漏洞 Vulnerability Apache Shenyu 更新多个漏洞 https://www.cybersecurity-help.cz/vdb/SB2022012522 Apache Karaf 中不受信任数据的反序列化 https://issues.apache.org/jira/browse/KARAF-7312 安全事件 Security Incident 不同寻常的“唐纳德·特朗普”包装恶意软件运送RATs、信息窃取者 https://threatpost.com/donald-trump-packer-malware-infostealers/177887/ 分析APT36或Earth Karkaddan的攻击链和恶意软件库 https://www.trendmicro.com/en_us/research/22/a/investigating-apt36-or-earth-karkaddans-attack-chain-and-malware.html LockBit勒索软件的第一个Linux和VMware ESXi变体的分析和影响 https://www.trendmicro.com/en_us/research/22/a/analysis-and-Impact-of-lockbit-ransomwares-first-linux-and-vmware-esxi-variant.html 黑客利用OpenSea漏洞窃取并转卖价值100万美元的NFT内容 https://www.cnbeta.com/articles/tech/1229659.htm 用于推送远程访问特洛伊木马的恶意 PowerPoint 文件 https://www.bleepingcomputer.com/news/security/malicious-powerpoint-files-used-to-push-remote-access-trojans/ 黑客创建欺诈性加密令牌作为”Rug Pull”骗局的一部分 https://thehackernews.com/2022/01/hackers-creating-fraudulent-crypto.html FBI警告说，骗子篡改二维码窃取受害者的钱和信息 https://securityaffairs.co/wordpress/127103/cyber-crime/qr-codes-attacks.html