[每日信息流] 2026-03-20

[chainreactorbot]

每日安全资讯（2026-03-20）

• SecWiki News
  • SecWiki News 2026-03-19 Review
• Private Feed for M09Ic
  • zeroclaw-labs released v0.5.1-beta.414 at zeroclaw-labs/zeroclaw
  • anthropics released v2.1.80 at anthropics/claude-code
  • zeroclaw-labs released v0.5.1-beta.403 at zeroclaw-labs/zeroclaw
  • PrefectHQ released 3.6.23 at PrefectHQ/prefect
  • bolucat released 202603192007 at bolucat/Archive
  • zeroclaw-labs released v0.5.1-beta.390 at zeroclaw-labs/zeroclaw
  • OpenAEV-Platform released 2.3.1 at OpenAEV-Platform/openaev
  • 4ra1n starred jar-analyzer/jar-analyzer-engine
  • 4ra1n made this repository public
  • zeroclaw-labs released v0.5.1 at zeroclaw-labs/zeroclaw
  • strands-agents released v1.31.0 at strands-agents/sdk-python
  • github released v0.3.2 at github/spec-kit
  • mgeeky starred Nova-Hunting/nova-rules
  • Ridter starred mattpocock/skills
  • ZeddYu starred rubickCenter/rubick
  • gh0stkey starred justlovemaki/AIClient-2-API
  • 4ra1n starred H4cking2theGate/AuditSkills
  • 4ra1n forked 4ra1n/AuditSkills from H4cking2theGate/AuditSkills
  • mgeeky starred galoryber/CodeSnag
• Verne in GitHub
  • 我 Vibe Coding 了一个日本看房神器：BukkenAI
• Tenable Blog
  • Bolster your defenses and close the code-to-cloud gap with Tenable and OX
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • 2026首届汽车安全白帽黑客大会圆满收官，共筑车联网安全新生态
  • 2026职场AI观察：禁而不止的影子代理，正在埋下企业数据安全隐患
  • 嘶吼安全动态｜官方辟谣“七部门AI安全治理三年行动计划” 新型iPhone攻击工具“DarkSword”曝光
  • 假招聘真投毒！ Next.js 面试题暗藏后门实施入侵
  • 警惕！“养虾”邮件攻击｜一封邮件就让AI沦为黑客
• Recent Commits to cve:main
  • Update Thu Mar 19 11:10:26 UTC 2026
• Microsoft Security Blog
  • New tools and guidance: Announcing Zero Trust for AI
  • When tax season becomes cyberattack season: Phishing and malware campaigns using tax-related lures
• obaby 𝐢‍𝐧⃝ void
  • 🦞龙虾初体验
• 安全客-有思想的安全新媒体
  • 科技云报到：“龙虾”OpenClaw狂欢之下，需要一针清醒剂
  • 瑞数信息入选IDC两大AI安全报告，防御OpenClaw小龙虾裸奔危机
  • 2026首届汽车安全白帽黑客大会圆满收官，共筑车联网安全新生态
• Insinuator.net
  • Assessing Endpoint Protection: Our Approach to EDR/XDR and Supplements Evaluation
• Bug Bounty in InfoSec Write-ups on Medium
  • Escaping the Sandbox: How a Simple Python Path Flaw Led to Host RCE
  • My Complete Bug Bounty Hunting Workflow Every Command I Use, Step by Step
  • When Old Breaches Meet New Code: Why Historical Leaks Still Matter
  • I Found a Critical SSRF Vulnerability That Could Have Exposed an Entire Server Here’s How
• Horizon3.ai
  • Horizon3.ai’s NodeZero®, the World’s Most Experienced AI Hacker, Drives 102% ARR Growth
• Inside Stormshield
  • Rencontre avec des professionnels de l’éducation
• Malware-Traffic-Analysis.net - Blog Entries
  • 2026-03-17: Seven days of scans and probes and web traffic hitting my web server
• Malwarebytes
  • A DarkSword hangs over unpatched iPhones
  • Your tax forms sell for $20 on the dark web
• 奇客Solidot–传递最新科技情报
  • 新能源危机迫使政府重新考虑对化石燃料的依赖
  • 内存条和传统 DIMM 插槽可能将消失
  • 社媒使用降低个人幸福感
  • 居家办公有助于提高生育率
  • Firefox v149 将内置 VPN
  • 美国私人太空公司计划捕捉小行星
  • GNOME 50 释出
  • 2026 年图灵奖授予了两位量子信息理论的奠基人
  • Meta 将于 6 月 15 日关闭 VR 社交网络 Horizo​​n Worlds
• 绿盟科技技术博客
  • 对《互联网应用程序个人信息收集使用规定（征求意见稿）》的学习浅析
  • RSAC 2026创新沙盒 | Humanix：面向人的社会工程攻击检测与响应
  • RSAC 2026创新沙盒 | Clearly AI：打造AI赋能的自动化软件安全平台
• Offensive Security Blog: Latest Trends in Hacking | Praetorian
  • CVE-2026-3630: Critical Buffer Overflow in Delta Electronics COMMGR2 Enables Remote Code Execution
• 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台
  • TP-Link的中国创始人寻求获得特朗普金卡
• 安全分析与研究
  • Windows Defender对抗——攻破Windows内置防线
• 腾讯玄武实验室
  • 每日安全动态推送(26/3/19)
• Huli's blog
  • 從 Coupang 的個資外洩談內部威脅、金鑰管理與 JWT
• 黑鸟
  • 通过攻陷合法网站传播的新型iOS漏洞利用工具包DarkSword
• 虎符智库
  • 特朗普政府2026网络安全战略与影响解析
• 威努特安全网络
  • 古巴遭遇全国大停电！如何筑牢电力安全防线？
• 代码卫士
  • Ubunntu 高危漏洞可导致攻击者获得根权限
  • IP KVM 中存在9个严重漏洞，可用于获得未认证root访问权限
• 看雪学苑
  • AI静态分析，内核模块隐藏 Frida 特征，绕过linker私有结构遍历崩溃链
  • 直播预约 | 顺丰SRC第四届白帽技术沙龙，干货抽奖全都有！
  • Mac用户注意：新攻击借ChatGPT之名，诱你亲手“安装”恶意软件
• CT Stack 安全社区
  • MiniMax-M2.7 震撼发布：Monkey Code 首发免费提供，编程能力大幅提升！
• 吾爱破解论坛
  • 2026解题领红包基本完成(少MCP和Win高级, 但很有梗)
• 奇安信威胁情报中心
  • OpenClaw热潮之下，Lua窃密软件精心伪装乘虚而入
• 安全研究GoSSIP
  • G.O.S.S.I.P 阅读推荐 2026-03-19 蓝牙重配对攻击
• 信息安全国家工程研究中心
  • 今年政府工作报告中出现的“网络安全”元素
• 信安之路
  • 挖洞前一定要看这个！
• 安全学术圈
  • 中国科学院信息工程研究所 | 基于大语言模型的API参数安全规则生成与API误用检测
• 奇安信 CERT
  • 今日（2026年3月19日）OpenClaw 最新安全动态总结
• 天黑说嘿话
  • 春节加餐：Anthropic首个公开的Skills构建指南来了！
• 青藤云安全
  • AI教科书级防御，化解一场真实攻击
• 中国信息安全
  • 专题·原创 | 以法治引领网络强国建设与产业高质量发展
  • 国家安全部：揭秘“暗网”真面目！
  • 专家解读 | 建立数据产权制度的经济逻辑
  • 行业 | 蚂蚁数科发布“龙虾卫士”，护航OpenClaw智能体安全落地
  • 观点 | 进一步加强网络生态治理
• 补天平台
  • 上线通知 | 大家一直在等的京东卡来啦！
• 安全圈
  • 【安全圈】iOS18 爆高危漏洞！不升危险，升级变卡
  • 【安全圈】Aura 公司证实数据泄露，90 万营销联系人信息遭曝光
  • 【安全圈】CVE-2026-3888：Ubuntu 桌面版 24.04+ 易受提权漏洞攻击
• 安全牛
  • 安全边界已消亡？AI+SaaS 时代下，数据安全规则迎来根本性重塑
  • 北京启动“清朗京华·AI向善”专项行动 重点整治五类涉AI领域网络乱象；OpenAI 发布 GPT-5.4 mini/nano 小模型| 牛览
• 中通安全应急响应中心
  • Q1收官战！2倍积分+累挖奖励，师傅冲就完了！
• 字节跳动安全中心
  • 春日焕新｜全线业务加倍奖励、伯乐&新人礼&团队礼安排！
• 极客公园
  • 改造 100 多年的影视行业，需要的不止是好模型
  • 858 亿砸 AI，腾讯杀入「AI 战争」
  • 黄仁勋：OpenClaw 是人类史上最成功开源项目；苹果智能家居硬件负责人离职加入 Oura；日本 AI 模型被指套壳 Deepseek | 极客早知道
• 阿里安全响应中心
  • 直击阿里CTF2026：当AI成为“攻防新变量”，安全竞赛的底层逻辑正在重构
• 嘶吼专业版
  • 2026职场AI观察：禁而不止的影子代理，正在埋下企业数据安全隐患
  • 假招聘真投毒！Next.js面试题暗藏后门实施入侵
  • 倒计时2天！《2026网络安全产业图谱》调研进入收尾阶段
  • 嘶吼安全动态｜官方辟谣“七部门AI安全治理三年行动计划” 新型iPhone攻击工具“DarkSword”曝光
• 火绒安全
  • 抽奖啦 | 叮～你的放松福利已送达，速来参与！
  • 诚邀渠道合作伙伴共启新征程
• 斗象智能安全
  • 企业级Vibe Coding安全中枢，斗象AISCC「安全中转网关」已就位！
• 数世咨询
  • 运营定义价值：安全行业的范式变换
  • RSAC 2026创新沙盒 | Clearly AI：打造AI赋能的自动化软件安全平台
• 复旦白泽战队
  • 你的手机AI助手越“聪明”，隐私风险越大？主流厂商智能体测评（1）
• 软件安全与逆向分析
  • 拆解iOS应用逆向实战中的反调试与反篡改
• 墨菲安全
  • 墨菲安全正式发布AI原生企业安全治理平台SGP
• ChaMd5安全团队
  • 直播预约 | 顺丰SRC第四届白帽技术沙龙，干货抽奖全都有！
• 情报分析师
  • 当摩萨德的特工坐在你对面时，他问的第一句话是什么？从美伊冲突看人力情报的科学与艺术
• 美团技术团队
  • 美团 BI 在指标平台和分析引擎上的探索和实践
• TrustedSec
  • Full Disclosure: A Third (and Fourth) Azure Sign-In Log Bypass Found
• 360数字安全
  • 独家！OpenClaw之父确认漏洞，360为所有“养虾人”筑牢安全防线
  • 360预警：Sorry勒索病毒集中开火，专挑中小型企业“偷家”
• 安全行者老霍
  • 近期AI 安全相关公司介绍
• 迪哥讲事
  • xss绕过思路
• 纽创信安
  • 纽创信安与SGS启动网络安全ISO 21434认证项目
• IT Service Management News
  • Bozza di linee guida per il CRA
  • Wiki AI Security del Clusit
• 安全419
  • 运行时安全：AI Agent时代的安全新战线
  • 2026首届汽车安全白帽黑客大会圆满收官，共筑车联网安全新生态
• bellingcat
  • How Wildlife Traffickers Are Using Coded Language to Sell Protected Animals On Facebook
• ICT Security Magazine
  • Peter Thiel, Palantir e l’algoritmo dell’Apocalisse: quando l’Anticristo è nel codice
  • Perché i jammer nelle carceri sono inefficaci (e pericolosi)
• Securityinfo.it
  • La cybersecurity OT in Italia tra maturità limitata e pressioni normative
• Over Security - Cybersecurity news aggregator
  • Navia discloses data breach impacting 2.7 million people
  • New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores
  • You have to invite them in
  • Iran-Aligned Militias Signal Expanded Regional Risk Amid US–Israel–Iran Conflict
  • DarkSword, l’exploit kit che ha violato gli iPhone di mezzo mondo per rubare dati riservati
  • US intel chiefs urge lawmakers to extend Section 702 surveillance power without changes
  • Bitrefill blames North Korean Lazarus group for cyberattack
  • New Android malware hiding in streaming apps to spy on users’ personal notes
  • FBI seizes Handala data leak site after Stryker cyberattack
  • FBI seizes pro-Iranian hacking group’s websites after destructive Stryker hack
  • FBI, CISA warn on Microsoft Intune risks after Iran-linked cyberattack on Stryker
  • La cybersecurity OT in Italia tra maturità limitata e pressioni normative
  • White House pours cold water on cyber ‘letters of marque’ speculation
  • Russian hackers exploit Zimbra flaw in Ukrainian govt attacks
  • Risolto bug Bluetooth di Windows 11: cosa insegna sulla sicurezza del wireless aziendale
  • Ransomware attack on UMMC: Medusa claims 1 TB of exfiltrated data as new details emerge
  • 7 Ways to Prevent Privilege Escalation via Password Resets
  • Interlock ransomware gang exploited Cisco firewall zero-day weeks before disclosure: Amazon
  • Faraday bag, a cosa servono per la privacy e la sicurezza su smartphone (e a cosa no)
  • Ready for macOS Threats: Expanding Your SOC’s Cross-Platform Analysis with ANY.RUN
  • Max severity Ubiquiti UniFi flaw may allow account takeover
  • Russian hackers exploit Zimbra flaw to breach Ukrainian maritime agency
  • Exploiting a PHP Object Injection in Profile Builder Pro in the era of AI
  • Apple Patches WebKit Vulnerability CVE-2026-20643 Across iOS, macOS
  • Interlock Ransomware Leveraged Cisco FMC Zero-Day 36 Days Before Patch, Amazon Reveals
  • CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
  • Oltre la trasmissione sicura: acceleratori crittografici per proteggere i dati in uso
  • Inside Russia’s Shift to Credential-Based Intrusions: What CISOs Need to Know in 2026
  • Critical Microsoft SharePoint flaw now exploited in attacks
  • New ‘Perseus’ Android malware checks user notes for secrets
  • China Sits at the Top of America’s Cyber Threat List
  • Everyday tools, extraordinary crimes: the ransomware exfiltration playbook
  • Perseus: DTO malware that takes notes
  • LLM in guerra: il Pentagono aprirà alle aziende la possibilità di training AI con dati riservati
  • Multiple Threat Actors Exploiting a Six-Vulnerability iOS Exploit Kit Dubbed “DarkSword”
  • Hasta la vista, Hastalamuerte: An Overview of The Gentlemen’s TTPs
  • CISA Urges Endpoint Management Hardening After Stryker Cyberattack
  • DarkSword: exploit chain iOS tra zero-day, spyware e cybercrime finanziario
• Future of Tech and Security: Strategy & Innovation with Raffy
  • SIEM Is Not Dead. It Just Stopped Moving Fast Enough.
• 360威胁情报中心
  • ComfyUI-Manager RCE（CVE-2026-22777）遭在野利用，数万台设备亟待修复
• Schneier on Security
  • Hacking a Robot Vacuum
• The Hacker News
  • Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
  • 54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security
  • ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More
  • New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data
  • How Ceros Gives Security Teams Visibility and Control in Claude Code
  • DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover
  • CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
• SANS Internet Storm Center, InfoCON: green
  • ISC Stormcast For Thursday, March 19th, 2026 https://isc.sans.edu/podcastdetail/9856, (Thu, Mar 19th)
  • Interesting Message Stored in Cowrie Logs, (Wed, Mar 18th)
• GRAHAM CLULEY
  • Smashing Security podcast #459: This clever scam nearly hijacked a tech CEO’s Apple ID
• Full Disclosure
  • snap-confine + systemd-tmpfiles = root (CVE-2026-3888)
  • APPLE-SA-03-17-2026-1 Background Security Improvements for iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2
  • SEC Consult SA-20260318-0 :: Multiple Privilege Escalation Vulnerabilities in Arturia Software Center MacOS
  • SEC Consult SA-20260317-0 :: Multiple vulnerabilities in PEGA Infinity platform
• The Register - Security
  • Unknown attackers exploit yet another critical SharePoint bug
  • Google gives Android users a way to install unverified apps if they prove they really, really want to
  • Lock down Microsoft Intune, feds warn after Stryker attack
• Security Affairs
  • Critical Ubiquiti UniFi UniFi security flaw allows potential account hijacking
  • U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog
  • Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376
  • DarkSword emerges as powerful iOS exploit tool in global attacks
  • Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure
  • Russia establishes Vienna as key western spy hub targeting NATO
• DEFION Research Labs
  • Ruckus Unleashed: Multiple vulnerabilities exploited
  • Pwn2Own Automotive 2024: Hacking the Autel MaxiCharger
  • Pwn2Own Automotive 2024: Hacking the JuiceBox 40
  • Pwn2Own Automotive 2024: Hacking the ChargePoint Home Flex (and their cloud...)
  • DoNex/DarkRace Ransomware Decryptor
  • CVE-2024-20693: Windows cached code signature manipulation
  • Bringing process injection into view(s): exploiting all macOS apps using nib files
  • Don’t Talk All at Once! Elevating Privileges on macOS by Audit Token Spoofing
  • Getting SYSTEM on Windows in style
  • Technical analysis of the Genesis Market
  • Bad things come in large packages: .pkg signature verification bypass on macOS
  • Pwn2Own Miami 2022: ICONICS GENESIS64 Arbitrary Code Execution
  • Pwn2Own Miami 2022: Unified Automation C++ Demo Server DoS
  • Pwn2Own Miami 2022: AVEVA Edge Arbitrary Code Execution
  • Process injection: breaking all macOS security layers with a single vulnerability
  • Pwn2Own Miami 2022: Inductive Automation Ignition Remote Code Execution
  • Pwn2Own Miami 2022: OPC UA .NET Standard Trusted Application Check Bypass
  • CoronaCheck App TLS certificate vulnerabilities
  • Sandbox escape + privilege escalation in StorePrivilegedTaskService
  • Proctorio Chrome extension Universal Cross-Site Scripting
  • Zoom RCE from Pwn2Own 2021
  • Adobe Acrobat privilege escalation
  • iOS VPN support: 3 different bugs
  • Sign in with Apple - authentication bypass
  • Jenkins - authentication bypass
  • DNS rebinding for HTTPS
  • Spring Security - insufficient cryptographic randomness
  • XenServer - path traversal leading to authentication bypass
  • Volkswagen Auto Group MIB infotainment system - unauthenticated remote code execution as root
  • NAPALM - command execution on NAPLM controller from host
  • MySQL Connector/J - Unexpected deserialisation of Java objects
  • Ansible - command execution on Ansible controller from host
  • Observium - unauthenticated remote code execution
  • cSRP/srpforjava - obtaining of hashed passwords
  • StartEncrypt - obtaining valid SSL certificates for unauthorized domains
• Security Weekly Podcast Network (Audio)
  • Hacking IP KVMs & Reversing with Radare2 - Sergi Àlvarez - PSW #918