[每日信息流] 2026-03-31 #1194
Description
每日安全资讯(2026-03-31)
- Private Feed for M09Ic
- anthropics released v2.1.88 at anthropics/claude-code
- joaoviictorti starred nicocha30/ligolo-iwa
- Teach2Breach forked Teach2Breach/InsomniacUnwinding from kapla0011/InsomniacUnwinding
- Teach2Breach starred kapla0011/InsomniacUnwinding
- zema1 starred Flow-Launcher/Flow.Launcher
- freqtrade released 2026.3 at freqtrade/freqtrade
- OpenAEV-Platform released 2.3.2 at OpenAEV-Platform/openaev
- DVKunion starred firecrawl/firecrawl
- Mr-xn starred onecli/onecli
- ReaJason released v2.6.1 at ReaJason/MemShellParty
- WAY29 starred XBigRoad/prompt-optimizer-studio
- spf13 starred TypeWhisper/typewhisper-win
- rabbitmask forked rabbitmask/daily_stock_analysis from ZhuLinsen/daily_stock_analysis
- mgeeky starred kapla0011/InsomniacUnwindingCrossProcess
- WAY29 starred shareAI-lab/learn-claude-code
- Mel0day starred yetone/voice-input-dist
- kpcyrd contributed to kpcyrd/apt-swarm
- xpn forked xpn/sccmhunter from garrettfoster13/sccmhunter
- CHYbeta starred qxcnm/Codex-Manager
- mgeeky starred deathflamingo/CDP-Enabler
- Rvn0xsy forked 0x727/basic_logger from MythicC2Profiles/basic_logger
- SecWiki News
- Microsoft Security Blog
- obaby 𝐢𝐧⃝ void
- Doonsec's feed
- 【资料】美国以色列伊朗中东战争每日战况报告汇总
- 【培训】开源情报分析师实战能力培训班-4月成都开班
- 亿赛通-电子文档安全管理系统DecryptApplication;Servicelogin接口存在任意文件读取漏洞 附POC
- 同形字符如何被滥用于网络欺诈
- 哈哈哈哈哈哈哈
- SUCTF2026 Ez_Router
- 【更新2节】冰与火的战歌:Windows内核攻防实战
- 网络韧性视角下《中华人民共和国网络安全法》的演进逻辑与发展路径
- 央行要求:2026进一步提高网络安全、数据安全韧性
- 信息安全——DES加密算法原理以及3DES
- CANoe -未来不止 DDS、SOME/IP、CAN XL、10BASE-T1S…
- 议程揭晓!第九届CSA大中华区大会暨前沿人工智能安全峰会
- 应对iOS安全威胁新挑战,梆梆安全 “源到源” 加固全面护航移动应用安全
- 【工信动态】工业和信息化部党组举办树立和践行正确政绩观学习教育辅导报告会暨读书班开班式
- 【实验室】智能工厂共性技术测试验证与评估评价工业和信息化部重点实验室2026年开放课题征集通知
- 【高危漏洞预警】Grafana SQL表达式任意文件写入导致RCE(CVE-2026-27876)
- 长亭科技亮相2026全球开发者先锋大会,论OpenClaw防护促AI安全
- 等保标准 | 数据安全系列公安行标解析(一)(二)
- 备考CCSP丨用CCSP互动学习卡助力高效备考
- 天基综合信息系统全国重点实验室论文被CVPR2026录用
- 国家安全机关:有不法分子通过给搜索结果添加恶意模块等方式开展窃密活动
- 世界数据组织在北京正式成立 已汇集会员超200个
- ShinyHunters 声称窃取欧盟委员会超 350GB 数据
- 自写的几个BOF,可过内存防护!
- 【漏洞通告】Citrix NetScaler ADC和NetScaler Gateway越界读取漏洞 CVE-2026-3055
- 网络安全信息与动态周报2026年第12期(3月16日-3月22日)
- 三款 Qwen3.5 本地模型效果对比
- 没规划,千万别轻易学网络安全!
- 山东新潮信息技术有限公司党支部赴红旗渠开展主题党日活动
- 天融信亮相2026中关村论坛年会,共话数智时代产学研协同创新
- 从472起事件解码2025威胁全景:攻击进入精准渗透时代(附报告下载)
- 等保合规再升级!6月1日起,“数据安全”成硬指标
- 【树立和践行正确政绩观】深学细悟 在实干担当中践行初心使命
- [吃瓜速递]FBI局长遭黑客“开盒”!成人网站账号、购物评价、私人邮件全泄露
- OpenClaw(龙虾)安全风险浅析与排查指南
- 通信公司网络运维人员私自出售上行流量 获利160万被捕
- DeepSeek崩了 已解决服务恢复
- 女子深夜睡梦中账号自动发评论 客服却回应:你误触了
- 《广东省快递条例》7月1日起施行
- 洞察|中国工程院发布:2025年度全球工程前沿
- 解读|数据从业者必看!国家数据局近3期政策解读
- 产业|网安市场周度监测(2026-03-30)
- 今日(2026年3月30日)OpenClaw 最新安全动态总结
- VulnTarget-P 纯IPv6下的攻防与数据恢复实战
- PAN-OS 中 Nginx/Apache 路径混淆导致身份验证绕过
- 参与有奖!训练营第一期:涉诈APP后端服务器地址抓取
- 原创-职场几大忌讳
- 遥感行业每日标讯 | 2026-03-30
- 《天津市网络安全和信息化条例》通过 自2026年5月1日起施行,更加强化密评和数据安全
- 警惕!只需一个举动,你可能已经犯罪
- AI+网络安全人才招募计划
- Claude Mythos泄露草稿深度解读
- 年度报告:山石网科 2025年度实现营收9.11亿,同比减少8.55%,利润总额-2.05亿
- 行业资讯:星环科技 拟在“香港联交所”主板挂牌上市的进展情况
- 行业资讯:安恒信息 补选非独立董事
- 《2026年网络与信息安全行业全景图》及产品名录 正式发布 !
- 4月好课推荐:CISP、CISSP、CISA开班倒计时
- 信息安全敲门砖认证-Security+
- polarisctf招新赛-部分(WEB)
- 一站式等保合规,助力企业数字化转型
- 《人工智能云 机密计算能力要求》标准参编单位征集
- Supermap iServer历史漏洞浅析(上)
- LiteLLM 供应链攻击事件始末
- 小米AI方向裁员:入职7月被“优化”,26、27届应届生必看
- 显存又要撑爆了? 砸钱买 KV Cache 存储方案前,请先看这三点!
- AndroidManifest处理工具V1.0
- Anthropic专攻漏洞挖掘的秘密模型Claude Mythos泄露,AI安全攻防格局突变
- 可信数据空间(七)基于密态可信云的可信数据空间
- RSAC 2026创新沙盒 | Charm Security:面向新型诈骗的AI反欺诈平台
- RSAC 2026创新沙盒 | Humanix:面向人的社会工程攻击检测与响应
- Linux服务器如何防止网页被篡改
- 【漏洞复现】Langflow 未授权远程代码执行(CVE-2026-33017)
- 伪造信息这一块,我的组织文档完好无损[捂脸]
- IETF 125|下一代域间路由架构与协议边会顺利召开
- 分享图片
- 苹果 DarkSword 漏洞工具公开,数亿 iPhone 面临窃密风险
- 非均衡中国经济
- 手把手CNVD从资产收集到通杀漏洞挖掘
- 2026数字中国创新大赛・数字安全赛道网络和数据安全产业赛火热报名中!
- 国内算力介绍
- Tornado Cash 保护了他的钱。但保护不了他凌晨两点的手痒。
- 一次意外的接口测试
- Check Point 《2026 年网络安全报告》中文版发布
- 重磅泄露!Anthropic最强模型意外曝光:能力碾压Opus 4.6,却因太危险被雪藏
- 热门 Python 库 LiteLLM 遭供应链攻击,Python启动即可窃取个人凭证
- 伊朗关联黑客入侵了FBI局长的个人邮箱,并公布了照片和文件
- #金融常识 #网贷注销 #债务规划 #网贷关闭
- WSL 仓库 issue 一夜“膨胀”到 4 万号:GitHub 多仓库疑遭广告灌水,社区口径已喊到 10 万+
- 别再把它当成“一堆 ModSecurity 规则”了:OWASP CRS 才是很多 Web 防护体系真正的底座
- 【工具推荐】 - ZeroEye3.0自动化找白文件,提升免杀效率,实现降本增效
- SQL 到 SSH:Grafana 中存在严重 CVSS 9.1 级远程代码执行漏洞,可将监控变成远程劫持
- 今年网安的招聘市场已经崩溃了。。。
- GPT-5.4多模态代码生成实战评测:2026年AI编程的范式革命
- 反编译白宫 app 会被定点……吗?
- [工具教程]Burp 光标瞎飘?这篇教你彻底搞定
- OpenClaw全自动刷CVE编号
- 潮玩网络不“翻车” 少年上网有秘籍
- OpenClaw 开发Skills实践 微信自动储存图片到NAS
- 2025年中国企业邮箱安全性研究报告
- 秦安:伊朗周日放开三国通行霍尔木兹海峡,善用金融战痛击特朗普
- 暗网泄露:M国顶级一体化数字安全公司信息泄露
- Upload Labs 第13关通关详解:POST 传参与 0x00 截断的实战利用
- 你的"信任"正在被黑客利用——零信任
- AI大模型安全护栏攻防,深挖提示词注入漏洞,拆解多模态绕过手法
- 阿贾克斯足球俱乐部遭黑客攻击,球迷数据泄露,球票被盗
- TCSEC思想在国际上的继承与发展脉络
- OSI模型第一层:物理层
- 《网络安全法》等级保护法条第一款分解
- 美国政府停摆与预算不足对网络安全带来的风险的一点杂谈
- 工具推荐 | UploadRanger专业级文件上传漏洞检测:全面支持263种绕过技术、代理抓包与动态深度扫描
- Recent Commits to cve:main
- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
- Cerbero Blog
- Bug Bounty in InfoSec Write-ups on Medium
- GuidePoint Security
- Sandfly Security Blog RSS Feed
- Horizon3.ai
- blog.avast.com EN
- Sucuri Blog
- Malwarebytes
- Wallarm
- 杨龙
- Checkmarx
- 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台
- 腾讯玄武实验室
- Shostack & Friends Blog
- 奇客Solidot–传递最新科技情报
- 威努特安全网络
- 黑鸟
- 安全分析与研究
- 暗影安全
- 代码卫士
- 奇安信 CERT
- 绿盟科技研究通讯
- 天御攻防实验室
- 先进攻防
- 非尝咸鱼贩
- 看雪学苑
- 信息安全国家工程研究中心
- 中国信息安全
- 安全牛
- 安全圈
- 威胁棱镜
- NOVASEC
- 青藤云安全
- M01N Team
- 数世咨询
- 极客公园
- 补天平台
- 嘶吼专业版
- 情报分析师
- 慢雾科技
- 京东安全应急响应中心
- 深信服千里目安全技术中心
- 威胁猎人Threat Hunter
- Qualys Security Blog
- 迪哥讲事
- 360数字安全
- 字节跳动技术团队
- 安全行者老霍
- bellingcat
- Over Security - Cybersecurity news aggregator
- Healthcare tech firm CareCloud says hackers stole patient data
- New RoadK1ll WebSocket implant used to pivot on breached networks
- Critical Citrix NetScaler memory flaw actively exploited in attacks
- Italian regulator fines financial giant $36 million for data protection failures
- L’identità digitale è il bersaglio: l’attacco che segna un cambio di paradigma
- Beyond Compliance: How Financial Institutions Can Meet New Fraud-Sharing Mandates While Respecting Privacy
- Professional Networks Under Attack: Vietnam-Linked Actors Deploy PXA Stealer in Global Infostealer Campaign
- Apple adds macOS Terminal warning to block ClickFix attacks
- AI Act, la semplificazione che complica: meno regole, più incoerenza?
- European Commission downplays ShinyHunters cyberattack impact
- How to Evaluate AI SOC Agents: 7 Questions Gartner Says You Should Be Asking
- Hybrid Warfare 2026: When Cyber Operations and Kinetic Attacks Converge
- Forrester Threat Intelligence Landscape: Key Takeaways for Security Leaders
- Russian court sentences notorious card fraud ringleader ‘Flint’ and 25 associates
- Healthcare software firm CareCloud informs SEC of potential patient data leak
- State Department reissues $10 million reward for info on Iranian hackers
- ANY.RUN at RSAC™ 2026: Highlights & Industry Recognition
- Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now
- Chi governa l’AI? Il Tribunale annulla la sanzione a OpenAI e ridefinisce i confini del Garante
- AI-Fueled Cyberattacks Surge in UAE Amid Rising Regional Tensions
- uConsole Review: A Portable Linux Cyberdeck
- Microsoft pulls KB5079391 Windows update over install issues
- Cybersecurity Is a Calling, Not Just a Career — Dr. Priyanka Sunder (PD) on Women Leading the Charge
- Hackers Impersonate Ukrainian CERT to Plant a RAT on Government, Hospital Networks
- Sovranità digitale europea: tra ambizione e realtà
- Cybersecurity Strategy Planning: The Essential Reset for Security Teams and Leaders in 2026
- Latvia Warns of Disinformation Campaign Targeting Baltic States
- Critical Fortinet Forticlient EMS flaw now exploited in attacks
- Smart Homes Are Getting Smarter—But Post-Breach Guidance Is Falling Behind
- New widespread EvilTokens kit: device code phishing as-a-service – Part 1
- European Commission confirms data breach after Europa.eu hack
- 30% of Retailers Fail to Show Accurate Discounts, EU Probe Reveals
- Hackers Circle Citrix NetScaler Flaw Within Hours of Disclosure
- European Commission Confirms Cyberattack, Probes Possible Data Theft from Websites
- SANS Internet Storm Center, InfoCON: green
- Krypt3ia
- ICT Security Magazine
- Passkeys in azienda: guida tecnica alla migrazione FIDO2 per il CISO italiano
- Handala viola l’email personale del Direttore dell’FBI Kash Patel: la risposta dell’Iran alla guerra cyber
- Iran cyber warfare: 30 giorni di guerra digitale
- Commissione Europea violata: ShinyHunters rivendica oltre 350 GB sottratti dall’infrastruttura AWS
- Attacchi informatici ai dispositivi medicali: rischi per pazienti e ospedali
- 安全419
- CNVD漏洞平台
- Desync InfoSec
- Troy Hunt's Blog
- Lenny Zeltser
- Schneier on Security
- 希潭实验室
- 吾爱破解论坛
- The Hacker News
- OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability
- DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
- ⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More
- 3 SOC Process Fixes That Unlock Tier 1 Productivity
- Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels
- The State of Secrets Sprawl 2026: 9 Takeaways for CISOs
- Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign
- Deeplinks
- The Register - Security
- OpenAI patches ChatGPT flaw that smuggled data over DNS
- Telnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
- Citrix NetScaler bug exploited in days, may be multiple flaws in a trench coat
- European Commission admits attackers broke into public web systems, but says little else
- Security contractor blew the whistle on support crew's viral indifference
- US foreign router ban criticized for being ‘industrial policy disguised as cybersecurity’
- Security Affairs
- China-Linked groups target Southeast Asian government with advanced malware in 2025
- It’s a mystery … alleged unpatched Telegram zero-day allows device takeover, but Telegram denies
- Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution
- New macOS Infinity Stealer uses Nuitka Python payload and ClickFix
- Russia-linked APT TA446 uses DarkSword exploit to target iPhone users in phishing wave
- Trend Micro Research, News and Perspectives
- DEFION Research Labs
- Ruckus Unleashed: Multiple vulnerabilities exploited
- Pwn2Own Automotive 2024: Hacking the Autel MaxiCharger
- Pwn2Own Automotive 2024: Hacking the JuiceBox 40
- Pwn2Own Automotive 2024: Hacking the ChargePoint Home Flex (and their cloud...)
- DoNex/DarkRace Ransomware Decryptor
- CVE-2024-20693: Windows cached code signature manipulation
- Bringing process injection into view(s): exploiting all macOS apps using nib files
- Don’t Talk All at Once! Elevating Privileges on macOS by Audit Token Spoofing
- Getting SYSTEM on Windows in style
- Technical analysis of the Genesis Market
- Bad things come in large packages: .pkg signature verification bypass on macOS
- Pwn2Own Miami 2022: ICONICS GENESIS64 Arbitrary Code Execution
- Pwn2Own Miami 2022: Unified Automation C++ Demo Server DoS
- Pwn2Own Miami 2022: AVEVA Edge Arbitrary Code Execution
- Process injection: breaking all macOS security layers with a single vulnerability
- Pwn2Own Miami 2022: Inductive Automation Ignition Remote Code Execution
- Pwn2Own Miami 2022: OPC UA .NET Standard Trusted Application Check Bypass
- CoronaCheck App TLS certificate vulnerabilities
- Sandbox escape + privilege escalation in StorePrivilegedTaskService
- Proctorio Chrome extension Universal Cross-Site Scripting
- Zoom RCE from Pwn2Own 2021
- Adobe Acrobat privilege escalation
- iOS VPN support: 3 different bugs
- Sign in with Apple - authentication bypass
- Jenkins - authentication bypass
- DNS rebinding for HTTPS
- Spring Security - insufficient cryptographic randomness
- XenServer - path traversal leading to authentication bypass
- Volkswagen Auto Group MIB infotainment system - unauthenticated remote code execution as root
- NAPALM - command execution on NAPLM controller from host
- MySQL Connector/J - Unexpected deserialisation of Java objects
- Ansible - command execution on Ansible controller from host
- Observium - unauthenticated remote code execution
- cSRP/srpforjava - obtaining of hashed passwords
- StartEncrypt - obtaining valid SSL certificates for unauthorized domains
- TorrentFreak
- Security Weekly Podcast Network (Audio)
- 网安寻路人