code within BMP image to drop its RAT https://blog.malwarebytes.com/malwarebytes-news/2021/04/lazarus-apt-conceals-malicious-code-within-bmp-file-to-drop-its-rat/ A Deep Dive into Zebrocy’s Dropper Docs https://labs.sentinelone.com/a-deep-dive-into-zebrocys-dropper-docs/ Primitive Bear (Gamaredon) Targets Ukraine with Timely Themes https://www.anomali.com/blog/primitive-bear-gamaredon-targets-ukraine-with-timely-themes 朝鲜APT组织攻击韩国的外交、国防、军事领域 https://blog.alyac.co.kr/3716?category=957259 Codecov受到供应链攻击 https://securityaffairs.co/wordpress/116967/hacking/codecov-supply-chain-attack.html 通过Xcode项目传播的恶意软件现在针对苹果基于M1的Mac https://thehackernews.com/2021/04/malware-spreads-via-xcode-projects-now.html