G\u00e3 kh\u1ed5ng l\u1ed3 th\u1eddi trang Dior (Ph\u00e1p) \u0111\u00e3 x\u00e1c nh\u1eadn b\u1ecb nh\u1eafm m\u1ee5c ti\u00eau trong m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng m\u1ea1ng khi\u1ebfn th\u00f4ng tin kh\u00e1ch h\u00e0ng b\u1ecb x\u00e2m ph\u1ea1m. Dior cho bi\u1ebft s\u1ef1 c\u1ed1 n\u00e0y kh\u00f4ng l\u00e0m l\u1ed9 l\u1ecdt m\u1eadt kh\u1ea9u t\u00e0i kho\u1ea3n ho\u1eb7c th\u00f4ng tin\u00a0th\u1ebb thanh to\u00e1n<\/a>, v\u00ec nh\u1eefng th\u00f4ng tin n\u00e0y \u0111\u01b0\u1ee3c l\u01b0u tr\u1eef trong m\u1ed9t c\u01a1 s\u1edf d\u1eef li\u1ec7u kh\u00e1c v\u00e0 kh\u00f4ng b\u1ecb \u1ea3nh h\u01b0\u1edfng.<\/p>\n Dior khuy\u1ebfn c\u00e1o kh\u00e1ch h\u00e0ng n\u00ean c\u1ea3nh gi\u00e1c v\u1edbi c\u00e1c n\u1ed7 l\u1ef1c l\u1eeba \u0111\u1ea3o y\u00eau c\u1ea7u cung c\u1ea5p th\u00f4ng tin c\u00e1 nh\u00e2n, \u0111\u1ed3ng th\u1eddi h\u00e3y li\u00ean h\u1ec7 ngay v\u1edbi h\u1ecd \u0111\u1ec3 b\u00e1o c\u00e1o c\u00e1c tr\u01b0\u1eddng h\u1ee3p m\u1ea1o danh th\u01b0\u01a1ng hi\u1ec7u. Hi\u1ec7n t\u1ea1i, th\u00f4ng tin chi ti\u1ebft v\u1ec1 s\u1ed1 l\u01b0\u1ee3ng kh\u00e1ch h\u00e0ng v\u00e0 c\u00e1c qu\u1ed1c gia b\u1ecb \u1ea3nh h\u01b0\u1edfng v\u1eabn ch\u01b0a \u0111\u01b0\u1ee3c ti\u1ebft l\u1ed9 c\u00f4ng khai, tuy nhi\u00ean c\u00f3 m\u1ed9t s\u1ed1 b\u00e1o c\u00e1o r\u1eb1ng trang kh\u00e1ch h\u00e0ng t\u1ea1i H\u00e0n Qu\u1ed1c v\u00e0 Trung Qu\u1ed1c nh\u1eadn \u0111\u01b0\u1ee3c th\u00f4ng b\u00e1o vi ph\u1ea1m d\u1eef li\u1ec7u t\u1eeb h\u00e3ng th\u1eddi trang n\u00e0y.<\/p>\n C\u00f4ng c\u1ee5 Tor Oniux m\u1edbi \u1ea9n danh m\u1ecdi l\u01b0u l\u01b0\u1ee3ng m\u1ea1ng c\u1ee7a \u1ee9ng d\u1ee5ng Linux<\/strong><\/p>\n Tor v\u1eeba c\u00f4ng b\u1ed1 Oniux, m\u1ed9t c\u00f4ng c\u1ee5 d\u00f2ng l\u1ec7nh m\u1edbi \u0111\u1ec3 \u0111\u1ecbnh tuy\u1ebfn b\u1ea5t k\u1ef3 \u1ee9ng d\u1ee5ng\u00a0Linux<\/a>\u00a0n\u00e0o m\u1ed9t c\u00e1ch an to\u00e0n qua m\u1ea1ng Tor \u0111\u1ec3 c\u00f3 c\u00e1c k\u1ebft n\u1ed1i m\u1ea1ng \u1ea9n danh. Oniux s\u1eed d\u1ee5ng namespace Linux \u0111\u1ec3 t\u1ea1o ra m\u1ed9t m\u00f4i tr\u01b0\u1eddng ho\u00e0n to\u00e0n bi\u1ec7t l\u1eadp cho m\u1ed7i \u1ee9ng d\u1ee5ng, do \u0111\u00f3 m\u1ecdi l\u01b0u l\u01b0\u1ee3ng truy c\u1eadp c\u1ee7a ch\u00fang \u0111\u1ec1u ph\u1ea3i \u0111i qua Tor, ng\u0103n ch\u1eb7n r\u00f2 r\u1ec9 d\u1eef li\u1ec7u ngay c\u1ea3 khi \u1ee9ng d\u1ee5ng \u0111\u1ed9c h\u1ea1i ho\u1eb7c b\u1ecb c\u1ea5u h\u00ecnh sai.<\/p>\n Nova Scotia Power x\u00e1c nh\u1eadn tin t\u1eb7c \u0111\u00e3 \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u kh\u00e1ch h\u00e0ng<\/strong><\/p>\n Tu\u1ea7n qua, \u0111\u1ea1i di\u1ec7n c\u1ee7a c\u00f4ng ty \u0111i\u1ec7n l\u1ef1c Canada\u00a0Nova Scotia Power<\/a>\u00a0\u0111\u00e3 x\u00e1c nh\u1eadn d\u1eef li\u1ec7u c\u1ee7a h\u1ecd b\u1ecb r\u00f2 r\u1ec9, bao g\u1ed3m m\u1ed9t s\u1ed1 th\u00f4ng tin nh\u1ea1y c\u1ea3m c\u1ee7a kh\u00e1ch h\u00e0ng nh\u01b0 h\u1ecd t\u00ean, s\u1ed1 \u0111i\u1ec7n tho\u1ea1i, t\u00e0i kho\u1ea3n ng\u00e2n h\u00e0ng,… Tr\u01b0\u1edbc \u0111\u00f3, v\u00e0o ng\u00e0y 28\/4, Nova Scotia Power th\u00f4ng b\u00e1o r\u1eb1ng ph\u00e1t hi\u1ec7n h\u00e0nh vi truy c\u1eadp tr\u00e1i ph\u00e9p v\u00e0o m\u1ed9t s\u1ed1 b\u1ed9 ph\u1eadn trong m\u1ea1ng l\u01b0\u1edbi v\u00e0 m\u00e1y ch\u1ee7 h\u1ed7 tr\u1ee3 ho\u1ea1t \u0111\u1ed9ng kinh doanh c\u1ee7a c\u00f4ng ty.<\/p>\n CISA g\u1eafn th\u1ebb l\u1ed7i Chrome m\u1edbi \u0111\u01b0\u1ee3c v\u00e1 g\u1ea7n \u0111\u00e2y l\u00e0 l\u1ed7 h\u1ed5ng b\u1ecb khai th\u00e1c t\u00edch c\u1ef1c<\/strong><\/p>\n Ng\u00e0y 15\/5, C\u01a1 quan An ninh m\u1ea1ng v\u00e0 C\u01a1 s\u1edf h\u1ea1 t\u1ea7ng M\u1ef9 (CISA) \u0111\u00e3 c\u1ea3nh b\u00e1o c\u00e1c c\u01a1 quan li\u00ean bang t\u1ea1i M\u1ef9 b\u1ea3o v\u1ec7 h\u1ec7 th\u1ed1ng c\u1ee7a h\u1ecd kh\u1ecfi c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng \u0111ang di\u1ec5n ra khai th\u00e1c l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng trong tr\u00ecnh duy\u1ec7t web Chrome, \u0111\u01b0\u1ee3c g\u00e3n m\u00e3 CVE-2025-4664, l\u1ed7 h\u1ed5ng n\u00e0y \u0111ang b\u1ecb l\u1ea1m d\u1ee5ng ngo\u00e0i th\u1ef1c t\u1ebf v\u00e0 CISA \u0111\u00e3 th\u00eam v\u00e0o danh m\u1ee5c L\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt \u0111\u00e3 bi\u1ebft (KEV), li\u1ec7t k\u00ea c\u00e1c l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt \u0111ang b\u1ecb khai th\u00e1c t\u00edch c\u1ef1c trong c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng.<\/p>\n \u0110\u01b0\u1ee3c bi\u1ebft, l\u1ed7 h\u1ed5ng CVE-2025-4664 t\u1ed3n t\u1ea1i do ch\u00ednh s\u00e1ch th\u1ef1c thi ch\u01b0a \u0111\u1ee7 ch\u1eb7t ch\u1ebd trong th\u00e0nh ph\u1ea7n Loader c\u1ee7a\u00a0Google Chrome<\/a>\u00a0v\u00e0 vi\u1ec7c khai th\u00e1c th\u00e0nh c\u00f4ng c\u00f3 th\u1ec3 cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng t\u1eeb xa r\u00f2 r\u1ec9 d\u1eef li\u1ec7u cross-origin th\u00f4ng qua c\u00e1c trang HTML \u0111\u01b0\u1ee3c t\u1ea1o ra m\u1ed9t c\u00e1ch \u0111\u1ed9c h\u1ea1i.<\/p>\n M\u1ef9 bu\u1ed9c t\u1ed9i th\u00eam 12 nghi ph\u1ea1m li\u00ean quan \u0111\u1ebfn v\u1ee5 \u0111\u00e1nh c\u1eafp ti\u1ec1n \u0111i\u1ec7n t\u1eed tr\u1ecb gi\u00e1 230 tri\u1ec7u USD<\/strong><\/p>\n M\u01b0\u1eddi hai nghi ph\u1ea1m kh\u00e1c v\u1eeba qua \u0111\u00e3 b\u1ecb Ch\u00ednh ph\u1ee7 M\u1ef9 bu\u1ed9c t\u1ed9i v\u00ec b\u1ecb c\u00e1o bu\u1ed9c li\u00ean quan \u0111\u1ebfn v\u1ee5 \u0111\u00e1nh c\u1eafp h\u01a1n 230 tri\u1ec7u USD ti\u1ec1n \u0111i\u1ec7n t\u1eed v\u00e0 r\u1eeda ti\u1ec1n b\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng c\u00e1c s\u00e0n giao d\u1ecbch ti\u1ec1n \u0111i\u1ec7n t\u1eed v\u00e0 c\u00f4ng c\u1ee5 mixer. Hai nghi ph\u1ea1m tr\u01b0\u1edbc \u0111\u00f3 c\u00f3 li\u00ean quan \u0111\u1ebfn v\u1ee5 \u0111\u00e1nh c\u1eafp n\u00e0y l\u00e0 Malone Lam, 20 tu\u1ed5i v\u00e0 Jeandiel Serrano, 21 tu\u1ed5i \u0111\u00e3 b\u1ecb b\u1eaft v\u00e0 b\u1ecb bu\u1ed9c t\u1ed9i v\u00e0o th\u00e1ng 9\/2024.<\/p>\n S\u1ed1 ti\u1ec1n 243 tri\u1ec7u USD \u0111\u01b0\u1ee3c chia theo nhi\u1ec1u c\u00e1ch gi\u1eefa m\u1ed7i b\u00ean tr\u01b0\u1edbc khi s\u1ed1 ti\u1ec1n n\u00e0y nhanh ch\u00f3ng \u0111\u01b0\u1ee3c chuy\u1ec3n \u0111\u1ebfn h\u01a1n 15 s\u00e0n giao d\u1ecbch, ngay l\u1eadp t\u1ee9c ho\u00e1n \u0111\u1ed5i qua l\u1ea1i gi\u1eefa Bitcoin, Litecoin,\u00a0Ethereum<\/a>\u00a0v\u00e0 Monero.<\/p>\n Moldova b\u1eaft gi\u1eef nghi ph\u1ea1m li\u00ean quan \u0111\u1ebfn v\u1ee5 t\u1ea5n c\u00f4ng b\u1eb1ng m\u00e3 \u0111\u1ed9c t\u1ed1ng ti\u1ec1n DoppelPaymer<\/strong><\/p>\n Ng\u00e0y 12\/5, c\u1ea3nh s\u00e1t Moldova th\u00f4ng b\u00e1o r\u1eb1ng h\u1ecd \u0111\u00e3 b\u1eaft gi\u1eef m\u1ed9t nghi ph\u1ea1m 45 tu\u1ed5i c\u00f3 li\u00ean quan \u0111\u1ebfn c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng b\u1eb1ng m\u00e3 \u0111\u1ed9c t\u1ed1ng ti\u1ec1n DoppelPaymer nh\u1eafm v\u00e0o c\u00e1c t\u1ed5 ch\u1ee9c H\u00e0 Lan n\u0103m 2021. C\u1ea3nh s\u00e1t \u0111\u00e3 kh\u00e1m x\u00e9t nh\u00e0 v\u00e0 xe c\u1ee7a nghi ph\u1ea1m n\u00e0y, thu gi\u1eef m\u1ed9t v\u00ed \u0111i\u1ec7n t\u1eed, 84.800 Euro, hai m\u00e1y t\u00ednh x\u00e1ch tay, m\u1ed9t \u0111i\u1ec7n tho\u1ea1i di \u0111\u1ed9ng, m\u1ed9t m\u00e1y t\u00ednh b\u1ea3ng, s\u00e1u th\u1ebb ng\u00e2n h\u00e0ng v\u00e0 nhi\u1ec1u thi\u1ebft b\u1ecb l\u01b0u tr\u1eef d\u1eef li\u1ec7u.<\/p>\n L\u1ed7 h\u1ed5ng c\u1ee7a Output Messenger b\u1ecb khai th\u00e1c<\/strong><\/p>\n Ng\u00e0y 12\/5, Microsoft ti\u1ebft l\u1ed9 r\u1eb1ng nh\u00f3m tin t\u1eb7c Marbled Dust (c\u00f2n \u0111\u01b0\u1ee3c g\u1ecdi l\u00e0 Sea Turtle, SILICON v\u00e0 UNC1326) \u0111\u00e3 nh\u1eafm m\u1ee5c ti\u00eau v\u00e0o nh\u1eefng ng\u01b0\u1eddi d\u00f9ng ch\u01b0a c\u1eadp nh\u1eadt h\u1ec7 th\u1ed1ng \u0111\u1ec3 l\u00e2y nhi\u1ec5m ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i sau khi truy c\u1eadp \u0111\u01b0\u1ee3c v\u00e0o \u1ee9ng d\u1ee5ng Output Messenger Server Manager. Sau khi x\u00e2m nh\u1eadp v\u00e0o m\u00e1y ch\u1ee7, tin t\u1eb7c c\u00f3 th\u1ec3 \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m, truy c\u1eadp v\u00e0o m\u1ecdi th\u00f4ng tin li\u00ean l\u1ea1c c\u1ee7a n\u1ea1n nh\u00e2n, truy c\u1eadp v\u00e0o h\u1ec7 th\u1ed1ng n\u1ed9i b\u1ed9 v\u00e0 g\u00e2y gi\u00e1n \u0111o\u1ea1n ho\u1ea1t \u0111\u1ed9ng.<\/p>\n M&S x\u00e1c nh\u1eadn d\u1eef li\u1ec7u kh\u00e1ch h\u00e0ng b\u1ecb \u0111\u00e1nh c\u1eafp<\/strong><\/p>\n Marks and Spencer (M&S) x\u00e1c nh\u1eadn d\u1eef li\u1ec7u kh\u00e1ch h\u00e0ng \u0111\u00e3 b\u1ecb \u0111\u00e1nh c\u1eafp trong m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng m\u1ea1ng v\u00e0o th\u00e1ng tr\u01b0\u1edbc, khi m\u00e3 \u0111\u1ed9c t\u1ed1ng ti\u1ec1n l\u00e2y nhi\u1ec5m v\u00e0 m\u00e3 h\u00f3a m\u00e1y ch\u1ee7. V\u1ee5 t\u1ea5n c\u00f4ng x\u1ea3y ra v\u00e0o ng\u00e0y 22\/4\/2025, \u1ea3nh h\u01b0\u1edfng \u0111\u00e1ng k\u1ec3 \u0111\u1ebfn ho\u1ea1t \u0111\u1ed9ng kinh doanh t\u1ea1i 1.400 c\u1eeda h\u00e0ng c\u1ee7a nh\u00e0 b\u00e1n l\u1ebb n\u00e0y, bu\u1ed9c h\u1ecd ph\u1ea3i ng\u1eebng ch\u1ea5p nh\u1eadn \u0111\u01a1n \u0111\u1eb7t h\u00e0ng tr\u1ef1c tuy\u1ebfn.<\/p>\n L\u1ed7i CPU m\u1edbi c\u1ee7a Intel c\u00f3 th\u1ec3 d\u1eabn \u0111\u1ebfn r\u00f2 r\u1ec9 d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m<\/strong><\/p>\n C\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u t\u1ea1i Tr\u01b0\u1eddng \u0110\u1ea1i h\u1ecdc ETH Zurich (Th\u1ee5y S\u1ef9) \u0111\u00e3 ph\u00e1t hi\u1ec7n l\u1ed7 h\u1ed5ng Branch Privilege Injection (CVE-2024-45332) m\u1edbi trong t\u1ea5t c\u1ea3 c\u00e1c CPU Intel th\u1ebf h\u1ec7 m\u1edbi, cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng r\u00f2 r\u1ec9 d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m t\u1eeb c\u00e1c v\u00f9ng b\u1ed9 nh\u1edb \u0111\u01b0\u1ee3c ph\u00e2n b\u1ed5 cho ph\u1ea7n m\u1ec1m \u0111\u1eb7c quy\u1ec1n nh\u01b0 kernel h\u1ec7 \u0111i\u1ec1u h\u00e0nh. Th\u00f4ng th\u01b0\u1eddng, c\u00e1c v\u00f9ng n\u00e0y ch\u1ee9a th\u00f4ng tin nh\u01b0 m\u1eadt kh\u1ea9u, kh\u00f3a m\u1eadt m\u00e3, b\u1ed9 nh\u1edb c\u1ee7a c\u00e1c ti\u1ebfn tr\u00ecnh kh\u00e1c v\u00e0 c\u1ea5u tr\u00fac d\u1eef li\u1ec7u\u00a0kernel<\/a>, do \u0111\u00f3 vi\u1ec7c b\u1ea3o v\u1ec7 ch\u00fang kh\u1ecfi b\u1ecb r\u00f2 r\u1ec9 l\u00e0 r\u1ea5t quan tr\u1ecdng.<\/p>\n Ivanti ph\u00e1t h\u00e0nh b\u1ea3n c\u1eadp nh\u1eadt b\u1ea3o m\u1eadt<\/strong><\/p>\n Ng\u00e0y 13\/5, h\u00e3ng b\u1ea3o m\u1eadt Ivanti (M\u1ef9) \u0111\u00e3 ph\u00e1t h\u00e0nh b\u1ea3n c\u1eadp nh\u1eadt b\u1ea3o m\u1eadt cho gi\u1ea3i ph\u00e1p qu\u1ea3n l\u00fd d\u1ecbch v\u1ee5 c\u00f4ng ngh\u1ec7 th\u00f4ng tin Neurons for ITSM, nh\u1eb1m kh\u1eafc ph\u1ee5c l\u1ed7 h\u1ed5ng v\u01b0\u1ee3t qua x\u00e1c th\u1ef1c quan tr\u1ecdng. \u0110\u01b0\u1ee3c theo d\u00f5i v\u1edbi t\u00ean g\u1ecdi CVE-2025-22462, l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt n\u00e0y c\u00f3 th\u1ec3 cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng ch\u01b0a x\u00e1c th\u1ef1c c\u00f3 \u0111\u01b0\u1ee3c quy\u1ec1n truy c\u1eadp qu\u1ea3n tr\u1ecb v\u00e0o c\u00e1c h\u1ec7 th\u1ed1ng ch\u01b0a v\u00e1. C\u0169ng trong ng\u00e0y n\u00e0y, c\u00f4ng ty c\u0169ng \u0111\u00e3 k\u00eau g\u1ecdi kh\u00e1ch h\u00e0ng v\u00e1 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt th\u00f4ng tin x\u00e1c th\u1ef1c m\u1eb7c \u0111\u1ecbnh (CVE-2025-22460), c\u00f3 th\u1ec3 cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng \u0111\u00e3 x\u00e1c th\u1ef1c c\u1ee5c b\u1ed9 leo thang \u0111\u1eb7c quy\u1ec1n tr\u00ean c\u00e1c h\u1ec7 th\u1ed1ng d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng.<\/p>\n Vi ph\u1ea1m d\u1eef li\u1ec7u Coinbase l\u00e0m l\u1ed9 th\u00f4ng tin kh\u00e1ch h\u00e0ng<\/strong><\/p>\n Coinbase, m\u1ed9t s\u00e0n giao d\u1ecbch ti\u1ec1n \u0111i\u1ec7n t\u1eed v\u1edbi h\u01a1n 100 tri\u1ec7u kh\u00e1ch h\u00e0ng, \u0111\u00e3 ti\u1ebft l\u1ed9 r\u1eb1ng t\u1ed9i ph\u1ea1m m\u1ea1ng l\u00e0m vi\u1ec7c v\u1edbi c\u00e1c nh\u00e2n vi\u00ean h\u1ed7 tr\u1ee3 l\u1eeba \u0111\u1ea3o \u0111\u00e3 \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u kh\u00e1ch h\u00e0ng v\u00e0 y\u00eau c\u1ea7u kho\u1ea3n ti\u1ec1n chu\u1ed9c 20 tri\u1ec7u USD \u0111\u1ec3 kh\u00f4ng c\u00f4ng b\u1ed1 th\u00f4ng tin b\u1ecb \u0111\u00e1nh c\u1eafp. C\u00f4ng ty cho bi\u1ebft h\u1ecd s\u1ebd kh\u00f4ng tr\u1ea3 ti\u1ec1n chu\u1ed9c nh\u01b0ng s\u1ebd l\u1eadp qu\u1ef9 th\u01b0\u1edfng 20 tri\u1ec7u USD cho b\u1ea5t k\u1ef3 th\u00f4ng tin n\u00e0o c\u00f3 th\u1ec3 gi\u00fap t\u00ecm ra nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng \u0111\u00e3 \u0111i\u1ec1u ph\u1ed1i cu\u1ed9c t\u1ea5n c\u00f4ng n\u00e0y.<\/p>\n Vi\u1ec7c ti\u1ebft l\u1ed9 n\u00e0y \u0111\u01b0\u1ee3c \u0111\u01b0a ra sau khi nh\u1eefng t\u00ean t\u1ed9i ph\u1ea1m m\u1ea1ng \u0111\u1ee9ng sau v\u1ee5 x\u00e2m nh\u1eadp n\u00e0y g\u1eedi email cho Coinbase v\u00e0o ng\u00e0y 11\/5, y\u00eau c\u1ea7u kho\u1ea3n ti\u1ec1n chu\u1ed9c 20 tri\u1ec7u USD \u0111\u1ec3 ng\u0103n ch\u1eb7n vi\u1ec7c ti\u1ebft l\u1ed9 th\u00f4ng tin b\u1ecb \u0111\u00e1nh c\u1eafp v\u1ec1 m\u1ed9t s\u1ed1 t\u00e0i kho\u1ea3n kh\u00e1ch h\u00e0ng v\u00e0 t\u00e0i li\u1ec7u n\u1ed9i b\u1ed9.<\/p>\n \u1ee6y ban Nh\u00e2n quy\u1ec1n \u00dac ti\u1ebft l\u1ed9 vi ph\u1ea1m d\u1eef li\u1ec7u<\/strong><\/p>\n \u1ee6y ban Nh\u00e2n quy\u1ec1n \u00dac (AHRC) \u0111\u00e3 ti\u1ebft l\u1ed9 m\u1ed9t s\u1ef1 c\u1ed1 vi ph\u1ea1m d\u1eef li\u1ec7u m\u1edbi \u0111\u00e2y, v\u1edbi kho\u1ea3ng 670 t\u00e0i li\u1ec7u b\u1ecb r\u00f2 r\u1ec9 tr\u1ef1c tuy\u1ebfn, trong \u0111\u00f3 c\u00e1c t\u00e0i li\u1ec7u ri\u00eang t\u01b0 v\u00e0 \u0111\u01b0\u1ee3c l\u1eadp ch\u1ec9 m\u1ee5c b\u1edfi c\u00e1c c\u00f4ng c\u1ee5 t\u00ecm ki\u1ebfm l\u1edbn. Nhi\u1ec1u trong s\u1ed1 h\u00e0ng tr\u0103m t\u00e0i li\u1ec7u b\u1ecb c\u00f4ng khai tr\u1ef1c tuy\u1ebfn ch\u1ee9a th\u00f4ng tin ri\u00eang t\u01b0, nh\u1ea1y c\u1ea3m nh\u01b0 h\u1ecd t\u00ean, th\u00f4ng tin li\u00ean l\u1ea1c, th\u00f4ng tin s\u1ee9c kh\u1ecfe, tr\u00ecnh \u0111\u1ed9 h\u1ecdc v\u1ea5n, t\u00f4n gi\u00e1o, th\u00f4ng tin vi\u1ec7c l\u00e0m v\u00e0 h\u00ecnh \u1ea3nh.<\/p>\n Microsoft kh\u1eafc ph\u1ee5c s\u1ef1 c\u1ed1 kh\u1edfi \u0111\u1ed9ng Linux tr\u00ean h\u1ec7 th\u1ed1ng Windows Dual-Boot<\/strong><\/p>\n Microsoft \u0111\u00e3 kh\u1eafc ph\u1ee5c s\u1ef1 c\u1ed1 khi\u1ebfn Linux kh\u00f4ng th\u1ec3 kh\u1edfi \u0111\u1ed9ng \u0111\u01b0\u1ee3c tr\u00ean h\u1ec7 th\u1ed1ng Dual-Boot khi k\u00edch ho\u1ea1t ch\u1ebf \u0111\u1ed9 Secure Boot sau khi c\u00e0i \u0111\u1eb7t b\u1ea3n c\u1eadp nh\u1eadt b\u1ea3o m\u1eadt Windows th\u00e1ng 8\/2024. Danh s\u00e1ch c\u00e1c h\u1ec7 th\u1ed1ng b\u1ecb \u1ea3nh h\u01b0\u1edfng bao g\u1ed3m nh\u1eefng h\u1ec7 th\u1ed1ng ch\u1ea1y phi\u00ean b\u1ea3n h\u1ec7 \u0111i\u1ec1u h\u00e0nh m\u00e1y kh\u00e1ch (Windows 10 v\u00e0 Windows 11) v\u00e0 m\u00e1y ch\u1ee7 (Windows Server 2012 tr\u1edf l\u00ean).<\/p>\n Tin t\u1eb7c Tri\u1ec1u Ti\u00ean t\u0103ng c\u01b0\u1eddng ho\u1ea1t \u0111\u1ed9ng do th\u00e1m m\u1ea1ng \u1edf Ukraine<\/strong><\/p>\n Nh\u00f3m tin t\u1eb7c Tri\u1ec1u Ti\u00ean Konni\u00a0\u0111\u00e3 b\u1ecb ph\u00e1t hi\u1ec7n \u0111ang nh\u1eafm m\u1ee5c ti\u00eau v\u00e0o c\u00e1c c\u01a1 quan ch\u00ednh ph\u1ee7\u00a0Ukraine<\/a>\u00a0trong c\u00e1c ho\u1ea1t \u0111\u1ed9ng thu th\u1eadp th\u00f4ng tin t\u00ecnh b\u00e1o. Nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng s\u1eed d\u1ee5ng email l\u1eeba \u0111\u1ea3o m\u1ea1o danh c\u00e1c t\u1ed5 ch\u1ee9c nghi\u00ean c\u1ee9u, \u0111\u1ec1 c\u1eadp \u0111\u1ebfn c\u00e1c s\u1ef1 ki\u1ec7n ch\u00ednh tr\u1ecb quan tr\u1ecdng ho\u1eb7c di\u1ec5n bi\u1ebfn qu\u00e2n s\u1ef1 \u0111\u1ec3 d\u1ee5 d\u1ed7 m\u1ee5c ti\u00eau.<\/p>\n T\u00e2y Ban Nha cho bi\u1ebft kh\u00f4ng c\u00f3 d\u1ea5u hi\u1ec7u n\u00e0o cho th\u1ea5y t\u00ecnh tr\u1ea1ng m\u1ea5t \u0111i\u1ec7n l\u00e0 do t\u1ea5n c\u00f4ng m\u1ea1ng<\/strong><\/p>\n T\u00e2y Ban Nha \u0111\u00e3 \u0111i\u1ec1u tra c\u00e1c \u0111i\u1ec3m y\u1ebfu v\u1ec1 h\u1ec7 th\u1ed1ng m\u1ea1ng t\u1ea1i c\u00e1c nh\u00e0 m\u00e1y \u0111i\u1ec7n sau v\u1ee5 m\u1ea5t \u0111i\u1ec7n g\u1ea7n \u0111\u00e2y x\u1ea3y ra \u1edf T\u00e2y Ban Nha v\u00e0 B\u1ed3 \u0110\u00e0o Nha. B\u1ed9 tr\u01b0\u1edfng N\u0103ng l\u01b0\u1ee3ng T\u00e2y Ban Nha cho bi\u1ebft, h\u1ecd kh\u00f4ng t\u00ecm th\u1ea5y d\u1ea5u hi\u1ec7u n\u00e0o cho th\u1ea5y c\u00f3 cu\u1ed9c t\u1ea5n c\u00f4ng m\u1ea1ng. C\u00e1c nh\u00e0 \u0111i\u1ec1u tra \u0111\u00e3 x\u00e1c \u0111\u1ecbnh \u0111\u01b0\u1ee3c tr\u1ea1m bi\u1ebfn \u00e1p g\u00e2y ra s\u1ef1 c\u1ed1, nh\u01b0ng nguy\u00ean nh\u00e2n c\u1ee7a c\u00e1c l\u1ed7i d\u1eabn \u0111\u1ebfn m\u1ea5t \u0111i\u1ec7n v\u1eabn ch\u01b0a \u0111\u01b0\u1ee3c ti\u1ebft l\u1ed9.<\/p>\n Fortinet v\u00e1 l\u1ed7i zero-day quan tr\u1ecdng b\u1ecb khai th\u00e1c trong c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng FortiVoice<\/strong><\/p>\n Fortinet \u0111\u00e3 ph\u00e1t h\u00e0nh b\u1ea3n c\u1eadp nh\u1eadt b\u1ea3o m\u1eadt \u0111\u1ec3 v\u00e1 l\u1ed7 h\u1ed5ng th\u1ef1c thi m\u00e3 t\u1eeb xa nghi\u00eam tr\u1ecdng \u0111\u01b0\u1ee3c khai th\u00e1c nh\u01b0 m\u1ed9t l\u1ed7 h\u1ed5ng zero-day, \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng nh\u1eafm v\u00e0o h\u1ec7 th\u1ed1ng \u0111i\u1ec7n tho\u1ea1i doanh nghi\u1ec7p FortiVoice. L\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt n\u00e0y \u0111\u01b0\u1ee3c g\u00e3n m\u00e3 \u0111\u1ecbnh danh CVE-2025-32756, c\u0169ng \u1ea3nh h\u01b0\u1edfng \u0111\u1ebfn FortiMail, FortiNDR, FortiRecorder v\u00e0 FortiCamera.<\/p>\n Vi\u1ec7c khai th\u00e1c th\u00e0nh c\u00f4ng CVE-2025-32756 c\u00f3 th\u1ec3 cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng t\u1eeb xa kh\u00f4ng x\u00e1c th\u1ef1c th\u1ef1c thi m\u00e3 ho\u1eb7c l\u1ec7nh t\u00f9y \u00fd th\u00f4ng qua c\u00e1c y\u00eau c\u1ea7u HTTP \u0111\u01b0\u1ee3c t\u1ea1o ra m\u1ed9t c\u00e1ch \u0111\u1ed9c h\u1ea1i.<\/p>\n Microsoft ph\u00e1t h\u00e0nh b\u1ea3n v\u00e1 Patch Tuesday th\u00e1ng 5 kh\u1eafc ph\u1ee5c 77 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt<\/strong><\/p>\n Trong tu\u1ea7n qua, Microsoft \u0111\u00e3 ph\u00e1t h\u00e0nh b\u1ea3n\u00a0Patch Tuesday<\/a>\u00a0th\u00e1ng 05\/2025 \u0111\u1ec3 gi\u1ea3i quy\u1ebft 77 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt. \u0110\u00e1ng l\u01b0u \u00fd, b\u1ea3n v\u00e1 l\u1ea7n n\u00e0y \u0111\u00e3 kh\u1eafc ph\u1ee5c 05 l\u1ed7 h\u1ed5ng zero-day \u0111ang b\u1ecb khai th\u00e1c t\u00edch c\u1ef1c v\u00e0 02 l\u1ed7 h\u1ed5ng ti\u1ebft l\u1ed9 c\u00f4ng khai.<\/p>\n Theo \u0111\u00f3, b\u1ea3n v\u00e1 Patch Tuesday th\u00e1ng 5 \u0111\u00e3 kh\u1eafc ph\u1ee5c 20 l\u1ed7 h\u1ed5ng leo thang \u0111\u1eb7c quy\u1ec1n; 29 l\u1ed7 h\u1ed5ng th\u1ef1c thi m\u00e3 t\u1eeb xa (RCE); 02 l\u1ed7 h\u1ed5ng v\u01b0\u1ee3t qua t\u00ednh n\u0103ng b\u1ea3o m\u1eadt (Bypass); 16 l\u1ed7 h\u1ed5ng ti\u1ebft l\u1ed9 th\u00f4ng tin; 7 l\u1ed7 h\u1ed5ng t\u1eeb ch\u1ed1i d\u1ecbch v\u1ee5 (DoS) v\u00e0 03 l\u1ed7 h\u1ed5ng gi\u1ea3 m\u1ea1o (Spoofing). S\u1ed1 l\u01b0\u1ee3ng n\u00e0y kh\u00f4ng bao g\u1ed3m c\u00e1c l\u1ed7 h\u1ed5ng Mariner v\u00e0 Microsoft Edge \u0111\u00e3 \u0111\u01b0\u1ee3c kh\u1eafc ph\u1ee5c v\u00e0o \u0111\u1ea7u th\u00e1ng n\u00e0y. Microsoft c\u0169ng v\u00e1 11 l\u1ed7 h\u1ed5ng \u0111\u01b0\u1ee3c \u0111\u00e1nh gi\u00e1 l\u00e0 nghi\u00eam tr\u1ecdng, trong \u0111\u00f3 6 l\u1ed7 h\u1ed5ng l\u00e0 RCE v\u00e0 02 l\u1ed7 h\u1ed5ng ti\u1ebft l\u1ed9 th\u00f4ng tin, 02 l\u1ed7 h\u1ed5ng leo thang \u0111\u1eb7c quy\u1ec1n v\u00e0 01 l\u1ed7 h\u1ed5ng Spoofing.<\/p>\n Tin t\u1eb7c Trung Qu\u1ed1c t\u1ea5n c\u00f4ng v\u00e0o l\u0129nh v\u1ef1c m\u00e1y bay kh\u00f4ng ng\u01b0\u1eddi l\u00e1i<\/strong><\/p>\n Tu\u1ea7n qua, C\u00f4ng ty an ninh m\u1ea1ng Trend Micro \u0111\u00e3 c\u00f4ng b\u1ed1 nghi\u00ean c\u1ee9u v\u1ec1 vi\u1ec7c nh\u00f3m tin t\u1eb7c Trung Qu\u1ed1c\u00a0l\u00e0 Earth Ammit \u0111\u00e3 ph\u00e1t \u0111\u1ed9ng nhi\u1ec1u cu\u1ed9c t\u1ea5n c\u00f4ng nh\u1eafm v\u00e0o \u0110\u00e0i Loan v\u00e0 H\u00e0n Qu\u1ed1c, v\u1edbi m\u1ee5c ti\u00eau ph\u00e1 v\u1ee1 l\u0129nh v\u1ef1c m\u00e1y bay kh\u00f4ng ng\u01b0\u1eddi l\u00e1i. \u0110\u01b0\u1ee3c \u0111\u1eb7t t\u00ean l\u00e0 Tidrone v\u00e0 Venom, c\u00e1c chi\u1ebfn d\u1ecbch n\u00e0y nh\u1eafm v\u00e0o c\u00e1c t\u1ed5 ch\u1ee9c qu\u00e2n s\u1ef1, c\u00f4ng nghi\u1ec7p, d\u1ecbch v\u1ee5 ph\u1ea7n m\u1ec1m, v\u1ec7 tinh, c\u00f4ng ngh\u1ec7, truy\u1ec1n th\u00f4ng v\u00e0 ch\u0103m s\u00f3c s\u1ee9c kh\u1ecfe, s\u1eed d\u1ee5ng c\u1ea3 c\u00e1c c\u00f4ng c\u1ee5 ngu\u1ed3n m\u1edf v\u00e0 t\u00f9y ch\u1ec9nh \u0111\u1ec3 \u0111\u1ea1t \u0111\u01b0\u1ee3c m\u1ee5c ti\u00eau \u0111\u1ed9c h\u1ea1i.<\/p>\n T\u1eadp \u0111o\u00e0n th\u00e9p Nuco b\u1ecb t\u1ea5n c\u00f4ng m\u1ea1ng<\/strong><\/p>\n T\u1eadp \u0111o\u00e0n th\u00e9p kh\u1ed5ng l\u1ed3 c\u1ee7a M\u1ef9 l\u00e0 Nucor Corporation \u0111\u00e3 th\u00f4ng b\u00e1o r\u1eb1ng ho\u1ea1t \u0111\u1ed9ng s\u1ea3n xu\u1ea5t c\u1ee7a h\u1ecd b\u1ecb gi\u00e1n \u0111o\u1ea1n do m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng m\u1ea1ng. C\u00f3 kh\u1ea3 n\u0103ng Nucor \u0111\u00e3 tr\u1edf th\u00e0nh m\u1ee5c ti\u00eau c\u1ee7a m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng b\u1eb1ng m\u00e3 \u0111\u1ed9c t\u1ed1ng ti\u1ec1n, nh\u01b0ng c\u00f4ng ty n\u00e0y ch\u01b0a chia s\u1ebb b\u1ea5t k\u1ef3 th\u00f4ng tin n\u00e0o v\u1ec1 th\u1ee7 ph\u1ea1m \u0111\u1ee9ng sau v\u1ee5 t\u1ea5n c\u00f4ng. Hi\u1ec7n nay, v\u1eabn ch\u01b0a c\u00f3 nh\u00f3m tin t\u1eb7c n\u00e0o nh\u1eadn tr\u00e1ch nhi\u1ec7m v\u1ec1 v\u1ee5 vi\u1ec7c n\u00e0y.<\/p>\n CISA c\u1ea3nh b\u00e1o v\u1ec1 l\u1ed7 h\u1ed5ng trong \u1ee9ng d\u1ee5ng TeleMessage<\/strong><\/p>\n CISA tu\u1ea7n v\u1eeba qua \u0111\u00e3 l\u00ean ti\u1ebfng c\u1ea3nh b\u00e1o v\u1ec1 l\u1ed7 h\u1ed5ng \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n trong\u00a0TeleMessage<\/a>, m\u1ed9t \u1ee9ng d\u1ee5ng nh\u1eafn tin g\u1ea7n \u0111\u00e2y \u0111\u01b0\u1ee3c c\u1ef1u c\u1ed1 v\u1ea5n an ninh qu\u1ed1c gia c\u1ee7a Trump, \u00f4ng Mike Waltz s\u1eed d\u1ee5ng. L\u1ed7 h\u1ed5ng n\u00e0y hi\u1ec7n c\u00f3 m\u00e3 \u0111\u1ecbnh danh CVE-2025-47729, \u0111\u00e3 \u0111\u01b0\u1ee3c th\u00eam v\u00e0o danh m\u1ee5c L\u1ed7 h\u1ed5ng \u0111\u00e3 khai th\u00e1c \u0111\u00e3 bi\u1ebft (KEV) c\u1ee7a CISA. Ngo\u00e0i ra, CVE-2025-47729 trong C\u01a1 s\u1edf d\u1eef li\u1ec7u l\u1ed7 h\u1ed5ng qu\u1ed1c gia ch\u1ec9 ra r\u1eb1ng l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt n\u00e0y \u0111\u00e3 b\u1ecb khai th\u00e1c tr\u00ean th\u1ef1c t\u1ebf. C\u00e1c tin t\u1eb7c tuy\u00ean b\u1ed1 \u0111\u00e3 \u0111\u00e1nh c\u1eafp tin nh\u1eafn ri\u00eang t\u01b0 v\u00e0 tr\u00f2 chuy\u1ec7n nh\u00f3m li\u00ean quan \u0111\u1ebfn c\u00e1c b\u1ea3n sao Signal, WhatsApp, WeChat v\u00e0 Telegram c\u1ee7a TeleMessage. Tin t\u1eb7c kh\u00f4ng l\u1ea5y \u0111\u01b0\u1ee3c tin nh\u1eafn c\u1ee7a c\u00e1c quan ch\u1ee9c Ch\u00ednh ph\u1ee7 M\u1ef9, nh\u01b0ng ch\u1ee9ng minh r\u1eb1ng nh\u1eadt k\u00fd tr\u00f2 chuy\u1ec7n \u0111\u01b0\u1ee3c l\u01b0u tr\u1eef b\u1edfi TeleMessages kh\u00f4ng \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a v\u00e0 c\u00f3 th\u1ec3 d\u1ec5 d\u00e0ng b\u1ecb c\u00e1c t\u00e1c nh\u00e2n \u0111e d\u1ecda \u0111\u00e1nh c\u1eafp \u0111\u01b0\u1ee3c.<\/p>\n![](\"https:\/\/dulieu.antoanthongtin.gov.vn\/tapchiantoanthongtin\/03d77e13-b00f-41d5-b63a-f87c1ffd2701\/z6607808140056_6cff57a46b94d0aaa9e1fc47c5b7cfc6(2).jpg\")
<\/p>\n