# 每日安全资讯(2026-03-25) - Private Feed for M09Ic - [ ] [pydantic released v1.71.0 at pydantic/pydantic-ai](https://github.com/pydantic/pydantic-ai/releases/tag/v1.71.0) - [ ] [kpcyrd contributed to kpcyrd/rebuilderd](https://github.com/kpcyrd/rebuilderd/pull/223) - [ ] [mgeeky starred microsoft/RustTraining](https://github.com/microsoft/RustTraining) - [ ] [zeroclaw-labs released v0.6.2 at zeroclaw-labs/zeroclaw](https://github.com/zeroclaw-labs/zeroclaw/releases/tag/v0.6.2) - [ ] [0xbug starred hmgle/graftcp](https://github.com/hmgle/graftcp) - [ ] [bolucat released 202603242013 at bolucat/Archive](https://github.com/bolucat/Archive/releases/tag/202603242013) - [ ] [pathwaycom released v0.30.0 at pathwaycom/pathway](https://github.com/pathwaycom/pathway/releases/tag/v0.30.0) - [ ] [strands-agents released v1.33.0 at strands-agents/sdk-python](https://github.com/strands-agents/sdk-python/releases/tag/v1.33.0) - [ ] [0xbug starred mnfst/awesome-free-llm-apis](https://github.com/mnfst/awesome-free-llm-apis) - [ ] [Mr-xn forked Mr-xn/emlog-app-dev-skill from emlog/emlog-app-dev-skill](https://github.com/Mr-xn/emlog-app-dev-skill) - [ ] [CHYbeta starred jackwener/opencli](https://github.com/jackwener/opencli) - [ ] [Rvn0xsy starred SpecterOps/Nemesis](https://github.com/SpecterOps/Nemesis) - [ ] [github released v0.4.1 at github/spec-kit](https://github.com/github/spec-kit/releases/tag/v0.4.1) - [ ] [IC3-CR3AM starred tiajinsha/JKVideo](https://github.com/tiajinsha/JKVideo) - [ ] [oiweiwei released v1.2.18 at oiweiwei/go-msrpc](https://github.com/oiweiwei/go-msrpc/releases/tag/v1.2.18) - [ ] [Mr-xn starred iOfficeAI/AionUi](https://github.com/iOfficeAI/AionUi) - [ ] [liamg contributed to infracost/go-proto](https://github.com/infracost/go-proto/pull/11) - [ ] [Mr-xn forked Mr-xn/web-access from eze-is/web-access](https://github.com/Mr-xn/web-access) - [ ] [Ridter starred eze-is/web-access](https://github.com/eze-is/web-access) - [ ] [Ridter forked Ridter/joern from joernio/joern](https://github.com/Ridter/joern) - [ ] [gh0stkey starred openclaw/acpx](https://github.com/openclaw/acpx) - [ ] [timwhitez starred bytedance/deer-flow](https://github.com/bytedance/deer-flow) - Doonsec's feed - [ ] [Litellm 供应链遭受攻击,今晚安装或升级请注意防范](https://mp.weixin.qq.com/s/aK5j8lBoMGKG622Gwl6klA) - [ ] [关键基础设施的路由安全:一文读懂BGP替代者SCION](https://mp.weixin.qq.com/s/uNo23VgaLl5ts8TGj6djZA) - [ ] [MDUT-Extend:数据库安全综合测试工具](https://mp.weixin.qq.com/s/3jxxsEeJtmaAmGt-nU3-Ow) - [ ] [启明星辰天清汉马USG AI智能防火墙首家通过信通院标准检验](https://mp.weixin.qq.com/s/xdSbsDyEdYQ150QhbmoUsg) - [ ] [张雪峰老师,一路走好](https://mp.weixin.qq.com/s/cNG-i4uIfDrpuNdF26vXXw) - [ ] [原创-网络安全版出师表](https://mp.weixin.qq.com/s/Lrmy4rLgZDSu_wWHQTuCdg) - [ ] [HiClaw Log Search: 一站式系统日志查询利器](https://mp.weixin.qq.com/s/5TC5fXnHSRYVIizY18zv5g) - [ ] [【免杀工具】ZeroEye5.0重大更新,新增.net劫持扫描及模板](https://mp.weixin.qq.com/s/KDOhlbZst1k1ACcXo_gGAA) - [ ] [【工具推荐】 - ZeroEye3.0自动化找白文件,提升免杀效率,实现降本增效](https://mp.weixin.qq.com/s/eB6B9eHWU5smZ0BGTGsepA) - [ ] [【工具推荐】xa0-xa0比Everything弱一点的自动化白加黑工具(灰梭子)](https://mp.weixin.qq.com/s/w80Bn1mpBQ-G9Q7FlgLNdw) - [ ] [张雪峰老师离世,病历单爆出!父亲2022年去世,孩子今年才11岁](https://mp.weixin.qq.com/s/0a6nLmChLd0Eox7k-sOeVQ) - [ ] [AI挖洞已是现在时:企业用它跑渗透,白帽用它抢漏洞,你还在手动?](https://mp.weixin.qq.com/s/0KBtIJHvDtAWz0uv8v1Pgg) - [ ] [我们更应该关注自己什么?](https://mp.weixin.qq.com/s/AGXsfbffkwPotSnw0hag4Q) - [ ] [红队攻防-多阶段感染链](https://mp.weixin.qq.com/s/kRGAVrCpqOSv9k36rAU-qQ) - [ ] [Iphone漏洞利用工具包 已公开23个CVE](https://mp.weixin.qq.com/s/fJyIpOq2Pu5J8uNOO0dTyA) - [ ] [【讣告】张雪峰老师一路走好](https://mp.weixin.qq.com/s/pRNyVoxAlziR3h2kj_70rA) - [ ] [LangChain基础一Model与Prompts](https://mp.weixin.qq.com/s/OsMe_LCz8g-NjQuKyq1zxw) - [ ] [心源性猝死:为什么「最健康的时刻」可能最危险?](https://mp.weixin.qq.com/s/E-augo6BkWtHUhjJN76H5Q) - [ ] [前沿追踪 | 史无前例!亲伊朗黑客组织悬赏5000万美元缉拿特朗普与内塔尼亚胡—全球首例直指国家元首的“数字通缉令”](https://mp.weixin.qq.com/s/P5BywR9dCtBkCk-hW1GYvA) - [ ] [四款文件上传绕过工具](https://mp.weixin.qq.com/s/LHsyF1JXN03bxzkt8CPGGw) - [ ] [等保标准扩展丨数据安全系列公安行标解析(一)](https://mp.weixin.qq.com/s/DJRWZZKgOLd5vzhu_SJuKw) - [ ] [论文研读与思考 | HLPFuzz:基于大语言模型约束求解的混合式语言处理器模糊测试](https://mp.weixin.qq.com/s/NlH62oiOylKsAlONDdB4Kw) - [ ] [突发!张雪峰多平台头像变黑白,全网紧急祈福](https://mp.weixin.qq.com/s/IkmeaFNP8F9t3mUJk24eFw) - [ ] [21种暗网开源情报工具](https://mp.weixin.qq.com/s/uAqoi0FE7ruytWP7AQspDg) - [ ] [焦糖布丁v4.0:OpenClaw AI安全基线与漏洞检测工具](https://mp.weixin.qq.com/s/wSKnqjgJGhrxyOmv8PRpyQ) - [ ] [【AI安全】防不胜防!破解大模型只需一段文言文?](https://mp.weixin.qq.com/s/kDciklp7cTo42V42qkD1mQ) - [ ] [炸了!小米2025年财报刷屏:营收4573亿,汽车狂卖41万辆,一个业务暴涨223%](https://mp.weixin.qq.com/s/qzfs1fnAMVcmb8R9FH5WNA) - [ ] [安测促发展,积聚创未来——2026网络通信安全融合生态创新发展大会在宁举行](https://mp.weixin.qq.com/s/BaZWHyYuojI3iN13UJNmdw) - [ ] [B1ackTide 安全团队出品|56 课时 Web 安全全体系课,团队竞赛大神亲授,从入门到实战(进群方式在文末哦!)](https://mp.weixin.qq.com/s/b3A6XyApXB9nCM90fOP9IQ) - [ ] [手把手拆解:小程序/Web端加密鉴权绕过案例全复现](https://mp.weixin.qq.com/s/gJU7m_XbvfBzGaaVDzsZLg) - [ ] [同样是挖洞,为什么我提交的报告全是重复or忽略?](https://mp.weixin.qq.com/s/f7Ew-AsdPdxwTTATAXEBmQ) - [ ] [官方授牌!神州希望正式成为三亚亚沙会支持单位(白银级)](https://mp.weixin.qq.com/s/VohAqD650JyguMKVZ6W4MQ) - [ ] [如果AI能自动发现漏洞,企业还愿意花高价请安全团队吗?](https://mp.weixin.qq.com/s/CB1ABeDSD_2k4UjrVxKJfQ) - [ ] [直播预告|腾讯云:如何养出好用可控的企业级 AI “小龙虾”?](https://mp.weixin.qq.com/s/Y95bRIE_RI1h9ZViiUulHw) - [ ] [免费赠送 | 防范网络电信诈骗宣传素材(第二十期)](https://mp.weixin.qq.com/s/axflo0Hz-SRurSD_RXolEw) - [ ] [AI赋能CTF比赛-Web类(burpmcp+kalimcp)](https://mp.weixin.qq.com/s/uvsdPsJUuAA3uEBg_bwI6g) - [ ] [Langflow 远程代码执行漏洞(CVE-2026-33017) 复现](https://mp.weixin.qq.com/s/bA4QfIlrLyvFjG_n8ZO0Jg) - [ ] [#](https://mp.weixin.qq.com/s/l7-dWHkmamQSFWU7MP_cwA) - [ ] [泛微 E-cology 10 未授权远程代码执行漏洞分析与安全风险解读](https://mp.weixin.qq.com/s/OqS-aKp03ywBJczQmq6BPA) - [ ] [第一天学习CCIE](https://mp.weixin.qq.com/s/yO4Bd_bW6ietFKvsmFiZEg) - [ ] [让 AI 帮你逆向 JS:js-reverse-mcp](https://mp.weixin.qq.com/s/KFB4g3ZIGLxYQsIiZrK4kQ) - [ ] [捷报!宁夏网安职业技术学院在全国网安大赛中斩获佳绩,彰显实战育人新高度](https://mp.weixin.qq.com/s/o9Hpbc-QXpgfhC7TxdYe7w) - [ ] [密码杂谈](https://mp.weixin.qq.com/s/WUCuhLZGNo9Ey3N58aTs0A) - [ ] [我的 AI Coding 最佳实践](https://mp.weixin.qq.com/s/CFhrB_ukb8noVEFa7H9dIQ) - [ ] [使用AI帮我开发的一个免杀加载器工具](https://mp.weixin.qq.com/s/DEwYIgPYiZdUmrhNLiJzAw) - [ ] [滴滴邀你一起,迈入智能工作美好协同](https://mp.weixin.qq.com/s/HxuaMv62rqVN6xi-Zdb7VQ) - [ ] [Cursor承认用Kimi训练,Anthropic月入25亿,AI编程的天变了](https://mp.weixin.qq.com/s/TRnG0zMyh4tXE4juzPHvig) - [ ] [【星火之声】第二期:CISCN&CCB半决赛WriteUp](https://mp.weixin.qq.com/s/69aC-cpQOLqpoVKNO51KKg) - [ ] [WSDM 2026|快手大促CVR预测技术斩获最佳长文提名奖!](https://mp.weixin.qq.com/s/nO59NE0gKSxVmJ5-L0Et7g) - [ ] [PHP代码审计Skill 【0day杀手】](https://mp.weixin.qq.com/s/yW1ud59ubiztZK-PMKDiBQ) - [ ] [邀请函 | 2026年C3安全大会与您相约成都](https://mp.weixin.qq.com/s/34HPro4rFyOIo2O4oQImYQ) - [ ] [威胁行为者以 MS-SQL 服务器为目标,部署 ICE 云扫描器恶意软件](https://mp.weixin.qq.com/s/MBEBqMqg6aL0VgcprxiaWg) - [ ] [黄金配置](https://mp.weixin.qq.com/s/mKd4ihgS_FgStcB5S7pnag) - [ ] [论文一直投不中?大牛帮修改、选刊、投稿、返修后,被拒的5篇SCI全中了!](https://mp.weixin.qq.com/s/dEeYavINRKw0BatBJmlK3w) - [ ] [当你的行车记录仪成为“公共直播”:一次真实的免下车入侵之旅](https://mp.weixin.qq.com/s/Of31ZQya0VLymxgqrfU9cg) - [ ] [AI时代网络安全分析报告](https://mp.weixin.qq.com/s/WBJSyztsyhhWNN_52adqew) - [ ] [盛邦安全EADA卫星互联网内生主动防御架构研发成功,研究成果发表《中国科学:信息科学》](https://mp.weixin.qq.com/s/HT67puHl8uatAPgRXBKZgg) - [ ] [当 Token 被称为“词元”:一场关于 AI 命名权与工业叙事](https://mp.weixin.qq.com/s/0EpWI_Mqer-0eIE0BD_iqA) - [ ] [网络安全AI智能体在金融业落地挑战与实践探索](https://mp.weixin.qq.com/s/39juWORdW8KBHTdb8Iq5hA) - [ ] [H3C新网络系列(VSR NFV VCF)全套维护指导书](https://mp.weixin.qq.com/s/4x5Xr9eB4QmKcpYTqnCx9A) - [ ] [腾讯云从业者认证知识列表学习笔记题库合集](https://mp.weixin.qq.com/s/5ZlRj_Fl_QBJI5vq0QWgYA) - [ ] [网络技术思维导图大全(共29份)](https://mp.weixin.qq.com/s/r5-WdeZ4Br3OowUesSPMKg) - [ ] [华为官方SDN核心技术资料汇总集(含iMaster NCE、Agile Controller)](https://mp.weixin.qq.com/s/P-LPLH9pxE_NPzeU0rGV2w) - [ ] [华为CloudEngine 16800, 12800, 12800E, 8800, 7800, 6800, 5800系列交换机 维护宝典](https://mp.weixin.qq.com/s/2Vj-xji91LRm4Ix135nRuA) - [ ] [虚拟化核心技术全套学习PPT(共18份)](https://mp.weixin.qq.com/s/vwBsJ9kN4oAbr4y4agyO2Q) - [ ] [多品牌网络设备命令配置实战合集(13份)](https://mp.weixin.qq.com/s/yMnvp016DdqJpccLkeNUdQ) - [ ] [Alcatel OmniSwitch交换机 用户使用手册(完整版)](https://mp.weixin.qq.com/s/Cjp2G9nQ4YZg-n6uX0evbg) - [ ] [用结构化的思维,重新认识一下“时间”](https://mp.weixin.qq.com/s/AmdIaM-AEyTXTAHiF8yRcw) - [ ] [【成功复现】Langflow 远程代码执行漏洞(CVE-2026-33017)](https://mp.weixin.qq.com/s/yzJtnx1rEdOVKvFCCco4Yg) - Tenable Blog - [ ] [Meet Tenable Hexa AI: Agentic AI for exposure management](https://www.tenable.com/blog/hexa-ai-agentic-ai-for-exposure-management) - TRY博客 - [ ] [AI分享|一款支持puaAi的skill](https://www.nctry.com/2812.html) - Microsoft Security Blog - [ ] [Governing AI agent behavior: Aligning user, developer, role, and organizational intent](https://techcommunity.microsoft.com/blog/microsoft-security-blog/governing-ai-agent-behavior-aligning-user-developer-role-and-organizational-inte/4503551) - 先知安全技术社区 - [ ] [Java 安全 · AI & Security 两大技术图谱正式上线!](https://xz.aliyun.com/news/91828) - [ ] [中国电信大可实验室2026年校园招聘正式启动!](https://xz.aliyun.com/news/91825) - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com - [ ] [“养龙虾” 安全危机!官方发布 “关于OpenClaw安全应用的风险提示”](https://www.4hou.com/posts/DxMk) - [ ] [美国国务院发布全球范围安全警示](https://www.4hou.com/posts/6MrN) - [ ] [意大利最高国防委员会会议使用录音屏蔽器](https://www.4hou.com/posts/Zglg) - [ ] [360“安全龙虾”全国巡回汕头站火爆开局,全民AI热潮席卷50城](https://www.4hou.com/posts/l0K1) - [ ] [新型网络攻击InstallFix曝光:伪装CLI工具安装指令,诱导执行恶意命令](https://www.4hou.com/posts/2X6A) - [ ] [嘶吼安全动态|工信部部署2026年信息通信业安全生产和网络运行安全工作 Copilot及Cursor等AI编码助手曝规则文件注入漏洞](https://www.4hou.com/posts/7MvB) - [ ] [从“可用”到“可信”:梆梆安全打造省级政务APP安全建设新标杆,护航政务服务行稳致远](https://www.4hou.com/posts/KGM8) - obaby 𝐢𝐧⃝ void - [ ] [野心家](https://zhongxiaojie.cn/2026/03/667/) - No Headback - [ ] [AI 巡检与 AI 排障](http://xargin.com/ai-debugging/) - SecWiki News - [ ] [SecWiki News 2026-03-24 Review](http://www.sec-wiki.com/?2026-03-24) - Recent Commits to cve:main - [ ] [Update Tue Mar 24 11:13:12 UTC 2026](https://github.com/trickest/cve/commit/9be363b14394db29b6406b7b8bd17ee94b468a7a) - paper - Last paper - [ ] [静默颠覆:通过卫星系统供应链植入物实施的传感器欺骗攻击](https://paper.seebug.org/3475/) - ArthurChiao's Blog - [ ] [OpenClaw:技术解读和给 AI 应用开发的启示(2026)](https://arthurchiao.art/blog/openclaw-technical-notes-zh/) - Horizon3.ai - [ ] [CVE-2026-20079](https://horizon3.ai/attack-research/vulnerabilities/cve-2026-20079/) - [ ] [Horizon3.ai Named to Fast Company’s Annual List of the World’s Most Innovative Companies of 2026](https://horizon3.ai/news/press-release/horizon3-fast-company-most-innovative-2026/) - GuidePoint Security - [ ] [The AI Transparency Paradox: Building Trust Without Expanding Risk](https://www.guidepointsecurity.com/blog/ai-transparency-paradox-build-trust-without-risk/) - Bug Bounty in InfoSec Write-ups on Medium - [ ] [Privilege Escalation: How Broken Access Control Led to Full Account Takeover](https://infosecwriteups.com/privilege-escalation-how-broken-access-control-led-to-full-account-takeover-c7b42bb9f47b?source=rss----7b722bfd1b8d--bug_bounty) - [ ] [Misconfigured SSO Led to a Critical Issue](https://infosecwriteups.com/misconfigured-sso-led-to-a-critical-issue-81c4c11d1a48?source=rss----7b722bfd1b8d--bug_bounty) - The Trail of Bits Blog - [ ] [Spotting issues in DeFi with dimensional analysis](https://blog.trailofbits.com/2026/03/24/spotting-issues-in-defi-with-dimensional-analysis/) - Malwarebytes - [ ] [FBI, CISA warn of Russian hackers hijacking Signal and WhatsApp accounts](https://www.malwarebytes.com/blog/news/2026/03/fbi-cisa-warn-of-russian-hackers-hijacking-signal-and-whatsapp-accounts) - [ ] [Scam compounds hiring “AI models” to seal the deal in deepfake video calls](https://www.malwarebytes.com/blog/news/2026/03/scam-compounds-hiring-ai-models-to-seal-deal-in-deepfake-video-calls) - VMRay - [ ] [Tracing Blockchain-Controlled Malware Across Chains: A Joint Investigation by VMRay and Iknaio](https://www.vmray.com/tracing-blockchain-controlled-malware-across-chains-a-joint-investigation-by-vmray-and-iknaio/) - Intigriti - [ ] [Vulnerability disclosure for AI safeguards. How open should programs be and what incentives are necessary?](https://www.intigriti.com/blog/business-insights/vulnerability-disclosure-for-ai-safeguards-how-open-should-programs-be-and-what-i) - Checkmarx - [ ] [Checkmarx DAST for the AI Coding Era: Runtime Security at Machine Speed](https://checkmarx.com/blog/checkmarx-dast-for-the-ai-coding-era/) - [ ] [Checkmarx Security Update](https://checkmarx.com/blog/checkmarx-security-update/) - text/plain - [ ] [Windows: Choose Where To Get Apps](https://textslashplain.com/2026/03/24/windows-choose-where-to-get-apps/) - HackerNews - [ ] [朝鲜黑客滥用 VS Code 自动运行任务部署 StoatWaffle 恶意软件](https://hackernews.cc/archives/63942) - [ ] [FBI 警告:Handala 黑客利用 Telegram 实施恶意软件攻击](https://hackernews.cc/archives/63941) - [ ] [微软警告:IRS 钓鱼邮件波及 2.9 万用户,远程管理工具成攻击新载体](https://hackernews.cc/archives/63943) - [ ] [马自达披露安全漏洞:员工及合作伙伴数据遭泄露](https://hackernews.cc/archives/63940) - [ ] [Crunchyroll 调查数据泄露事件:黑客声称窃取 680 万用户数据](https://hackernews.cc/archives/63939) - 奇客Solidot–传递最新科技情报 - [ ] [LG Display 量产刷新率在 1-120Hz 之间自动调节的笔记本显示屏](https://www.solidot.org/story?sid=83860) - [ ] [Intoxalock 遭到网络攻击导致美国多地汽车无法启动](https://www.solidot.org/story?sid=83858) - [ ] [适度喝咖啡或有助于保护大脑](https://www.solidot.org/story?sid=83857) - [ ] [超加工食品与男性生育能力下降相关](https://www.solidot.org/story?sid=83856) - [ ] [【重磅推荐】2026 年度 NVIDIA 创业企业展示现已启动招募!](https://www.solidot.org/story?sid=83855) - [ ] [Firefox 149 释出](https://www.solidot.org/story?sid=83854) - [ ] [AI 促使源码进化还是导致它灭绝?](https://www.solidot.org/story?sid=83853) - [ ] [亚马逊 AWS 位于巴林的数据中心第二次因无人机活动中断服务](https://www.solidot.org/story?sid=83852) - [ ] [美国科学大国地位动摇](https://www.solidot.org/story?sid=83851) - [ ] [2026 年阿贝尔奖授予了证明莫德尔猜想的 Gerd Faltings](https://www.solidot.org/story?sid=83850) - [ ] [Reddit 考虑对用户进行验证](https://www.solidot.org/story?sid=83849) - [ ] [干旱可能会促进耐抗生素微生物生长](https://www.solidot.org/story?sid=83848) - [ ] [美国禁售外国公司制造的新消费级路由器](https://www.solidot.org/story?sid=83847) - Offensive Security Blog: Latest Trends in Hacking | Praetorian - [ ] [Azure APIM Signup Bypass: 97.9% of Developer Portals Still Exploitable Anonymously and from the Internet](https://www.praetorian.com/blog/azure-apim-signup-bypass/) - rtl-sdr.com - [ ] [Saveitforparts: Testing a Prototype Discovery Drive Az/El Antenna Rotator](https://www.rtl-sdr.com/saveitforparts-testing-a-prototype-discovery-drive-az-el-antenna-rotator/) - [ ] [Wavelingo: Real-Time AI Shortwave Translation for the KiwiSDR Network](https://www.rtl-sdr.com/wavelingo-real-time-ai-shortwave-translation-for-the-kiwisdr-network/) - [ ] [GridDown: An Offline-First Situational Awareness Platform with RTL-SDR, SARSAT, Meshtastic](https://www.rtl-sdr.com/griddown-an-offline-first-situational-awareness-platform-with-rtl-sdr-sarsat-meshtastic/) - [ ] [RDF-J / ECM-J System: TDoA Signal Location Finding and Electronic Jamming with HackRF](https://www.rtl-sdr.com/rdf-j-ecm-j-system-tdoa-signal-location-finding-and-electronic-jamming-with-hackrf/) - 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台 - [ ] [Arm公司宣布开始销售量产自研芯片产品](https://blog.upx8.com/Arm%E5%85%AC%E5%8F%B8%E5%AE%A3%E5%B8%83%E5%BC%80%E5%A7%8B%E9%94%80%E5%94%AE%E9%87%8F%E4%BA%A7%E8%87%AA%E7%A0%94%E8%8A%AF%E7%89%87%E4%BA%A7%E5%93%81) - [ ] [NASA放弃绕月空间站 押注月球基地](https://blog.upx8.com/NASA%E6%94%BE%E5%BC%83%E7%BB%95%E6%9C%88%E7%A9%BA%E9%97%B4%E7%AB%99-%E6%8A%BC%E6%B3%A8%E6%9C%88%E7%90%83%E5%9F%BA%E5%9C%B0) - 雷神众测 - [ ] [雷神众测漏洞周报2026.3.16-2026.3.22](https://mp.weixin.qq.com/s?__biz=MzI0NzEwOTM0MA==&mid=2652503735&idx=1&sn=2f1ae3388f3a9c703a7606d6b2ca7d44) - 奇安信 CERT - [ ] [今日(2026年3月24日)OpenClaw 最新安全动态总结](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247504843&idx=1&sn=054bd28092957b5b5bb7a3944a10cd3a) - 绿盟科技研究通讯 - [ ] [RSAC 2026创新沙盒 | Geordie AI:企业 AI Agent 安全治理体系的构建者](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247499664&idx=1&sn=c95bffce592edd62621c0c667a7f0eef) - [ ] [RSAC 2026创新沙盒 | ZeroPath:从告警堆积到可执行修复](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247499664&idx=2&sn=71166c9a43aacfda29079ebe6beb30a7) - 威努特安全网络 - [ ] [威努特电力监控系统专用备份方案筑牢能源安全防线](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651141119&idx=1&sn=e8921e884db48defc19c82dd98ceefa0) - 黑鸟 - [ ] [关键基础设施的路由安全:一文读懂BGP替代者SCION](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451185947&idx=1&sn=a79c089f1b90dbfb73e6f1ab67e6a425) - 安全分析与研究 - [ ] [进程操作技术(下)——进程注入与线程劫持](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247496574&idx=1&sn=a55d02786deb520a03241f5f019cd889) - 看雪学苑 - [ ] [软件ollvm混淆登录参数分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458612391&idx=1&sn=ce846ffcfcbf3cc48919af7419e28e83) - [ ] [GEEKCON 2026 报名开启!AI干掉黑客,还是黑客干掉 AI?](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458612391&idx=2&sn=a6d0803218514d8f3a7460cba9d68e38) - [ ] [伪装成 ChatGPT 测试邀请!安卓用户遭遇账号接管攻击](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458612391&idx=3&sn=4223cd02cc353397e0853d9dd1acceda) - [ ] [【含试看】冰与火的战歌:Windows内核攻防实战](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458612391&idx=4&sn=d65061702a160a1bb627d8897598a4c4) - 丁爸 情报分析师的工具箱 - [ ] [【龙虾报告】中东战争动态(3.24)](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651154922&idx=1&sn=5522de2b24b39f2cee9bee674c60da6d) - [ ] [【培训】开源情报分析师实战能力培训班-4月成都开班(有邀请函)](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651154922&idx=2&sn=3cf0de4738a14e2e5dcd9ba14ea178e2) - 代码卫士 - [ ] [QNAP QVR Pro 严重漏洞可导致系统遭远程访问](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247525536&idx=1&sn=374ba844d9e8b8936f3ab544ef312259) - [ ] [马自达员工和合作伙伴个人数据遭泄露](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247525536&idx=2&sn=cfdc9d201f452aff7792d5fba9d0607f) - 微步在线研究响应中心 - [ ] [AI Coding Agent最新攻击总结:7大漏洞利用手法](https://mp.weixin.qq.com/s?__biz=Mzg5MTc3ODY4Mw==&mid=2247508389&idx=1&sn=a3afdb49432f816d071a103ec98add35) - 信息安全国家工程研究中心 - [ ] [一图读懂《网络安全技术 信息安全风险管理指导》](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247503253&idx=1&sn=b9d06e82a7c2d026f8269b4fcbbbefdc) - 安全内参 - [ ] [PB级罕见规模!外包巨头遭网络攻击,1PB数据疑似泄露](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515717&idx=1&sn=94640f2c622895f4e0194affd6312d6a) - [ ] [Agentic AI安全与治理厂商Geordie AI获得RSAC 2026创新沙盒冠军](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515717&idx=2&sn=f6831edc3e179575cec99a27d5ac3f68) - 中国信息安全 - [ ] [专题·原创 | 《中华人民共和国网络安全法》修改内容解读与产业合规实践路径](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260605&idx=1&sn=9dee5cc17e60fa5e058a6a6286248a88) - [ ] [任贤良:抢抓人工智能发展战略机遇期,携手构建网络空间命运共同体](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260605&idx=2&sn=3e6975c695bb297d1c53942574c77b78) - [ ] [“龙虾”热来袭!OpenClaw能帮我们做哪些?又藏有哪些风险?](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260605&idx=3&sn=33338ba58f085ecc5e7e5169e27188cc) - [ ] [观点 | 建设开放共享安全的全国一体化数据市场](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260605&idx=4&sn=1f90d862ef41ebd2ea2cc9926fb7aa80) - [ ] [评论 | 依法斩断AI“投毒”产业链](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260605&idx=5&sn=a60866512605271d0698b3924acd1524) - 威胁棱镜 - [ ] [Virus Bulletin 2024 议题慢递](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247488540&idx=1&sn=e1caba209ab0c0fcfc0b491b5e4348e2) - 信安之路 - [ ] [永久密钥:VIP99-SUPER-MAX66-PRO88-TOP01](https://mp.weixin.qq.com/s?__biz=MzI5MDQ2NjExOQ==&mid=2247500490&idx=1&sn=762e60933c97ec1c066625d075a3ecfd) - XCTF联赛 - [ ] [GEEKCON 2026 报名开启!AI干掉黑客,还是黑客干掉 AI?](https://mp.weixin.qq.com/s?__biz=MjM5NDU3MjExNw==&mid=2247516219&idx=1&sn=02bee53d09b1adb5c4274c2eea5071b6) - 安全牛 - [ ] [对话2026|47天新规下,企业SSL证书安全的核心解法](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651140856&idx=1&sn=289a042db951bcf9163e7b6e3ef33ac8) - [ ] [2026年勒索软件攻击深度解析:根源、新威胁与务实防御策略](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651140856&idx=2&sn=33f19cf47c6fe2e562939b629846c5d3) - 青藤云安全 - [ ] [网络安全AI智能体在金融业落地挑战与实践探索](https://mp.weixin.qq.com/s?__biz=MzAwNDE4Mzc1NA==&mid=2650851051&idx=1&sn=b4397373a8a85429156db109f66933a0) - 网安杂谈 - [ ] [Openclaw最新版本3.22翻车,是研究下卸载和降级的时候了](https://mp.weixin.qq.com/s?__biz=MzAwMTMzMDUwNg==&mid=2650890250&idx=1&sn=62840fdfb421421640d3dc036ec3ad3d) - [ ] [【赠书2本】红队实战指南:AI驱动的渗透测试、红队评估和漏洞挖掘](https://mp.weixin.qq.com/s?__biz=MzAwMTMzMDUwNg==&mid=2650890250&idx=2&sn=1ca01bbcde640b131dd2e02b7248f3f9) - 安全圈 - [ ] [【安全圈】马自达通报安全事件:员工和合作伙伴数据遭泄露](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075041&idx=1&sn=ae9e793a53a8639e64c1a2ab362f1677) - [ ] [【安全圈】朝鲜黑客滥用 VS Code 自动运行任务部署 StoatWaffle 恶意软件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075041&idx=2&sn=5ef9c2fe6a9380067fe867df753048fc) - [ ] [【安全圈】微软警告:IRS 钓鱼邮件波及 2.9 万用户,远程管理工具成攻击新载体](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075041&idx=3&sn=92dcf5afd39cf49ed5a78059f7727089) - 极客公园 - [ ] [打车,不只是为了从 A 到 B](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653101971&idx=1&sn=52ae19ed46823611c8384b33ada1a649) - [ ] [OpenClaw 还在屏幕里打工,Looki 已经「走进」你的生活](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653101934&idx=1&sn=e6e5f87220a3350de9635976f3f39516) - [ ] [苹果 WWDC26 定档 6 月 9 日,AI 是重点;OpenAI 施压谷歌,将 ChatGPT 列为默认搜索引擎;4 成美国人想买中国新能源车|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653101954&idx=1&sn=81dc59e09ee2c1ef137f4abaee056e7b) - 嘶吼专业版 - [ ] [新型网络攻击InstallFix曝光:伪装CLI工具安装指令,诱导执行恶意命令](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247587334&idx=1&sn=11b09d42dea8ca2983950cee5cbd0004) - [ ] [嘶吼安全动态|工信部部署2026年信息通信业安全生产和网络运行安全工作 Copilot及Cursor等AI编码助手曝规则文件注入漏洞](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247587334&idx=2&sn=13c14c65944712b54b9bd2e8ae678683) - 数世咨询 - [ ] [人工智能极大提升了效率和效能,对网络犯罪分子而言](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247542212&idx=1&sn=288165111c7ddc7d17c89dcab9208037) - [ ] [【个人免费】安恒“龙虾卫士”——ClawdSecBot个人版全面开源!](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247542212&idx=2&sn=57d3896f9b8b23ec132597113ae60525) - 吴鲁加 - [ ] [忘掉经验](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485981&idx=1&sn=a5d23989beabf38b4d889404d62b282f) - 慢雾科技 - [ ] [SlowMist Agent Security Skill 正式发布,守护 AI Agent 每一道防线](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247504542&idx=1&sn=877bb46e71ffb4b97ef69748773ee304) - 情报分析师 - [ ] [真正的情报高手,第一步从来不是搜集信息!你看到的信息越多判断反而越差,情报圈最忌讳的三大信息陷阱](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650567216&idx=1&sn=d69c314fa51974d72752d6af21464b7e) - [ ] [【热点研判】日本在霍尔木兹问题上向美国表示愿合作但强调法律边界/韩国加入霍尔木兹联合声明/霍尔木兹危机与韩美同盟"最宽裂缝"](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650567216&idx=2&sn=53ce4ce22a5e61ea5292dec7746d517c) - [ ] [多模型、多平台协同下的国家安全威胁识别研究:单一平台治理为何不足](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650567216&idx=3&sn=5d27885e552a924e893bd5f2b8826c2f) - [ ] [一个邮箱地址,他怎么找出了你的所有社交账号、手机号、泄露密码?Maltego实战拆解](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650567216&idx=4&sn=1423d48020f3827fd55e9f15748cac49) - 墨菲安全 - [ ] [墨菲安全发布SCA 4.0:AI原生、Skills 检测](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488355&idx=1&sn=80031d58f3bd1bc3c20fa1668ac823b1) - 迪哥讲事 - [ ] [参数未校验所导致的账户劫持](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247499209&idx=1&sn=e5e689ed7346043adff271f8e5cdac9e) - 360数字安全 - [ ] [RSAC 2026 | Agent安全与AI SOC引领变革](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247585522&idx=1&sn=f4653049ed5af9346555762657456353) - Qualys Security Blog - [ ] [The Rise of Managed Risk Operations: How the New Qualys mROC Portal Helps Partners Scale the Risk Operations Center](https://blog.qualys.com/category/product-tech) - TrustedSec - [ ] [Building a Detection Foundation: Part 4 - Sysmon](https://trustedsec.com/blog/building-a-detection-foundation-part-4-sysmon) - Arturo Di Corinto - [ ] [SCIOPERO GIORNALISTI](https://dicorinto.it/associazionismo/sciopero-giornalisti/) - [ ] [Stampa Romana: ora garanzie concrete per i colleghi di Gedi](https://dicorinto.it/associazionismo/stampa-romana-ora-garanzie-concrete-per-i-colleghi-di-gedi/) - 安全行者老霍 - [ ] [网络安全必须跟上人工智能发展的步伐](https://mp.weixin.qq.com/s?__biz=Mzg3NjU4MDI4NQ==&mid=2247486224&idx=1&sn=c545d4d3d3e8419a87525cb0c296b923) - IntelTechniques Blog - [ ] [Upcoming OSINT Live Courses](https://inteltechniques.com/blog/2026/03/24/upcoming-osint-live-courses/) - DARKNAVY - [ ] [GEEKCON 2026 报名开启!AI干掉黑客,还是黑客干掉 AI?](https://mp.weixin.qq.com/s?__biz=MzkyMjM5MTk3NQ==&mid=2247497885&idx=1&sn=8d67a924d4db0cff74f59c6b5297f6f3) - Kali Linux - [ ] [Kali Linux 2026.1 Release (2026 Theme & BackTrack Mode)](https://www.kali.org/blog/kali-linux-2026-1-release/) - ICT Security Magazine - [ ] [Sangfor Technologies: sicurezza informatica e infrastruttura iperconvergente per la trasformazione digitale](https://www.ictsecuritymagazine.com/notizie/sangfor-technologies-sicurezza-digitale/) - [ ] [TeamPCP worm cloud-native: quando la tua infrastruttura diventa un data center criminale](https://www.ictsecuritymagazine.com/articoli/teampcp-worm-cloud-native/) - Over Security - Cybersecurity news aggregator - [ ] [PTC warns of imminent threat from critical Windchill, FlexPLM RCE bug](https://www.bleepingcomputer.com/news/security/ptc-warns-of-imminent-threat-from-critical-windchill-flexplm-rce-bug/) - [ ] [UK pilot program to test social media restrictions on families before government decides on ban](https://therecord.media/uk-social-media-ban-pilot) - [ ] [Popular LiteLLM PyPI package compromised in TeamPCP supply chain attack](https://www.bleepingcomputer.com/news/security/popular-litellm-pypi-package-compromised-in-teampcp-supply-chain-attack/) - [ ] [Vibe coding could reshape SaaS industry and add security risks, warns UK cyber agency](https://therecord.media/vibe-coding-uk-security-risk) - [ ] [Stryker says malware was involved in recent cyberattack as production lines reopen](https://therecord.media/stryker-cyberattack-malware-iran) - [ ] [FCC bans new routers made outside the USA over security risks](https://www.bleepingcomputer.com/news/security/fcc-bans-new-routers-made-outside-the-usa-over-security-risks/) - [ ] [Kali Linux 2026.1 Release (2026 Theme & BackTrack Mode)](https://www.kali.org/blog/kali-linux-2026-1-release/) - [ ] [‘Your Data Will Be Used Against You’: Author of new book on the dangers of a surveillance society](https://therecord.media/your-data-will-be-used-against-you-author-surveillance-technology) - [ ] [Firefox now has a free built-in VPN with 50GB monthly data limit](https://www.bleepingcomputer.com/news/security/firefox-now-has-a-free-built-in-vpn-with-50gb-monthly-data-limit/) - [ ] [API sotto attacco: la sicurezza dell’AI passa dall’infrastruttura applicativa](https://www.securityinfo.it/2026/03/24/api-sotto-attacco-la-sicurezza-dellai-passa-dallinfrastruttura-applicativa/) - [ ] [FCC bans foreign-made routers from US market over ‘unacceptable risk’](https://therecord.media/fcc-routers-banned-security-china) - [ ] [Reati informatici e punibilità in Italia: un sistema “aperto” non è reato](https://www.cybersecurity360.it/nuove-minacce/reati-informatici-e-punibilita-in-italia-un-sistema-aperto-non-e-reato/) - [ ] [Microsoft fixes bug causing Classic Outlook sync issues with Gmail](https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-causing-outlook-sync-issues-for-gmail-users/) - [ ] [Recensione pCloud 2026: Privacy svizzera e storage a vita](https://www.cybersecurity360.it/cultura-cyber/recensione-pcloud-2026-privacy-svizzera-e-storage-a-vita/) - [ ] [Claudy Day: quando la prompt injection esfiltra dati riservati](https://www.cybersecurity360.it/nuove-minacce/claudy-day-quando-la-prompt-injection-esfiltra-dati-riservati/) - [ ] [Iran-linked ransomware gang targeted US healthcare org amid military conflict](https://therecord.media/iran-linked-ransomware-gang-targeted-us-healthcare-org) - [ ] [Dutch Finance Ministry probing cyber breach affecting internal systems](https://therecord.media/netherlands-finance-ministry-cyberattack-breach) - [ ] [HackerOne discloses employee data breach after Navia hack](https://www.bleepingcomputer.com/news/security/hackerone-discloses-employee-data-breach-after-navia-hack/) - [ ] [Zero Trust: Bridging the Gap Between Authentication and Trust](https://www.bleepingcomputer.com/news/security/zero-trust-bridging-the-gap-between-authentication-and-trust/) - [ ] [Infinite Campus warns of breach after ShinyHunters claims data theft](https://www.bleepingcomputer.com/news/security/infinite-campus-warns-of-breach-after-shinyhunters-claims-data-theft/) - [ ] [Anime streaming giant Crunchyroll says hacker stole data related to customer service tickets](https://therecord.media/crunchyroll-hacker-anime-data-theft) - [ ] [Yanluowang ransomware access broker gets 81 months in prison](https://www.bleepingcomputer.com/news/security/yanluowang-ransomware-access-broker-gets-81-months-in-prison/) - [ ] [Russian hacker who helped Yanluowang ransomware gang gets nearly 7 year prison sentence](https://therecord.media/hacker-russian-ransomware-sentenced-doj) - [ ] [Dutch Ministry of Finance discloses breach affecting employees](https://www.bleepingcomputer.com/news/security/dutch-ministry-of-finance-discloses-breach-affecting-employees/) - [ ] [Russian Access Broker Gets Nearly 7 Yrs for Enabling Millions in Ransomware Extortion](https://thecyberexpress.com/russian-access-broker-gets-7-yrs-prison-time/) - [ ] [Cyber attacchi, Italia tra i Paesi più colpiti: ma quanto tempo serve alle aziende per ripartire?](https://www.cybersecurity360.it/nuove-minacce/cyber-attacchi-italia-tra-i-paesi-piu-colpiti-ma-quanto-tempo-serve-alle-aziende-per-ripartire/) - [ ] [Canada-Based Organization Health Shared Services Accelerates SOC Investigations with ANY.RUN](https://any.run/cybersecurity-blog/healthcare-success-story/) - [ ] [Oracle Issues Emergency Patch for Critical Flaw Enabling Remote Code Execution](https://thecyberexpress.com/oracle-identity-manager-cve-2026-21992-patch/) - [ ] [Common Entra ID Security Assessment Findings – Part 1: Foreign Enterprise Applications With Privileged API Permissions](https://blog.compass-security.com/2026/03/common-entra-id-security-assessment-findings-part-1-foreign-enterprise-applications-with-privileged-api-permissions/) - [ ] [NIS 2: sistema documentale come prova di diligenza e responsabilità del vertice](https://www.cybersecurity360.it/legal/nis-2-sistema-documentale-come-prova-di-diligenza-e-responsabilita-del-vertice/) - [ ] [Silver Fox: The Only Tax Audit Where the Fine Print Installs Malware](https://blog.sekoia.io/silver-fox-the-only-tax-audit-where-the-fine-print-installs-malware/) - [ ] [Licenziabili le vittime di cyber truffe: i dipendenti sono responsabili, ma serve anche governance](https://www.cybersecurity360.it/news/cassazione-cyber-truffa-dipendente-licenziabile-caso-ceo-fraud/) - [ ] [The Biggest Threat to Your Digital Security Isn’t a Hacker — It’s Human Nature, Says Dr. Sheeba Armoogum](https://thecyberexpress.com/dr-sheeba-armoogum-interview/) - [ ] [Alleged Cyberattack on Crunchyroll Exposes Risks in Outsourced Systems](https://thecyberexpress.com/crunchyroll-data-breach/) - [ ] [Iran-Linked Hackers Use Messaging Platform to Target Dissidents and Journalists](https://thecyberexpress.com/iran-telegram-malware-fbi-warns/) - [ ] [India’s Evolving Cyber Threat Landscape: State-Sponsored Attacks, Hacktivism, and What’s Next in 2026](https://cyble.com/blog/india-cyber-threat-landscape-2026-attacks-trends/) - [ ] [AWS Bedrock: otto vettori che trasformano l’AI in un punto d’ingresso](https://www.securityinfo.it/2026/03/23/aws-bedrock-otto-vettori-che-trasformano-lai-in-un-punto-dingresso/) - [ ] [Inside the Woundtech Leak: Missed Opportunity or Mismanaged Response?](https://www.suspectfile.com/inside-the-woundtech-leak-missed-opportunity-or-mismanaged-response/) - [ ] [Hacker walks away with $24.5 million after breaching Resolv DeFi platform](https://therecord.media/hacker-breaches-resolv-defi-25-million) - [ ] [OpenAI rolls out ChatGPT Library to store your personal files](https://www.bleepingcomputer.com/news/artificial-intelligence/openai-rolls-out-chatgpt-library-to-store-your-personal-files/) - bellingcat - [ ] [Munition Remnants Pictured at Site of Deadly Chad Strike Match Weapon Previously Used by Sudan’s RSF](https://www.bellingcat.com/news/2026/03/24/munition-remnants-pictured-at-site-of-deadly-chad-strike-match-weapon-previously-used-by-sudans-rsf/) - 360威胁情报中心 - [ ] [APT-C-13(沙虫)RDP后门攻击活动](https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247508035&idx=1&sn=4d58712823b2121714adf4edbea69f60) - Securityinfo.it - [ ] [API sotto attacco: la sicurezza dell’AI passa dall’infrastruttura applicativa](https://www.securityinfo.it/2026/03/24/api-sotto-attacco-la-sicurezza-dellai-passa-dallinfrastruttura-applicativa/?utm_source=rss&utm_medium=rss&utm_campaign=api-sotto-attacco-la-sicurezza-dellai-passa-dallinfrastruttura-applicativa) - Javvad Malik - [ ] [The Tut of Superiority](https://javvadmalik.com/2026/03/24/the-tut-of-superiority/) - Microsoft Browser Vulnerability Research - [ ] [Using Markov Models for Password Complexity Estimation in Microsoft Edge](https://microsoftedge.github.io/edgevr/posts/Using-Markov-model-for-password-complexity-estimation-in-microsoft-edge/) - Troy Hunt's Blog - [ ] [Weekly Update 496](https://www.troyhunt.com/weekly-update-496/) - TaoSecurity Blog - [ ] [Mandiant Global Median Dwell Time Deteriorates from 11 to 14 Days](https://taosecurity.blogspot.com/2026/03/mandiant-global-median-dwell-time.html) - Schneier on Security - [ ] [Team Mirai and Democracy](https://www.schneier.com/blog/archives/2026/03/team-mirai-and-democracy.html) - TorrentFreak - [ ] [GitHub Nukes 900+ Anime Piracy Repos and Forks, But Rejects ‘Circumvention’ Claims](https://torrentfreak.com/github-nukes-900-anime-piracy-repos-and-forks-but-rejects-circumvention-claims/) - Security Affairs - [ ] [Data breach at Dutch Ministry of Finance impacts staff following cyberattack](https://securityaffairs.com/189929/data-breach/data-breach-at-dutch-ministry-of-finance-impacts-staff-following-cyberattack.html) - [ ] [QualDerm Partners December 2025 data breach impacts over 3 Million people](https://securityaffairs.com/189917/data-breach/qualderm-partners-december-2025-data-breach-impacts-over-3-million-people.html) - [ ] [Citrix NetScaler critical flaw could leak data, update now](https://securityaffairs.com/189908/security/citrix-netscaler-critical-flaw-could-leak-data-update-now.html) - [ ] [81-month sentence for Russian hacker behind major ransomware campaigns](https://securityaffairs.com/189900/cyber-crime/81-month-sentence-for-russian-hacker-behind-major-ransomware-campaigns.html) - [ ] [North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware](https://securityaffairs.com/189880/security/north-korea-linked-threat-actors-abuse-vs-code-auto-run-to-spread-stoatwaffle-malware.html) - Deeplinks - [ ] [Nicole Ozer Named as Electronic Frontier Foundation’s Executive Director](https://www.eff.org/press/releases/nicole-ozer-named-electronic-frontier-foundations-executive-director) - [ ] [UK Politicians Continue to Miss the Point in Latest Social Media Ban Proposal](https://www.eff.org/deeplinks/2026/03/uk-politicians-continue-miss-point-latest-social-media-ban-proposal) - The Register - Security - [ ] [EFF has a new boss to lead the fight against privacy-sucking forces of doom](https://go.theregister.com/feed/www.theregister.com/2026/03/24/eff_nicole_ozer_new_chief_interview/) - [ ] [1K+ cloud environments infected following Trivy supply chain attack](https://go.theregister.com/feed/www.theregister.com/2026/03/24/1k_cloud_environments_infected_following/) - [ ] [LiteLLM loses game of Trivy pursuit, gets compromised](https://go.theregister.com/feed/www.theregister.com/2026/03/24/trivy_compromise_litellm/) - [ ] [HackerOne slams supplier for delayed breach notice after staff data exposed](https://go.theregister.com/feed/www.theregister.com/2026/03/24/hackerone_supplier_breach/) - [ ] [Country that put backdoors into Cisco routers to spy on world bans foreign routers](https://go.theregister.com/feed/www.theregister.com/2026/03/24/fcc_foreign_routers/) - [ ] [Russian initial access broker who fed ransomware crews gets 81 months in US prison](https://go.theregister.com/feed/www.theregister.com/2026/03/24/russian_iab_sentenced/) - Tor Project blog - [ ] [New Release: Tor Browser 15.0.8](https://blog.torproject.org/new-release-tor-browser-1508/) - The Hacker News - [ ] [TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise](https://thehackernews.com/2026/03/teampcp-backdoors-litellm-versions.html) - [ ] [Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR](https://thehackernews.com/2026/03/tax-search-ads-deliver-screenconnect.html) - [ ] [5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents](https://thehackernews.com/2026/03/5-learnings-from-first-ever-gartner.html) - [ ] [Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner](https://thehackernews.com/2026/03/hackers-use-fake-resumes-to-steal.html) - [ ] [The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills](https://thehackernews.com/2026/03/the-hidden-cost-of-cybersecurity.html) - [ ] [Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials](https://thehackernews.com/2026/03/ghost-campaign-uses-7-npm-packages-to.html) - [ ] [TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials](https://thehackernews.com/2026/03/teampcp-hacks-checkmarx-github-actions.html) - [ ] [U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage](https://thehackernews.com/2026/03/us-sentences-russian-hacker-to-675.html) - [ ] [Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks](https://thehackernews.com/2026/03/citrix-urges-patching-critical.html) - SANS Internet Storm Center, InfoCON: green - [ ] [Detecting IP KVMs, (Tue, Mar 24th)](https://isc.sans.edu/diary/rss/32824) - [ ] [ISC Stormcast For Tuesday, March 24th, 2026 https://isc.sans.edu/podcastdetail/9862, (Tue, Mar 24th)](https://isc.sans.edu/diary/rss/32822) - NetSPI - [ ] [LiteLLM Supply Chain Compromise](https://www.netspi.com/blog/executive-blog/ai-ml-pentesting/litellm-supply-chain-compromise/) - Security Weekly Podcast Network (Audio) - [ ] [Scam Baiting, AI, and the New Grift Economy, Part 1 - Rinoa Poison - SWN #566](http://sites.libsyn.com/18678/scam-baiting-ai-and-the-new-grift-economy-part-1-rinoa-poison-swn-566) - [ ] [Why Proactive Security Is Far Better Than Patching - Erik Nost - ASW #375](http://sites.libsyn.com/18678/why-proactive-security-is-far-better-than-patching-erik-nost-asw-375)
每日安全资讯(2026-03-25)