[每日信息流] 2026-03-25 #1188
Description
每日安全资讯(2026-03-25)
- Private Feed for M09Ic
- pydantic released v1.71.0 at pydantic/pydantic-ai
- kpcyrd contributed to kpcyrd/rebuilderd
- mgeeky starred microsoft/RustTraining
- zeroclaw-labs released v0.6.2 at zeroclaw-labs/zeroclaw
- 0xbug starred hmgle/graftcp
- bolucat released 202603242013 at bolucat/Archive
- pathwaycom released v0.30.0 at pathwaycom/pathway
- strands-agents released v1.33.0 at strands-agents/sdk-python
- 0xbug starred mnfst/awesome-free-llm-apis
- Mr-xn forked Mr-xn/emlog-app-dev-skill from emlog/emlog-app-dev-skill
- CHYbeta starred jackwener/opencli
- Rvn0xsy starred SpecterOps/Nemesis
- github released v0.4.1 at github/spec-kit
- IC3-CR3AM starred tiajinsha/JKVideo
- oiweiwei released v1.2.18 at oiweiwei/go-msrpc
- Mr-xn starred iOfficeAI/AionUi
- liamg contributed to infracost/go-proto
- Mr-xn forked Mr-xn/web-access from eze-is/web-access
- Ridter starred eze-is/web-access
- Ridter forked Ridter/joern from joernio/joern
- gh0stkey starred openclaw/acpx
- timwhitez starred bytedance/deer-flow
- Doonsec's feed
- Litellm 供应链遭受攻击,今晚安装或升级请注意防范
- 关键基础设施的路由安全:一文读懂BGP替代者SCION
- MDUT-Extend:数据库安全综合测试工具
- 启明星辰天清汉马USG AI智能防火墙首家通过信通院标准检验
- 张雪峰老师,一路走好
- 原创-网络安全版出师表
- HiClaw Log Search: 一站式系统日志查询利器
- 【免杀工具】ZeroEye5.0重大更新,新增.net劫持扫描及模板
- 【工具推荐】 - ZeroEye3.0自动化找白文件,提升免杀效率,实现降本增效
- 【工具推荐】xa0-xa0比Everything弱一点的自动化白加黑工具(灰梭子)
- 张雪峰老师离世,病历单爆出!父亲2022年去世,孩子今年才11岁
- AI挖洞已是现在时:企业用它跑渗透,白帽用它抢漏洞,你还在手动?
- 我们更应该关注自己什么?
- 红队攻防-多阶段感染链
- Iphone漏洞利用工具包 已公开23个CVE
- 【讣告】张雪峰老师一路走好
- LangChain基础一Model与Prompts
- 心源性猝死:为什么「最健康的时刻」可能最危险?
- 前沿追踪 | 史无前例!亲伊朗黑客组织悬赏5000万美元缉拿特朗普与内塔尼亚胡—全球首例直指国家元首的“数字通缉令”
- 四款文件上传绕过工具
- 等保标准扩展丨数据安全系列公安行标解析(一)
- 论文研读与思考 | HLPFuzz:基于大语言模型约束求解的混合式语言处理器模糊测试
- 突发!张雪峰多平台头像变黑白,全网紧急祈福
- 21种暗网开源情报工具
- 焦糖布丁v4.0:OpenClaw AI安全基线与漏洞检测工具
- 【AI安全】防不胜防!破解大模型只需一段文言文?
- 炸了!小米2025年财报刷屏:营收4573亿,汽车狂卖41万辆,一个业务暴涨223%
- 安测促发展,积聚创未来——2026网络通信安全融合生态创新发展大会在宁举行
- B1ackTide 安全团队出品|56 课时 Web 安全全体系课,团队竞赛大神亲授,从入门到实战(进群方式在文末哦!)
- 手把手拆解:小程序/Web端加密鉴权绕过案例全复现
- 同样是挖洞,为什么我提交的报告全是重复or忽略?
- 官方授牌!神州希望正式成为三亚亚沙会支持单位(白银级)
- 如果AI能自动发现漏洞,企业还愿意花高价请安全团队吗?
- 直播预告|腾讯云:如何养出好用可控的企业级 AI “小龙虾”?
- 免费赠送 | 防范网络电信诈骗宣传素材(第二十期)
- AI赋能CTF比赛-Web类(burpmcp+kalimcp)
- Langflow 远程代码执行漏洞(CVE-2026-33017) 复现
- #
- 泛微 E-cology 10 未授权远程代码执行漏洞分析与安全风险解读
- 第一天学习CCIE
- 让 AI 帮你逆向 JS:js-reverse-mcp
- 捷报!宁夏网安职业技术学院在全国网安大赛中斩获佳绩,彰显实战育人新高度
- 密码杂谈
- 我的 AI Coding 最佳实践
- 使用AI帮我开发的一个免杀加载器工具
- 滴滴邀你一起,迈入智能工作美好协同
- Cursor承认用Kimi训练,Anthropic月入25亿,AI编程的天变了
- 【星火之声】第二期:CISCN&CCB半决赛WriteUp
- WSDM 2026|快手大促CVR预测技术斩获最佳长文提名奖!
- PHP代码审计Skill 【0day杀手】
- 邀请函 | 2026年C3安全大会与您相约成都
- 威胁行为者以 MS-SQL 服务器为目标,部署 ICE 云扫描器恶意软件
- 黄金配置
- 论文一直投不中?大牛帮修改、选刊、投稿、返修后,被拒的5篇SCI全中了!
- 当你的行车记录仪成为“公共直播”:一次真实的免下车入侵之旅
- AI时代网络安全分析报告
- 盛邦安全EADA卫星互联网内生主动防御架构研发成功,研究成果发表《中国科学:信息科学》
- 当 Token 被称为“词元”:一场关于 AI 命名权与工业叙事
- 网络安全AI智能体在金融业落地挑战与实践探索
- H3C新网络系列(VSR NFV VCF)全套维护指导书
- 腾讯云从业者认证知识列表学习笔记题库合集
- 网络技术思维导图大全(共29份)
- 华为官方SDN核心技术资料汇总集(含iMaster NCE、Agile Controller)
- 华为CloudEngine 16800, 12800, 12800E, 8800, 7800, 6800, 5800系列交换机 维护宝典
- 虚拟化核心技术全套学习PPT(共18份)
- 多品牌网络设备命令配置实战合集(13份)
- Alcatel OmniSwitch交换机 用户使用手册(完整版)
- 用结构化的思维,重新认识一下“时间”
- 【成功复现】Langflow 远程代码执行漏洞(CVE-2026-33017)
- Tenable Blog
- TRY博客
- Microsoft Security Blog
- 先知安全技术社区
- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
- obaby 𝐢𝐧⃝ void
- No Headback
- SecWiki News
- Recent Commits to cve:main
- paper - Last paper
- ArthurChiao's Blog
- Horizon3.ai
- GuidePoint Security
- Bug Bounty in InfoSec Write-ups on Medium
- The Trail of Bits Blog
- Malwarebytes
- VMRay
- Intigriti
- Checkmarx
- text/plain
- HackerNews
- 奇客Solidot–传递最新科技情报
- Offensive Security Blog: Latest Trends in Hacking | Praetorian
- rtl-sdr.com
- Saveitforparts: Testing a Prototype Discovery Drive Az/El Antenna Rotator
- Wavelingo: Real-Time AI Shortwave Translation for the KiwiSDR Network
- GridDown: An Offline-First Situational Awareness Platform with RTL-SDR, SARSAT, Meshtastic
- RDF-J / ECM-J System: TDoA Signal Location Finding and Electronic Jamming with HackRF
- 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台
- 雷神众测
- 奇安信 CERT
- 绿盟科技研究通讯
- 威努特安全网络
- 黑鸟
- 安全分析与研究
- 看雪学苑
- 丁爸 情报分析师的工具箱
- 代码卫士
- 微步在线研究响应中心
- 信息安全国家工程研究中心
- 安全内参
- 中国信息安全
- 威胁棱镜
- 信安之路
- XCTF联赛
- 安全牛
- 青藤云安全
- 网安杂谈
- 安全圈
- 极客公园
- 嘶吼专业版
- 数世咨询
- 吴鲁加
- 慢雾科技
- 情报分析师
- 墨菲安全
- 迪哥讲事
- 360数字安全
- Qualys Security Blog
- TrustedSec
- Arturo Di Corinto
- 安全行者老霍
- IntelTechniques Blog
- DARKNAVY
- Kali Linux
- ICT Security Magazine
- Over Security - Cybersecurity news aggregator
- PTC warns of imminent threat from critical Windchill, FlexPLM RCE bug
- UK pilot program to test social media restrictions on families before government decides on ban
- Popular LiteLLM PyPI package compromised in TeamPCP supply chain attack
- Vibe coding could reshape SaaS industry and add security risks, warns UK cyber agency
- Stryker says malware was involved in recent cyberattack as production lines reopen
- FCC bans new routers made outside the USA over security risks
- Kali Linux 2026.1 Release (2026 Theme & BackTrack Mode)
- ‘Your Data Will Be Used Against You’: Author of new book on the dangers of a surveillance society
- Firefox now has a free built-in VPN with 50GB monthly data limit
- API sotto attacco: la sicurezza dell’AI passa dall’infrastruttura applicativa
- FCC bans foreign-made routers from US market over ‘unacceptable risk’
- Reati informatici e punibilità in Italia: un sistema “aperto” non è reato
- Microsoft fixes bug causing Classic Outlook sync issues with Gmail
- Recensione pCloud 2026: Privacy svizzera e storage a vita
- Claudy Day: quando la prompt injection esfiltra dati riservati
- Iran-linked ransomware gang targeted US healthcare org amid military conflict
- Dutch Finance Ministry probing cyber breach affecting internal systems
- HackerOne discloses employee data breach after Navia hack
- Zero Trust: Bridging the Gap Between Authentication and Trust
- Infinite Campus warns of breach after ShinyHunters claims data theft
- Anime streaming giant Crunchyroll says hacker stole data related to customer service tickets
- Yanluowang ransomware access broker gets 81 months in prison
- Russian hacker who helped Yanluowang ransomware gang gets nearly 7 year prison sentence
- Dutch Ministry of Finance discloses breach affecting employees
- Russian Access Broker Gets Nearly 7 Yrs for Enabling Millions in Ransomware Extortion
- Cyber attacchi, Italia tra i Paesi più colpiti: ma quanto tempo serve alle aziende per ripartire?
- Canada-Based Organization Health Shared Services Accelerates SOC Investigations with ANY.RUN
- Oracle Issues Emergency Patch for Critical Flaw Enabling Remote Code Execution
- Common Entra ID Security Assessment Findings – Part 1: Foreign Enterprise Applications With Privileged API Permissions
- NIS 2: sistema documentale come prova di diligenza e responsabilità del vertice
- Silver Fox: The Only Tax Audit Where the Fine Print Installs Malware
- Licenziabili le vittime di cyber truffe: i dipendenti sono responsabili, ma serve anche governance
- The Biggest Threat to Your Digital Security Isn’t a Hacker — It’s Human Nature, Says Dr. Sheeba Armoogum
- Alleged Cyberattack on Crunchyroll Exposes Risks in Outsourced Systems
- Iran-Linked Hackers Use Messaging Platform to Target Dissidents and Journalists
- India’s Evolving Cyber Threat Landscape: State-Sponsored Attacks, Hacktivism, and What’s Next in 2026
- AWS Bedrock: otto vettori che trasformano l’AI in un punto d’ingresso
- Inside the Woundtech Leak: Missed Opportunity or Mismanaged Response?
- Hacker walks away with $24.5 million after breaching Resolv DeFi platform
- OpenAI rolls out ChatGPT Library to store your personal files
- bellingcat
- 360威胁情报中心
- Securityinfo.it
- Javvad Malik
- Microsoft Browser Vulnerability Research
- Troy Hunt's Blog
- TaoSecurity Blog
- Schneier on Security
- TorrentFreak
- Security Affairs
- Data breach at Dutch Ministry of Finance impacts staff following cyberattack
- QualDerm Partners December 2025 data breach impacts over 3 Million people
- Citrix NetScaler critical flaw could leak data, update now
- 81-month sentence for Russian hacker behind major ransomware campaigns
- North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware
- Deeplinks
- The Register - Security
- EFF has a new boss to lead the fight against privacy-sucking forces of doom
- 1K+ cloud environments infected following Trivy supply chain attack
- LiteLLM loses game of Trivy pursuit, gets compromised
- HackerOne slams supplier for delayed breach notice after staff data exposed
- Country that put backdoors into Cisco routers to spy on world bans foreign routers
- Russian initial access broker who fed ransomware crews gets 81 months in US prison
- Tor Project blog
- The Hacker News
- TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise
- Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR
- 5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents
- Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner
- The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills
- Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials
- TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials
- U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage
- Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks
- SANS Internet Storm Center, InfoCON: green
- NetSPI
- Security Weekly Podcast Network (Audio)