[每日信息流] 2026-03-24 #1187
Description
每日安全资讯(2026-03-24)
- Private Feed for M09Ic
- joaoviictorti starred microsoft/RustTraining
- spf13 starred obra/superpowers
- bolucat released 202603232003 at bolucat/Archive
- mgeeky starred shuvonsec/claude-bug-bounty
- ManassehZhou forked ManassehZhou/accesskey_tools from kohlersbtuh15/accesskey_tools
- liamg contributed to infracost/go-proto
- liamg contributed to infracost/proto
- safedv starred 0xMarcio/cve
- github released v0.4.0 at github/spec-kit
- ZeddYu starred slopus/happy
- zema1 starred Y5neKO/Suo5forNodejs
- DVKunion starred raminfp/redis_exploit
- safedv starred mamatb/OneWordlistToListThemAll
- Ascotbe starred rasbt/llm-architecture-gallery
- PeiQi0 starred 0xrsydn/polymarket-crypto-toolkit
- WAY29 starred lexiforest/curl_cffi
- SecWiki News
- Doonsec's feed
- Upload Labs 第11关:双写后缀绕过文件上传限制
- 首个武器化HDMI-CEC协议的安卓电视盒僵尸网络
- 一次基于Struts框架项目的代码审计
- 一次针对电商的钓鱼事件
- 【案例分享】某社交平台并发签到漏洞:白帽子如何用一个接口刷21天签到?
- 大模型安全深度学习指南:数据隐私泄露专题(1)
- 【开源情报】3.9巴林爆炸源自美军爱国者导弹
- 【培训】开源情报分析师实战能力培训班-4月成都开班
- 【高危漏洞预警】PyTorch反序列化漏洞 (CVE-2026-4538)
- 泛微E-cology10存在远程代码执行漏洞(QVD-2026-14149) 附POC
- JNDI注入-ldap篇
- 【CTF】2026PolarCTF春季赛wp(WEB篇)
- 你认为哪种语言最好?
- 40+前大厂P8拿到70万offer,连夜失眠:不是钱少,是面子太沉
- CSP绕过工具:cspbypass
- 大疆员工爆料:上个月从华为跳大疆。华为是910,大疆是1011,总时长差不多,大疆是保证双休的,氛围和管理,感觉差不多。
- 暗网泄露:日本的公司信息
- 报文格式大全(协议地图)
- IT项目管理表格大全,涵盖从项目启动、计划、执行控制到收尾的全生命周期
- 26个网络设备维护案例(含Cisco路由器、交换机故障排查、网络安全防御等)
- 计算机408考研思维导图、笔记知识整理,涵盖六大核心科目
- H3C MSR系列路由器全本配置指导(13大分册合集)
- 校园安全等级保护2.0解决方案
- 智慧医院IT基础设施建设方案PPT
- Windows x64汇编和Shellcode
- 超实用Ai 智能分析 Web 指纹识别工具!NFinger 溯纹快速上手指南,一键识别 CMS / 框架 / 中间件!
- 逆向新思路:共生而非对抗,巧破libmsaoaidsec.so检测机制
- 腾讯撤销AI Lab:十年投入成往事,27岁天才接棒,QClaw背后藏着什么算盘
- 正式入驻白帽江湖!
- 再推荐一次cc-connect
- 数据中心机架架构
- 【0day】深科特 LEAN MES系统 /Handler/SMTLoadingMaterial.ashx SQL注入漏洞
- frida源码分析课程更新
- 免费!腾讯OpenClaw安全体检首发,快来申请体验
- 网络安全年会不能停
- 10 款 AI 全军覆没:微信公众号是怎么把自己"藏"起来的?
- 红队武器库开源!独家实战工具箱重磅上线
- OpenClaw技能开发与安装
- 简单四步「爆改」公司破电脑,让你能够准时下班!
- 去年没换手机的人后悔了吗?热搜第一揭秘:涨价真相太扎心
- 论文研读与思考|基于字符级CNN和强化学习的对抗性SQL注入检测
- EDUSRC--985证书站从接口FUZZ到满分漏洞
- CISA警告:Craft CMS代码注入漏洞已被用于活跃的攻击中
- 新品发布:无代理・0干扰,护IoT全域安全
- 网络行为体“Regnum”宣称入侵“铁穹”系统 暗网联盟“俄罗斯军团”同步发布结盟声明
- VoidStealer 无需注入或权限提升即可窃取 Chrome 密钥
- OWASP 2026!Gen AI 安全风险全景
- 最高1000万!深圳、无锡OpenClaw&OPC政策背后的“养虾攻略”
- 每日快讯 | FBI通过数据交易实现大规模监控引发隐私争议
- AI狂飙下,攻防博弈正迈向一个由智能对抗主导的新纪元
- USRC暖春漏洞狂欢|手慢无,挖到就是赚到!
- 按岗答问、合规不幻觉!北京银行大模型专利精准适配分支机构
- AI快讯:千问上线AI打车,MiniMax旗下MaxClaw支持接入个人微信
- 280万!国泰海通证券2026年资产托管业务AI推理服务器采购项目
- 谁在测绘真实世界?
- 微信正式接入OpenClaw!奇安信:政企构筑龙虾安全防护体系迫在眉睫
- 2026“天枢杯”青少年人工智能安全创新大赛——北京海淀区宣讲会暨主题活动成功举办
- 美以与伊朗冲突近日情况总结(3.20~3.22)| 美军继续向中东地区部署更多兵力
- 震惊!最新揭露:AI缺的根本不是智商,而是这两样东西
- SecWiki周刊(第629期)
- 分享图片
- 致命分身 | FakeGit 伪造开源生态投毒活动追踪
- 图解安全意识:企业员工AI应用行为规范安全守则
- 第十九届全国大学生信息安全竞赛(创新实践能力赛)暨第三届“长城杯”网数智安全大赛(防护赛)半决赛圆满举办
- 直播预告 | 行业用户的AI安全实战分享
- 免费赠送 | 防范金融财产诈骗宣传资料(第二十期)
- 问鼎榜首!启明星辰荣获第三届“数信杯”数据安全大赛金奖
- C19-S07 启明星辰:龙虾安全六边形(暨OpenClaw类智能应用安全总览0323版)
- OpenClaw安全指南|不同身份用户必看的防护
- 专题·原创 | 筑牢网络安全法治基石 护航数字中国高效发展
- 关注 | 中央网信办指导网站平台全面规范短视频内容标注工作
- CNCERT | OpenClaw安全使用实践指南发布
- 关注 | 《促进和规范数据跨境流动规定》实施两周年 数据出境安全管理工作再上新台阶
- 关注 | 北京三部门约谈12家平台企业 通报“内卷式”竞争第一批问题
- LAPSUS$黑客组织宣称窃取阿斯利康核心数据,含源代码与云配置
- AI 重塑代码安全,Gitee CodePecker 新品发布会预约开启
- AI Agent运行安全亟待监控,防护体系建设成核心挑战
- SCW Trust Agent:让AI代码贡献“有迹可循”,实现软件风险可量化控制
- 【安全圈】为博眼球使用 AI 造谣“烟花厂爆炸致 2 死 2 伤”,男子被依法处罚
- 【安全圈】晋中网安部门破获一起非法获取公民个人信息案
- 【安全圈】地缘冲突下加密货币“雪崩”,比特币跳水,20万人爆仓血本无归!
- 2026渗透测试认证选择指南 — CISP-PTE vs CISP-PTS vs OSCP
- 面向网络空间安全方向的处理器安全入门指南
- 鼎信安全 | 网络安全一周资讯
- CNCERT发布OpenClaw安全使用实践指南
- RSAC 2026参展企业全景透视:Agentic AI安全如何从零到火爆
- Microsoft Security Blog
- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
- Tenable Blog
- 先知安全技术社区
- Recent Commits to cve:main
- No Headback
- Bug Bounty in InfoSec Write-ups on Medium
- Reverse Engineering
- /r/ReverseEngineering's Weekly Questions Thread
- We got Skype to log in - One major step in figuring out the popular 2000s IM client
- TIL you can detect a UEFI bootkit from usermode by just asking it nicely
- I built an FPGA reimplementation of the 3dfx Voodoo 1
- Using local LLM and Ghidra to analyze malware (Part 2)
- I tried multiple tools ( Httpstoolkit, frida, burp , pcapdroid and others ) uses these on rooted phone.. but 1 app is not working / opening with these apps... I just need its api / ws from where it fetch data... can anyone help?
- Malwarebytes
- 奇客Solidot–传递最新科技情报
- 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台
- Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
- 赵武的自留地
- 黑鸟
- 腾讯玄武实验室
- Shostack & Friends Blog
- 安全分析与研究
- 代码卫士
- 威努特安全网络
- 奇安信 CERT
- 全频带阻塞干扰
- 三欢师哥
- 安全内参
- 绿盟科技研究通讯
- 天御攻防实验室
- 灾难控制 局
- 看雪学苑
- 先进攻防
- 信安之路
- 中国信息安全
- 信息安全国家工程研究中心
- 安全圈
- 青藤云安全
- 安全牛
- 微步在线
- 君哥的体历
- 极客公园
- 阿里安全响应中心
- 腾讯安全威胁情报中心
- 火绒安全
- 嘶吼专业版
- ChaMd5安全团队
- OPPO安全中心
- 陌陌安全
- 补天平台
- 数世咨询
- 情报分析师
- 京东安全应急响应中心
- Qualys Security Blog
- 迪哥讲事
- Over Security - Cybersecurity news aggregator
- RuneScape Boards - 222,762 breached accounts
- Mazda discloses security breach exposing employee and partner data
- Tycoon2FA phishing platform returns after recent police disruption
- Someone has publicly leaked an exploit kit that can hack millions of iPhones
- FBI warns of Russian, Iranian cyber activity involving messaging platforms
- TeamPCP deploys Iran-targeted wiper in Kubernetes attacks
- Crunchyroll probes breach after hacker claims to steal 6.8M users' data
- Education company Kaplan reports data breach impacting more than 230,000
- Digital Omnibus e protezione dati: una riflessione politica sul futuro del GDPR
- Trivy supply-chain attack spreads to Docker, GitHub repos
- US sentences Nigerian national to 7 years in $6 million email fraud scheme
- ‘CanisterWorm’ Springs Wiper Attack Targeting Iran
- California-based semiconductor testing company reports ransomware attack to SEC
- FBI says Iranian hackers are using Telegram to steal data in malware attacks
- Obblighi di trasparenza e privacy: l’EDPB costruisce i pilastri per la conformità futura
- IoT insicuro by design: le botnet smantellate dagli USA sono un sintomo, non la malattia
- Russia-linked malware operation collapses after security failures, developer’s arrest
- Varonis Atlas: Securing AI and the Data That Powers It
- Beers with Talos breaks down the 2025 Talos Year in Review
- Microsoft Exchange Online service change causes email access issues
- Connecting Threat Intelligence to Decision-Making: How Flashpoint Is Operationalizing Intelligence in 2026
- 2025 Talos Year in Review: Speed, scale, and staying power
- Certego rafforza il proprio impegno nella sicurezza Cloud con le certificazioni ISO 27017 e ISO 27018
- US soldier sentenced for helping North Korean IT workers
- Falsa email su ChatGPT: nuova campagna di phishing in Italia ruba dati delle carte e codici OTP
- FBI warns of Handala hackers using Telegram in malware attacks
- NIST Updates DNS Security Guidance After 12 Years with SP 800-81r3
- Spoofing e chiamate abusive: i primi provvedimenti AGCOM, decisivi per il futuro
- One Operator, 373,000 Dark Web Sites, and a Criminal Business Built on Selling Nothing
- Privacy sotto assedio: anche in guerra i dati dei civili non devono diventare armi
- CISA orders feds to patch DarkSword iOS flaws exploited attacks
- New KB5085516 emergency update fixes Microsoft account sign-in
- Why Cybersecurity Still Fails at the Basics: Hackmanac CEO Sofia Scozzari
- Foster City Cyberattack Disrupts Services, Raises Data Breach Fears
- U.S. Man Admits to $8M Fake Music Streaming Scheme Using Bots and AI
- Women Shaping the Future of Mobile Cybersecurity in a Digital-First Era
- 360数字安全
- 安全行者老霍
- 安全419
- Securityinfo.it
- ICT Security Magazine
- IT Service Management News
- 安全产品人的赛博空间
- CNVD漏洞平台
- D3Lab
- SANS Internet Storm Center, InfoCON: green
- Instapaper: Unread
- Why iOS Jailbreaking IsOver — And What That Means forSecurity Teams
- Strava ci ricasca, quando il footing di un soldato tradisce la posizione di una portaerei
- Smartphone e indagini penali, i nuovi limiti sull’accesso ai dati
- Explainer Disk images
- Hacking a Robot Vacuum
- Proton Mail Shared User Information with the Police
- CyberChef The Only Data Tool You Need
- Introducing DFIR Toolkit Privacy-First DFIR utilities that run entirely in your browser
- Windows 11 quietly introduced a new execution artifact investigators should start checking
- Exploring Apple Intelligence Artifacts in iOS
- Have I Been Pwned latest breaches
- The Register - Security
- Claude attacks were 'Rorschach test' for infosec community, scaring former NSA boss
- Public-private partnerships vital in disrupting China's Typhoons, says RSA panel with no government speakers
- Lightning-fast exploits make it essential to patch fast, ask questions later
- Google unleashes Gemini AI agents on the dark web
- Smooth criminals talking their way into cloud environments, Google says
- US chip testing firm shrugged off ransomware hit as minor – then came the data leak
- RSAC 2026: Uncle Sam backs out, and AI agents are everywhere
- Microsoft fixes broken Windows update days after vowing fewer broken updates
- The drone swarm is coming, and NATO air defenses are too expensive to cope
- Schneier on Security
- Krebs on Security
- Technical Information Security Content & Discussion
- Remote Command Execution in Google Cloud with Single Directory Deletion
- Vulnerability Disclosure - SCHNEIDER ELECTRIC Modicon Controllers M241 / M251 / M262
- BoxPwnr: AI Agent Benchmark (HTB, TryHackMe, BSidesSF CTF 2026 etc.)
- e open-sourced 209 security tests for multi-agent AI systems (MCP, A2A, L402/x402 protocols)
- Why Your Brain is a Security Risk
- Detect SnappyClient C&C Traffic Using PacketSmith + Yara-X Detection Module
- Your Open Hacker Community
- The Hacker News
- North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
- ⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More
- We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them
- Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware
- Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper
- Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
- Blackhat Library: Hacking techniques and research
- Computer Forensics
- TorrentFreak
- Information Security
- Hybrid mesh firewall comparison
- Participants needed for university research on deepfake detection (18+, Computing Related Fields, 8–10 min)
- Cyber Security Problems
- Why "Prevention" is a dead strategy in 2026.
- I got into SANS {woo hoo}
- Built an open-source threat modeling tool. Looking for honest feedback.
- Tor Project blog
- Security Affairs
- QNAP fixed four vulnerabilities demonstrated at Pwn2Own Ireland 2025
- Pro-Iranian Nasir Security is targeting energy companies in the Gulf
- 44 Aqua Security repositories defaced after Trivy supply chain breach
- Iran-linked actors use Telegram as C2 in malware attacks on dissidents
- International police Operation Alice take down 373,000 dark web sites exploiting children
- netsecstudents: Subreddit for students studying Network Security and its related subjects
- Participants needed for university research on deepfake detection (18+, Computing Related Fields, 8–10 min)
- which vpn architecture actually removes operator visibility rather than relying on policy?
- Wanna get into ethical hacking but lowkey lost 😭
- Hello everyone, I’m trying to understand the field of cybersecurity and its future.
- Security Weekly Podcast Network (Audio)