# 每日安全资讯(2026-03-31) - Private Feed for M09Ic - [ ] [anthropics released v2.1.88 at anthropics/claude-code](https://github.com/anthropics/claude-code/releases/tag/v2.1.88) - [ ] [joaoviictorti starred nicocha30/ligolo-iwa](https://github.com/nicocha30/ligolo-iwa) - [ ] [Teach2Breach forked Teach2Breach/InsomniacUnwinding from kapla0011/InsomniacUnwinding](https://github.com/Teach2Breach/InsomniacUnwinding) - [ ] [Teach2Breach starred kapla0011/InsomniacUnwinding](https://github.com/kapla0011/InsomniacUnwinding) - [ ] [zema1 starred Flow-Launcher/Flow.Launcher](https://github.com/Flow-Launcher/Flow.Launcher) - [ ] [freqtrade released 2026.3 at freqtrade/freqtrade](https://github.com/freqtrade/freqtrade/releases/tag/2026.3) - [ ] [OpenAEV-Platform released 2.3.2 at OpenAEV-Platform/openaev](https://github.com/OpenAEV-Platform/openaev/releases/tag/2.3.2) - [ ] [DVKunion starred firecrawl/firecrawl](https://github.com/firecrawl/firecrawl) - [ ] [Mr-xn starred onecli/onecli](https://github.com/onecli/onecli) - [ ] [ReaJason released v2.6.1 at ReaJason/MemShellParty](https://github.com/ReaJason/MemShellParty/releases/tag/v2.6.1) - [ ] [WAY29 starred XBigRoad/prompt-optimizer-studio](https://github.com/XBigRoad/prompt-optimizer-studio) - [ ] [spf13 starred TypeWhisper/typewhisper-win](https://github.com/TypeWhisper/typewhisper-win) - [ ] [rabbitmask forked rabbitmask/daily_stock_analysis from ZhuLinsen/daily_stock_analysis](https://github.com/rabbitmask/daily_stock_analysis) - [ ] [mgeeky starred kapla0011/InsomniacUnwindingCrossProcess](https://github.com/kapla0011/InsomniacUnwindingCrossProcess) - [ ] [WAY29 starred shareAI-lab/learn-claude-code](https://github.com/shareAI-lab/learn-claude-code) - [ ] [Mel0day starred yetone/voice-input-dist](https://github.com/yetone/voice-input-dist) - [ ] [kpcyrd contributed to kpcyrd/apt-swarm](https://github.com/kpcyrd/apt-swarm/pull/68) - [ ] [xpn forked xpn/sccmhunter from garrettfoster13/sccmhunter](https://github.com/xpn/sccmhunter) - [ ] [CHYbeta starred qxcnm/Codex-Manager](https://github.com/qxcnm/Codex-Manager) - [ ] [mgeeky starred deathflamingo/CDP-Enabler](https://github.com/deathflamingo/CDP-Enabler) - [ ] [Rvn0xsy forked 0x727/basic_logger from MythicC2Profiles/basic_logger](https://github.com/0x727/basic_logger) - SecWiki News - [ ] [SecWiki News 2026-03-30 Review](http://www.sec-wiki.com/?2026-03-30) - Microsoft Security Blog - [ ] [Addressing the OWASP Top 10 Risks in Agentic AI with Microsoft Copilot Studio](https://www.microsoft.com/en-us/security/blog/2026/03/30/addressing-the-owasp-top-10-risks-in-agentic-ai-with-microsoft-copilot-studio/) - obaby 𝐢𝐧⃝ void - [ ] [局部有雨](https://zhongxiaojie.cn/2026/03/746/) - Doonsec's feed - [ ] [【资料】美国以色列伊朗中东战争每日战况报告汇总](https://mp.weixin.qq.com/s/bshFgrT8WZWyuClunzIa8A) - [ ] [【培训】开源情报分析师实战能力培训班-4月成都开班](https://mp.weixin.qq.com/s/kZ45pfh5L_H1Ncvzl58MNA) - [ ] [亿赛通-电子文档安全管理系统DecryptApplication;Servicelogin接口存在任意文件读取漏洞 附POC](https://mp.weixin.qq.com/s/JCHVW8jnw3cYOLUv2gcoSQ) - [ ] [同形字符如何被滥用于网络欺诈](https://mp.weixin.qq.com/s/I1HKLcoBwxsZ4afcWLDsPA) - [ ] [哈哈哈哈哈哈哈](https://mp.weixin.qq.com/s/lnDvZDT5Hi7gT_XNtEWhdg) - [ ] [SUCTF2026 Ez_Router](https://mp.weixin.qq.com/s/Yf4I5lTc0dwNyJq2exjqEg) - [ ] [【更新2节】冰与火的战歌:Windows内核攻防实战](https://mp.weixin.qq.com/s/Der8IVuJADeZ7TUiwEqn0w) - [ ] [网络韧性视角下《中华人民共和国网络安全法》的演进逻辑与发展路径](https://mp.weixin.qq.com/s/vpyRilkf-n0k-KE2G7JesA) - [ ] [央行要求:2026进一步提高网络安全、数据安全韧性](https://mp.weixin.qq.com/s/7A9JK9QJBaNgB7RkEWiCDA) - [ ] [信息安全——DES加密算法原理以及3DES](https://mp.weixin.qq.com/s/qjoSY2da50R3b6vK0SvLRg) - [ ] [CANoe -未来不止 DDS、SOME/IP、CAN XL、10BASE-T1S…](https://mp.weixin.qq.com/s/uf0WKtS9HjikEnUlC3P91g) - [ ] [议程揭晓!第九届CSA大中华区大会暨前沿人工智能安全峰会](https://mp.weixin.qq.com/s/3Z3Ekw9sl33bGONZ-HMgAQ) - [ ] [应对iOS安全威胁新挑战,梆梆安全 “源到源” 加固全面护航移动应用安全](https://mp.weixin.qq.com/s/op-jk5X2mAN_zrA75HpneA) - [ ] [【工信动态】工业和信息化部党组举办树立和践行正确政绩观学习教育辅导报告会暨读书班开班式](https://mp.weixin.qq.com/s/Z6GErlSa9cGiNZRhb5iD_w) - [ ] [【实验室】智能工厂共性技术测试验证与评估评价工业和信息化部重点实验室2026年开放课题征集通知](https://mp.weixin.qq.com/s/PQ_UN-SZpBi4NKu5GHrHlg) - [ ] [【高危漏洞预警】Grafana SQL表达式任意文件写入导致RCE(CVE-2026-27876)](https://mp.weixin.qq.com/s/Q6TKTDQT_zJba4VnysTFrA) - [ ] [长亭科技亮相2026全球开发者先锋大会,论OpenClaw防护促AI安全](https://mp.weixin.qq.com/s/S2zOXIDNQXrybpW01vexuA) - [ ] [等保标准 | 数据安全系列公安行标解析(一)(二)](https://mp.weixin.qq.com/s/8E1GUySPEjGVlVBCtVpLog) - [ ] [备考CCSP丨用CCSP互动学习卡助力高效备考](https://mp.weixin.qq.com/s/cAnoqmQa6vpaXqpEwRIAzQ) - [ ] [天基综合信息系统全国重点实验室论文被CVPR2026录用](https://mp.weixin.qq.com/s/g2m9CEIA0s_zJsayAbE-iQ) - [ ] [国家安全机关:有不法分子通过给搜索结果添加恶意模块等方式开展窃密活动](https://mp.weixin.qq.com/s/udCWWihwzkMh62RyBQXesg) - [ ] [世界数据组织在北京正式成立 已汇集会员超200个](https://mp.weixin.qq.com/s/U4Ik1Pn-omt1DyErjAJklQ) - [ ] [ShinyHunters 声称窃取欧盟委员会超 350GB 数据](https://mp.weixin.qq.com/s/jzXHo675nfa_0Sx_LC9SIQ) - [ ] [自写的几个BOF,可过内存防护!](https://mp.weixin.qq.com/s/89oU-ZV-F3uv29CbudGssg) - [ ] [【漏洞通告】Citrix NetScaler ADC和NetScaler Gateway越界读取漏洞 CVE-2026-3055](https://mp.weixin.qq.com/s/cXyy1DJEUyJgoYke87id7w) - [ ] [网络安全信息与动态周报2026年第12期(3月16日-3月22日)](https://mp.weixin.qq.com/s/hPbsui4izWaTMvdzJo9MiQ) - [ ] [三款 Qwen3.5 本地模型效果对比](https://mp.weixin.qq.com/s/-GGMFD0M7EKEJWkaJgZVWQ) - [ ] [没规划,千万别轻易学网络安全!](https://mp.weixin.qq.com/s/5J2GyjPZEuuZ6BhaOi5ALA) - [ ] [山东新潮信息技术有限公司党支部赴红旗渠开展主题党日活动](https://mp.weixin.qq.com/s/ehrqO6irozWd7Kv7qgxEMA) - [ ] [天融信亮相2026中关村论坛年会,共话数智时代产学研协同创新](https://mp.weixin.qq.com/s/nZaNJwn1aUeczfjcM_jPyg) - [ ] [从472起事件解码2025威胁全景:攻击进入精准渗透时代(附报告下载)](https://mp.weixin.qq.com/s/MtOT_uhgbq65m21x3soiEg) - [ ] [等保合规再升级!6月1日起,“数据安全”成硬指标](https://mp.weixin.qq.com/s/UR_i59G02gPH77JZdIsTXw) - [ ] [【树立和践行正确政绩观】深学细悟 在实干担当中践行初心使命](https://mp.weixin.qq.com/s/SXyiGZYIfDPqPPREQCVEEw) - [ ] [[吃瓜速递]FBI局长遭黑客“开盒”!成人网站账号、购物评价、私人邮件全泄露](https://mp.weixin.qq.com/s/SyJeaPNWDRVxIVtD5TGD4g) - [ ] [OpenClaw(龙虾)安全风险浅析与排查指南](https://mp.weixin.qq.com/s/vZZmZZBQQ-ZVeKBuHScMqw) - [ ] [通信公司网络运维人员私自出售上行流量 获利160万被捕](https://mp.weixin.qq.com/s/rKWwZfk_U0C78wtfhxgwtw) - [ ] [DeepSeek崩了 已解决服务恢复](https://mp.weixin.qq.com/s/KZDnInII1DB1t2FuWxFDSQ) - [ ] [女子深夜睡梦中账号自动发评论 客服却回应:你误触了](https://mp.weixin.qq.com/s/-zkIz9MZCT0flZvbY8LvwQ) - [ ] [《广东省快递条例》7月1日起施行](https://mp.weixin.qq.com/s/C8-WSrJ31oFxmYj0ZpO0Qg) - [ ] [洞察|中国工程院发布:2025年度全球工程前沿](https://mp.weixin.qq.com/s/qnTzu9MFqE3YD27FrmfqqA) - [ ] [解读|数据从业者必看!国家数据局近3期政策解读](https://mp.weixin.qq.com/s/J4SjXBu1JtOKbp6cHB-oRQ) - [ ] [产业|网安市场周度监测(2026-03-30)](https://mp.weixin.qq.com/s/EoWTjNSKaWHyFDSUifIGQA) - [ ] [今日(2026年3月30日)OpenClaw 最新安全动态总结](https://mp.weixin.qq.com/s/cOoz25udq77wkzivNI93Yw) - [ ] [VulnTarget-P 纯IPv6下的攻防与数据恢复实战](https://mp.weixin.qq.com/s/FBQFyPPTj4Q9YjLn6rkJuw) - [ ] [PAN-OS 中 Nginx/Apache 路径混淆导致身份验证绕过](https://mp.weixin.qq.com/s/jZvvBfd6ua0INQY8W2QESw) - [ ] [参与有奖!训练营第一期:涉诈APP后端服务器地址抓取](https://mp.weixin.qq.com/s/Ayn3cWci3gEfyhuJRV2FBg) - [ ] [原创-职场几大忌讳](https://mp.weixin.qq.com/s/XcnkjCBDZZ8MmMFGuqMvbg) - [ ] [遥感行业每日标讯 | 2026-03-30](https://mp.weixin.qq.com/s/4LAXZHuqw-KNYCMN-Vn4mA) - [ ] [《天津市网络安全和信息化条例》通过 自2026年5月1日起施行,更加强化密评和数据安全](https://mp.weixin.qq.com/s/ZW4yf0Id3p_2iegp1MPHeA) - [ ] [警惕!只需一个举动,你可能已经犯罪](https://mp.weixin.qq.com/s/RksEGOZ1B58pLuhd0UY7Dg) - [ ] [AI+网络安全人才招募计划](https://mp.weixin.qq.com/s/nIxKCr3gtERj2aRSPjJErQ) - [ ] [Claude Mythos泄露草稿深度解读](https://mp.weixin.qq.com/s/jphweWCIfEnwGlcCOARPDg) - [ ] [年度报告:山石网科 2025年度实现营收9.11亿,同比减少8.55%,利润总额-2.05亿](https://mp.weixin.qq.com/s/cvcozHZ4hpGIz5uOWhklFw) - [ ] [行业资讯:星环科技 拟在“香港联交所”主板挂牌上市的进展情况](https://mp.weixin.qq.com/s/DiEfvAr2-h8zek6BZIceHQ) - [ ] [行业资讯:安恒信息 补选非独立董事](https://mp.weixin.qq.com/s/GGtgoMwgJPOZhYt3xHreug) - [ ] [《2026年网络与信息安全行业全景图》及产品名录 正式发布 !](https://mp.weixin.qq.com/s/p9Fmhhi_py4NGlcar5GE0A) - [ ] [4月好课推荐:CISP、CISSP、CISA开班倒计时](https://mp.weixin.qq.com/s/bPMeB-RojFsNxORI4EIJOg) - [ ] [信息安全敲门砖认证-Security+](https://mp.weixin.qq.com/s/GwPk3lYxhYvF052rqjToWA) - [ ] [polarisctf招新赛-部分(WEB)](https://mp.weixin.qq.com/s/_E4IbKpZ8FvOsfQVg6V77A) - [ ] [一站式等保合规,助力企业数字化转型](https://mp.weixin.qq.com/s/o0TyIT-C3hz2qzq6Jyaiuw) - [ ] [《人工智能云 机密计算能力要求》标准参编单位征集](https://mp.weixin.qq.com/s/DAo3JocWA1AzDbggMvTM5w) - [ ] [Supermap iServer历史漏洞浅析(上)](https://mp.weixin.qq.com/s/00ZeX0Ks8aGMBwcjtvuItw) - [ ] [LiteLLM 供应链攻击事件始末](https://mp.weixin.qq.com/s/mYPNVkYrsFpWRMT947JlLQ) - [ ] [小米AI方向裁员:入职7月被“优化”,26、27届应届生必看](https://mp.weixin.qq.com/s/TMzzOEf_Y2-Y3yPfSnJj-w) - [ ] [显存又要撑爆了? 砸钱买 KV Cache 存储方案前,请先看这三点!](https://mp.weixin.qq.com/s/zRakOfXvIUBUDOKt7V9Xhw) - [ ] [AndroidManifest处理工具V1.0](https://mp.weixin.qq.com/s/In0-tQDc6gdaRkLzVQ2AJg) - [ ] [Anthropic专攻漏洞挖掘的秘密模型Claude Mythos泄露,AI安全攻防格局突变](https://mp.weixin.qq.com/s/9pkBn5-z4CI5J4U42ezoHA) - [ ] [可信数据空间(七)基于密态可信云的可信数据空间](https://mp.weixin.qq.com/s/eC-WFDf3HYAgs68_aSgEJQ) - [ ] [RSAC 2026创新沙盒 | Charm Security:面向新型诈骗的AI反欺诈平台](https://mp.weixin.qq.com/s/A-aZKQSqJZotRF4bdz7e2g) - [ ] [RSAC 2026创新沙盒 | Humanix:面向人的社会工程攻击检测与响应](https://mp.weixin.qq.com/s/tasn9vfZSRke-aqmWv97uw) - [ ] [Linux服务器如何防止网页被篡改](https://mp.weixin.qq.com/s/ThBEPK5mtYcpAFWhRhPepg) - [ ] [【漏洞复现】Langflow 未授权远程代码执行(CVE-2026-33017)](https://mp.weixin.qq.com/s/XowWtYcv49e-LVwOLKCxzg) - [ ] [伪造信息这一块,我的组织文档完好无损[捂脸]](https://mp.weixin.qq.com/s/eMNNrV4QvYRl_3LaUOtwVQ) - [ ] [IETF 125|下一代域间路由架构与协议边会顺利召开](https://mp.weixin.qq.com/s/e-E1xM9KNBCD2YrfG1FvGg) - [ ] [分享图片](https://mp.weixin.qq.com/s/G3cDSw4scilBeVprHLxjgg) - [ ] [苹果 DarkSword 漏洞工具公开,数亿 iPhone 面临窃密风险](https://mp.weixin.qq.com/s/6o24iCVMgFntuACVFOLzcg) - [ ] [非均衡中国经济](https://mp.weixin.qq.com/s/0nR0Bt5jaeESDuIduG9PpQ) - [ ] [手把手CNVD从资产收集到通杀漏洞挖掘](https://mp.weixin.qq.com/s/RVb-ai_ZrfWTyWdY6jjl0g) - [ ] [2026数字中国创新大赛・数字安全赛道网络和数据安全产业赛火热报名中!](https://mp.weixin.qq.com/s/vE-QEziJDzVNuH0959zShQ) - [ ] [国内算力介绍](https://mp.weixin.qq.com/s/8sHzyqgz2WS8kIvjtm6_pQ) - [ ] [Tornado Cash 保护了他的钱。但保护不了他凌晨两点的手痒。](https://mp.weixin.qq.com/s/I8di2ketTPKBpOzc5dLtag) - [ ] [一次意外的接口测试](https://mp.weixin.qq.com/s/6wofdUWFUzWy8PN03KpBww) - [ ] [Check Point 《2026 年网络安全报告》中文版发布](https://mp.weixin.qq.com/s/iY9NLpnNtmm9GJCtbUbVIg) - [ ] [重磅泄露!Anthropic最强模型意外曝光:能力碾压Opus 4.6,却因太危险被雪藏](https://mp.weixin.qq.com/s/Qwvd_-uc83a6oTt2mdY9DA) - [ ] [热门 Python 库 LiteLLM 遭供应链攻击,Python启动即可窃取个人凭证](https://mp.weixin.qq.com/s/7kLZyE1gqsfaodRgRhiofQ) - [ ] [伊朗关联黑客入侵了FBI局长的个人邮箱,并公布了照片和文件](https://mp.weixin.qq.com/s/BBkfR18FHHDvpS_pnZL8vQ) - [ ] [#金融常识 #网贷注销 #债务规划 #网贷关闭](https://mp.weixin.qq.com/s/0bP7l-v54IGWG8tNnzLZhw) - [ ] [WSL 仓库 issue 一夜“膨胀”到 4 万号:GitHub 多仓库疑遭广告灌水,社区口径已喊到 10 万+](https://mp.weixin.qq.com/s/vt0TKeKLn6oZoIZ4NdFZ8w) - [ ] [别再把它当成“一堆 ModSecurity 规则”了:OWASP CRS 才是很多 Web 防护体系真正的底座](https://mp.weixin.qq.com/s/-GWZZRqgJM6hzE7AtC4c2Q) - [ ] [【工具推荐】 - ZeroEye3.0自动化找白文件,提升免杀效率,实现降本增效](https://mp.weixin.qq.com/s/yPMM01RblL6OvBIlUBkQZQ) - [ ] [SQL 到 SSH:Grafana 中存在严重 CVSS 9.1 级远程代码执行漏洞,可将监控变成远程劫持](https://mp.weixin.qq.com/s/06Wx8xZAZJSBfcrdg2ZktA) - [ ] [今年网安的招聘市场已经崩溃了。。。](https://mp.weixin.qq.com/s/OrJVJ1TYBR4gNxFYfAzTTA) - [ ] [GPT-5.4多模态代码生成实战评测:2026年AI编程的范式革命](https://mp.weixin.qq.com/s/um1fNeTzyh-EGBBdsD5TEg) - [ ] [反编译白宫 app 会被定点……吗?](https://mp.weixin.qq.com/s/Nj-olbgjzSHXb6JLwbabEA) - [ ] [[工具教程]Burp 光标瞎飘?这篇教你彻底搞定](https://mp.weixin.qq.com/s/vV0aUsx0eGnpAYq69Q8oMQ) - [ ] [OpenClaw全自动刷CVE编号](https://mp.weixin.qq.com/s/JdsNZoUpRmrwbvuvzx0GIw) - [ ] [潮玩网络不“翻车” 少年上网有秘籍](https://mp.weixin.qq.com/s/cI2a5RwfN2V0oR1D0KZc7w) - [ ] [OpenClaw 开发Skills实践 微信自动储存图片到NAS](https://mp.weixin.qq.com/s/-V5RKVaxbuHysZNCNQwIjw) - [ ] [2025年中国企业邮箱安全性研究报告](https://mp.weixin.qq.com/s/o-Q6hCpjNhQ26a611wk-2g) - [ ] [秦安:伊朗周日放开三国通行霍尔木兹海峡,善用金融战痛击特朗普](https://mp.weixin.qq.com/s/3xOpN6SDC_orBx3DbukT_A) - [ ] [暗网泄露:M国顶级一体化数字安全公司信息泄露](https://mp.weixin.qq.com/s/UIUkQcOib3fZ9cFYiR6cTg) - [ ] [Upload Labs 第13关通关详解:POST 传参与 0x00 截断的实战利用](https://mp.weixin.qq.com/s/pa2URvPVZKR2bZMoLRdasQ) - [ ] [你的\"信任\"正在被黑客利用——零信任](https://mp.weixin.qq.com/s/GqYJ83nIALknzgH2t73VNg) - [ ] [AI大模型安全护栏攻防,深挖提示词注入漏洞,拆解多模态绕过手法](https://mp.weixin.qq.com/s/uV1rgNsk8FuDYRk06ZWsMQ) - [ ] [阿贾克斯足球俱乐部遭黑客攻击,球迷数据泄露,球票被盗](https://mp.weixin.qq.com/s/EUXRSrwgWYREYmRfawm8zg) - [ ] [TCSEC思想在国际上的继承与发展脉络](https://mp.weixin.qq.com/s/xVwuQbhIeKHn1MOnwYamPw) - [ ] [OSI模型第一层:物理层](https://mp.weixin.qq.com/s/q7jT2h6uv5-8Shox_SycpA) - [ ] [《网络安全法》等级保护法条第一款分解](https://mp.weixin.qq.com/s/EfQbaWaVb4DfWkpBPHq9aw) - [ ] [美国政府停摆与预算不足对网络安全带来的风险的一点杂谈](https://mp.weixin.qq.com/s/BFhaXMMopSbTDcn8mWM_Eg) - [ ] [工具推荐 | UploadRanger专业级文件上传漏洞检测:全面支持263种绕过技术、代理抓包与动态深度扫描](https://mp.weixin.qq.com/s/hyYPCLvVr_1d__jsGa9-lA) - Recent Commits to cve:main - [ ] [Update Mon Mar 30 11:16:10 UTC 2026](https://github.com/trickest/cve/commit/ba539cd29daed50a45d0a1514314ff31df90ddcf) - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com - [ ] [攻击者滥用.arpa 特殊域名与IPv6反向DNS实施钓鱼攻击](https://www.4hou.com/posts/Zg5g) - [ ] [嘶吼安全动态|国家安全部:搜索引擎排名遭 “投毒”,恶意链接暗藏窃取风险 谷歌发布高风险Chrome安全更新](https://www.4hou.com/posts/kgJJ) - Cerbero Blog - [ ] [ACE Format Package](https://blog.cerbero.io/ace-format-package/) - Bug Bounty in InfoSec Write-ups on Medium - [ ] [From Paste Site to Payout: How a Single Dump Led to a Critical Bug](https://infosecwriteups.com/from-paste-site-to-payout-how-a-single-dump-led-to-a-critical-bug-56bf0677d1cf?source=rss----7b722bfd1b8d--bug_bounty) - [ ] [SSRF to Admin Access: When a “Harmless URL” Took Me Straight to the Kingdom](https://infosecwriteups.com/ssrf-to-admin-access-when-a-harmless-url-took-me-straight-to-the-kingdom-000815d0725d?source=rss----7b722bfd1b8d--bug_bounty) - GuidePoint Security - [ ] [IoT Camera Security: The Fixable Threat You Might Not See Coming](https://www.guidepointsecurity.com/blog/iot-camera-security-evolving-threats/) - Sandfly Security Blog RSS Feed - [ ] [Automotive Manufacturing Chooses Agentless Linux EDR After Agent-Based Failures](https://sandflysecurity.com/blog/automotive-manufacturing-chooses-agentless-linux-edr-after-agent-based-failures) - Horizon3.ai - [ ] [CVE-2026-3055](https://horizon3.ai/attack-research/vulnerabilities/cve-2026-3055/) - blog.avast.com EN - [ ] [Planning a spring break trip? Don’t fall for these 7 travel scams](https://blog.avast.com/spring-break-break-travel-scams) - Sucuri Blog - [ ] [The Security Risks of Using Nulled WordPress Plugins](https://blog.sucuri.net/2026/03/the-security-risks-of-using-nulled-wordpress-plugins.html) - Malwarebytes - [ ] [New macOS security feature will alert users about possible ClickFix attacks](https://www.malwarebytes.com/blog/news/2026/03/new-macos-security-feature-will-alert-users-about-possible-clickfix-attacks) - [ ] [A week in security (March 23 – March 29)](https://www.malwarebytes.com/blog/news/2026/03/a-week-in-security-march-23-march-29) - Wallarm - [ ] [CISO Spotlight: Dimitris Georgiou on Building Security that Serves People First](https://lab.wallarm.com/ciso-spotlight-dimitris-georgiou-security-serves-people-first/) - 杨龙 - [ ] [systemd 配置目录介绍](https://www.yanglong.pro/systemd-%e9%85%8d%e7%bd%ae%e7%9b%ae%e5%bd%95%e4%bb%8b%e7%bb%8d/) - Checkmarx - [ ] [RSAC 2026 Marked a Turning Point for AppSec. The Reason – Agentic Security](https://checkmarx.com/blog/rsac-2026-marked-a-turning-point-for-appsec-the-reason-agentic-security/) - 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台 - [ ] [Instagram正在测试新的付费订阅服务](https://blog.upx8.com/Instagram%E6%AD%A3%E5%9C%A8%E6%B5%8B%E8%AF%95%E6%96%B0%E7%9A%84%E4%BB%98%E8%B4%B9%E8%AE%A2%E9%98%85%E6%9C%8D%E5%8A%A1) - [ ] [法国AI初创公司Mistral获8.3亿美元债务融资](https://blog.upx8.com/%E6%B3%95%E5%9B%BDAI%E5%88%9D%E5%88%9B%E5%85%AC%E5%8F%B8Mistral%E8%8E%B78-3%E4%BA%BF%E7%BE%8E%E5%85%83%E5%80%BA%E5%8A%A1%E8%9E%8D%E8%B5%84) - [ ] [苹果AI开启推送?国行iPhone可升级](https://blog.upx8.com/%E8%8B%B9%E6%9E%9CAI%E5%BC%80%E5%90%AF%E6%8E%A8%E9%80%81-%E5%9B%BD%E8%A1%8CiPhone%E5%8F%AF%E5%8D%87%E7%BA%A7) - [ ] [阿里发布全模态大模型 Qwen3.5-Omni,无缝理解文本、图片、音频及音视频输入](https://blog.upx8.com/%E9%98%BF%E9%87%8C%E5%8F%91%E5%B8%83%E5%85%A8%E6%A8%A1%E6%80%81%E5%A4%A7%E6%A8%A1%E5%9E%8B-Qwen3-5-Omni-%E6%97%A0%E7%BC%9D%E7%90%86%E8%A7%A3%E6%96%87%E6%9C%AC-%E5%9B%BE%E7%89%87-%E9%9F%B3%E9%A2%91%E5%8F%8A%E9%9F%B3%E8%A7%86%E9%A2%91%E8%BE%93%E5%85%A5) - [ ] [持续数月走高的内存价格大幅下跌](https://blog.upx8.com/%E6%8C%81%E7%BB%AD%E6%95%B0%E6%9C%88%E8%B5%B0%E9%AB%98%E7%9A%84%E5%86%85%E5%AD%98%E4%BB%B7%E6%A0%BC%E5%A4%A7%E5%B9%85%E4%B8%8B%E8%B7%8C) - [ ] [苹果计划推出配备OLED显示屏的iMac](https://blog.upx8.com/%E8%8B%B9%E6%9E%9C%E8%AE%A1%E5%88%92%E6%8E%A8%E5%87%BA%E9%85%8D%E5%A4%87OLED%E6%98%BE%E7%A4%BA%E5%B1%8F%E7%9A%84iMac) - 腾讯玄武实验室 - [ ] [每日安全动态推送(26/3/30)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651960413&idx=1&sn=2be2b7f3dd3e3f5a70cf9b44e9cefdfe) - Shostack & Friends Blog - [ ] [Sunshine and Security – Kymberlee’s week at BSides SF and RSAC 2026](https://shostack.org/blog/kymberlee-reflects-on-bsidessf-and-rsac2026/) - 奇客Solidot–传递最新科技情报 - [ ] [微软 Copilot 在修改 PR 中的拼写错误时添加了广告](https://www.solidot.org/story?sid=83918) - [ ] [木星闪电释放的能量相当于原子弹爆炸](https://www.solidot.org/story?sid=83917) - [ ] [蜜蜂和蜂鸟在工作期间吸入了微量的酒](https://www.solidot.org/story?sid=83916) - [ ] [杜比诉 Snapchat 挑战 AV1 的免专利费声明](https://www.solidot.org/story?sid=83915) - [ ] [AI 和机器人流量超过人类](https://www.solidot.org/story?sid=83914) - [ ] [DNA 告诉了我们什么,它又有什么局限](https://www.solidot.org/story?sid=83913) - [ ] [NASA 宇航员在空间站失语,原因未知](https://www.solidot.org/story?sid=83912) - [ ] [勒索软件组织将目标瞄准波斯语系统](https://www.solidot.org/story?sid=83911) - [ ] [OpenAI 利用 Cloudflare 程序防 AI 爬虫抓取](https://www.solidot.org/story?sid=83910) - 威努特安全网络 - [ ] [国产化替代指南:从VMware平滑迁移至国产超融合](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651141158&idx=1&sn=a0fa4b17dff92a0f475398633da16dff) - [ ] [威努特全流程数据安全方案,多重防线守护企业数据](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651141157&idx=1&sn=033a4949885bef931f03bc3d5c2c297c) - 黑鸟 - [ ] [同形字符如何被滥用于网络欺诈](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451186106&idx=1&sn=520c42d1a2ddc902047fa95bbab56abb) - 安全分析与研究 - [ ] [通信与隧道技术——隐蔽通信通道的构建](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247496625&idx=1&sn=9b6acb2f0a44a5a5f0718018c92d22ff) - 暗影安全 - [ ] [Telegram 9.8 分零日漏洞警示:富媒体时代,即时通讯的安全红线在哪?](https://mp.weixin.qq.com/s?__biz=MzI2MzA3OTgxOA==&mid=2657165759&idx=1&sn=7f3fe29c27a207f74884508598380179) - 代码卫士 - [ ] [CISA要求三天内修复这个严重的 F5 BIG-IP 漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247525571&idx=1&sn=3596dc720ddc3cfdb3245a4b7597f249) - [ ] [n8n 两个严重 RCE 漏洞利用使工作流沦为后门](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247525571&idx=2&sn=eae427dd1fadd452e77ca0ed22f49ddf) - 奇安信 CERT - [ ] [今日(2026年3月30日)OpenClaw 最新安全动态总结](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247504885&idx=1&sn=3534974f700f8f31b2eab3c54f7176ed) - 绿盟科技研究通讯 - [ ] [可信数据空间(七)基于密态可信云的可信数据空间](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247499704&idx=1&sn=6b5dffe441f66af0a7873ba7a72826a7) - [ ] [RSAC 2026创新沙盒 | Charm Security:面向新型诈骗的AI反欺诈平台](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247499704&idx=2&sn=1e58cf1cd1ed76c52fc5689a714ae95e) - [ ] [RSAC 2026创新沙盒 | Humanix:面向人的社会工程攻击检测与响应](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247499704&idx=3&sn=2b95d43911cf74bc5d2aa97c6fe4948e) - 天御攻防实验室 - [ ] [请停止使用“AI安全”或“智能体安全”这样的表述](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486857&idx=1&sn=a643a7193cbd2a6071443ac88d9961fe) - 先进攻防 - [ ] [Claude Mythos泄露草稿深度解读](https://mp.weixin.qq.com/s?__biz=MzI1MDA1MjcxMw==&mid=2649908874&idx=1&sn=040ec1eeaf249ee3cfcbb563aafe9705) - 非尝咸鱼贩 - [ ] [反编译白宫 app 会被定点……吗?](https://mp.weixin.qq.com/s?__biz=Mzk0NDE3MTkzNQ==&mid=2247485893&idx=1&sn=d11b1e647837ddcbf4a42bcdd50f8c4f) - 看雪学苑 - [ ] [SUCTF2026 Ez_Router](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458612768&idx=1&sn=705aeb8b7ae7dcb9affa5470d88d2132) - [ ] [新型“Infinity”恶意软件正在通过假验证页面疯狂传播](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458612768&idx=2&sn=7e7083b23eb659baa047e16744af935d) - [ ] [【更新2节】冰与火的战歌:Windows内核攻防实战](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458612768&idx=3&sn=94a8c33a9ace07b6cd75e080d335db7f) - 信息安全国家工程研究中心 - [ ] [等保标准 | 数据安全系列公安行标解析(一)(二)](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247503292&idx=1&sn=70bddc999cc325b8af391e4fd9753793) - 中国信息安全 - [ ] [论坛·原创 | 网络空间安全的风险情境与中国方案](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260760&idx=1&sn=65ba8f866082c3378ae290ff781ca703) - [ ] [国安部提示:警惕网络搜索中的“隐蔽陷阱”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260760&idx=2&sn=4597ae25109db47f1e5b398e8ddeaf3b) - [ ] [专家解读 | 解码数据产权结构性分置制度](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260760&idx=3&sn=b1e47c5fc3f26d4e987ce1ea05087dac) - [ ] [前沿 | “养龙虾”的安全风险与治理](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260760&idx=4&sn=43c738591f9926adf7addc7ded4a111e) - [ ] [评论 | 无人机不能飞出法律和安全边界](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260760&idx=5&sn=6216c9923944e019a73ad9d8a99b8350) - 安全牛 - [ ] [警惕 OpenClaw:AI 主权代理时代,网络安全迎来致命第四维](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651140919&idx=1&sn=d2f06eb3c17213fb62a94937c80ab07b) - [ ] [《AI模型安全评估及围栏技术应用指南》 调研正式启动,诚邀厂商共筑AI安全生态!](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651140919&idx=2&sn=17b07074b85e47bf4a954cbc8232c1d7) - 安全圈 - [ ] [【安全圈】DeepSeek崩了!超过11小时仍未被修复](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075204&idx=1&sn=0d5532dced2ed29ce8b6dce346ba8f9f) - [ ] [【安全圈】Telegram 遭遇严重 0-day 漏洞,CVSS 评分高达 9.8 分](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075204&idx=2&sn=f5c0bfeaf0614eabe75d0b22d42892c3) - 威胁棱镜 - [ ] [大模型对威胁情报来说可能并不可靠](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247488555&idx=1&sn=7fae151c7499b47740586e1522637552) - NOVASEC - [ ] [【工具】EditHttpMsg For Burp UI Demo](https://mp.weixin.qq.com/s?__biz=MzUzODU3ODA0MA==&mid=2247490838&idx=1&sn=5bc96c6f3d85f67d7d071116f63b5ea4) - 青藤云安全 - [ ] [黑客不攻你的防火墙,他们攻你的摄像头](https://mp.weixin.qq.com/s?__biz=MzAwNDE4Mzc1NA==&mid=2650851058&idx=1&sn=942eac1dc5b3183e52274b44ada50db5) - M01N Team - [ ] [从 ACP 协议看 OpenClaw 的暴露面探测](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494878&idx=1&sn=6b55e606fbcfc30f1d3f0022d7e3b6b6) - 数世咨询 - [ ] [工业企业的安全:保护“僵尸”基础设施](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247542265&idx=1&sn=d7f49aa2e9d1dddd22af9e3aea0667c2) - 极客公园 - [ ] [深夜更新,国行 Apple 智能这次真的来了(附上手实测](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653102447&idx=1&sn=42dece0571da0065c49b5e3bda7d5c58) - [ ] [深扒 50+被投科技企业背后,美团的 AI 版图](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653102399&idx=1&sn=0a384cb3241adc6a6c844c587f8e66c6) - [ ] [折叠版 iPhone 或将金秋发布;Intel 新 CPU 上市两天溢价 17%;白宫官方 App 上架,美媒点评:既怪异又多余 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653102379&idx=1&sn=8879ad4c3539dbaa5a2e399c6fc243b9) - [ ] [中国医生「不信 AI」的死结怎么解?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653102379&idx=2&sn=41c9dfa953d61d266a9f32f8069e58f9) - 补天平台 - [ ] [AI时代,白帽升级:补天沙龙北京站见证新一代网安力量崛起!](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247510571&idx=1&sn=aeadc0973c615f628154b9128244e809) - 嘶吼专业版 - [ ] [攻击者滥用.arpa特殊域名与IPv6反向DNS实施钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247587454&idx=1&sn=11f0a32adb34bfb9df987464c6ac1976) - [ ] [嘶吼安全动态|搜索引擎排名遭 “投毒”,恶意链接暗藏窃取风险 谷歌发布高风险Chrome安全更新](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247587454&idx=2&sn=8b39b4c9e47ca14a431bac0af8e16b57) - 情报分析师 - [ ] [卫星图上多了一排黑点,背后可能是一场军事行动!一张卫星图,为什么能让一个国家睡不着觉?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650567396&idx=1&sn=9a690312610db7a1071e2e2b988362ae) - [ ] [【热点研判】军售与峰会时点交织/现役日本自卫队人员翻墙携刀闯入我驻日使馆/英国强调扩大与蒙古国关键矿产合作并向中亚延伸](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650567396&idx=2&sn=5197ac09fa566ac64503bd841aa020e1) - [ ] [深伪时代,OSINT最大的敌人不是假视频,而是"真假都没人信"](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650567396&idx=3&sn=721415fe8d08fea197408123330ae7e1) - [ ] [锂、镍、稀土背后,为什么站着外交官、军方和情报官?](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650567396&idx=4&sn=207e1f1b531382b27990efd76d342c93) - 慢雾科技 - [ ] [Odaily专访余弦:Anthropic核弹级新模型泄漏,如何影响加密安全攻防?](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247504594&idx=1&sn=88d0a2ea27ea5f4bd87967e3411848f6) - 京东安全应急响应中心 - [ ] [JoySafety:京东AI智能体安全实战方案 全链路守护龙虾安全](https://mp.weixin.qq.com/s?__biz=MjM5OTk2MTMxOQ==&mid=2727850776&idx=1&sn=158d1a0b0df559dd1d97ed2862669a16) - 深信服千里目安全技术中心 - [ ] [【漏洞通告】Citrix NetScaler ADC和NetScaler Gateway越界读取漏洞 CVE-2026-3055](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247525189&idx=1&sn=2458d6bc7b6b65d61cd8c40e38e13933) - [ ] [网络安全信息与动态周报2026年第12期(3月16日-3月22日)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247525189&idx=2&sn=9f75c63ef70463c5dbbd5ff791837a17) - 威胁猎人Threat Hunter - [ ] [从“信息引用”到“认知争夺”:GEO污染正在成为品牌治理的隐形战场](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247503074&idx=1&sn=c1216c5cc600ef1f0dabf3476f727d97) - Qualys Security Blog - [ ] [Optimizing Risk Discovery and Remediation with Qualys Gateway Service (QGS)](https://blog.qualys.com/category/product-tech) - 迪哥讲事 - [ ] [一次意外的接口测试](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247499234&idx=1&sn=31d4885faa624cacab5e69be936ec4f4) - 360数字安全 - [ ] [34万星系统破防!360漏洞挖掘智能体揪出OpenClaw高危漏洞](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247585581&idx=1&sn=0b75e5a0293241e114a4f9a5165ab903) - 字节跳动技术团队 - [ ] [PrivLLM 协变混淆:隐私保护的 LLM 推理高效实现](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247519070&idx=1&sn=618c4ef1446e49a86377277a9d200b4e) - 安全行者老霍 - [ ] [RSAC 2026大会上的重磅产品](https://mp.weixin.qq.com/s?__biz=Mzg3NjU4MDI4NQ==&mid=2247486313&idx=1&sn=163d772b61ef20e9323cb2627b6168c5) - bellingcat - [ ] [Explosive Misinformation: A Guide to Mushroom Clouds, ‘Sonic Weapons’ and Disintegration](https://www.bellingcat.com/resources/2026/03/30/explosive-misinformation-a-guide-to-mushroom-clouds-sonic-weapons-and-disintegration/) - Over Security - Cybersecurity news aggregator - [ ] [Healthcare tech firm CareCloud says hackers stole patient data](https://www.bleepingcomputer.com/news/security/healthcare-tech-firm-carecloud-says-hackers-stole-patient-data/) - [ ] [New RoadK1ll WebSocket implant used to pivot on breached networks](https://www.bleepingcomputer.com/news/security/new-roadk1ll-websocket-implant-used-to-pivot-on-breached-networks/) - [ ] [Critical Citrix NetScaler memory flaw actively exploited in attacks](https://www.bleepingcomputer.com/news/security/critical-citrix-netscaler-memory-flaw-actively-exploited-in-attacks/) - [ ] [Italian regulator fines financial giant $36 million for data protection failures](https://therecord.media/italian-regulator-fines-financial-giant-36-million) - [ ] [L’identità digitale è il bersaglio: l’attacco che segna un cambio di paradigma](https://www.cybersecurity360.it/news/lidentita-digitale-e-il-bersaglio-lattacco-che-segna-un-cambio-di-paradigma/) - [ ] [Beyond Compliance: How Financial Institutions Can Meet New Fraud-Sharing Mandates While Respecting Privacy](https://www.group-ib.com/blog/beyond-compliance-fraud-sharing-privacy/) - [ ] [Professional Networks Under Attack: Vietnam-Linked Actors Deploy PXA Stealer in Global Infostealer Campaign](https://cyble.com/blog/professional-networks-under-attack-by-infostealer/) - [ ] [Apple adds macOS Terminal warning to block ClickFix attacks](https://www.bleepingcomputer.com/news/security/apple-adds-macos-terminal-warning-to-block-clickfix-attacks/) - [ ] [AI Act, la semplificazione che complica: meno regole, più incoerenza?](https://www.cybersecurity360.it/news/ai-act-la-semplificazione-che-complica-meno-regole-piu-incoerenza/) - [ ] [European Commission downplays ShinyHunters cyberattack impact](https://therecord.media/european-commission-downplays-shinyhunters-cyber-claim) - [ ] [How to Evaluate AI SOC Agents: 7 Questions Gartner Says You Should Be Asking](https://www.bleepingcomputer.com/news/security/how-to-evaluate-ai-soc-agents-7-questions-gartner-says-you-should-be-asking/) - [ ] [Hybrid Warfare 2026: When Cyber Operations and Kinetic Attacks Converge](https://cyble.com/blog/hybrid-warfare-2026-cyber-kinetic-threats/) - [ ] [Forrester Threat Intelligence Landscape: Key Takeaways for Security Leaders](https://flashpoint.io/blog/forrester-threat-intelligence-landscape-key-takeaways-for-security-leaders/) - [ ] [Russian court sentences notorious card fraud ringleader ‘Flint’ and 25 associates](https://therecord.media/russia-flint-conviction-payment-fraud) - [ ] [Healthcare software firm CareCloud informs SEC of potential patient data leak](https://therecord.media/carecloud-hack-data-breach-sec) - [ ] [State Department reissues $10 million reward for info on Iranian hackers](https://therecord.media/iran-hackers-state-department-reward) - [ ] [ANY.RUN at RSAC™ 2026: Highlights & Industry Recognition](https://any.run/cybersecurity-blog/rsac-2026-highlights/) - [ ] [Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now](https://www.bleepingcomputer.com/news/security/hackers-now-exploit-critical-f5-big-ip-flaw-in-attacks-patch-now/) - [ ] [Chi governa l’AI? Il Tribunale annulla la sanzione a OpenAI e ridefinisce i confini del Garante](https://www.cybersecurity360.it/legal/privacy-dati-personali/chi-governa-lai-il-tribunale-annulla-la-sanzione-a-openai-e-ridefinisce-i-confini-del-garante-privacy/) - [ ] [AI-Fueled Cyberattacks Surge in UAE Amid Rising Regional Tensions](https://thecyberexpress.com/uae-cyberattacks-surge-as-cyber-threats-fuels/) - [ ] [uConsole Review: A Portable Linux Cyberdeck](https://www.mobile-hacker.com/2026/03/30/uconsole-review-a-portable-linux-cyberdeck/) - [ ] [Microsoft pulls KB5079391 Windows update over install issues](https://www.bleepingcomputer.com/news/microsoft/microsoft-pulls-windows-kb5079391-update-over-0x80073712-install-errors/) - [ ] [Cybersecurity Is a Calling, Not Just a Career — Dr. Priyanka Sunder (PD) on Women Leading the Charge](https://thecyberexpress.com/dr-priyanka-sunder-interview/) - [ ] [Hackers Impersonate Ukrainian CERT to Plant a RAT on Government, Hospital Networks](https://thecyberexpress.com/hackers-impersonate-cert-ua-agewheeze-rat/) - [ ] [Sovranità digitale europea: tra ambizione e realtà](https://www.cybersecurity360.it/cybersecurity-nazionale/sovranita-digitale-europea-tra-ambizione-e-realta/) - [ ] [Cybersecurity Strategy Planning: The Essential Reset for Security Teams and Leaders in 2026](https://www.group-ib.com/blog/cybersecurity-strategy-planning-2026/) - [ ] [Latvia Warns of Disinformation Campaign Targeting Baltic States](https://thecyberexpress.com/russian-information-operation-baltic-tensions/) - [ ] [Critical Fortinet Forticlient EMS flaw now exploited in attacks](https://www.bleepingcomputer.com/news/security/critical-fortinet-forticlient-ems-flaw-now-exploited-in-attacks/) - [ ] [Smart Homes Are Getting Smarter—But Post-Breach Guidance Is Falling Behind](https://thecyberexpress.com/smart-home-breach-guidance-leipzig/) - [ ] [New widespread EvilTokens kit: device code phishing as-a-service – Part 1](https://blog.sekoia.io/new-widespread-eviltokens-kit-device-code-phishing-as-a-service-part-1/) - [ ] [European Commission confirms data breach after Europa.eu hack](https://www.bleepingcomputer.com/news/security/european-commission-confirms-data-breach-after-europaeu-hack/) - [ ] [30% of Retailers Fail to Show Accurate Discounts, EU Probe Reveals](https://thecyberexpress.com/black-friday-discounts-fail-transparency-test/) - [ ] [Hackers Circle Citrix NetScaler Flaw Within Hours of Disclosure](https://thecyberexpress.com/cve-2026-3055-citrix-netscaler-saml-idp/) - [ ] [European Commission Confirms Cyberattack, Probes Possible Data Theft from Websites](https://thecyberexpress.com/european-commission-cyberattack/) - SANS Internet Storm Center, InfoCON: green - [ ] [DShield (Cowrie) Honeypot Stats and When Sessions Disconnect, (Mon, Mar 30th)](https://isc.sans.edu/diary/rss/32840) - [ ] [ISC Stormcast For Monday, March 30th, 2026 https://isc.sans.edu/podcastdetail/9870, (Mon, Mar 30th)](https://isc.sans.edu/diary/rss/32844) - Krypt3ia - [ ] [Effectiveness Assessment of the Handala Cyber-Enabled Influence Campaigns](https://krypt3ia.wordpress.com/2026/03/30/effectiveness-assessment-of-the-handala-cyber-enabled-influence-campaigns/) - ICT Security Magazine - [ ] [Passkeys in azienda: guida tecnica alla migrazione FIDO2 per il CISO italiano](https://www.ictsecuritymagazine.com/notizie/passkeys-in-azienda/) - [ ] [Handala viola l’email personale del Direttore dell’FBI Kash Patel: la risposta dell’Iran alla guerra cyber](https://www.ictsecuritymagazine.com/notizie/handala-fbi-kash-patel/) - [ ] [Iran cyber warfare: 30 giorni di guerra digitale](https://www.ictsecuritymagazine.com/cyber-warfare/iran-cyber-warfare/) - [ ] [Commissione Europea violata: ShinyHunters rivendica oltre 350 GB sottratti dall’infrastruttura AWS](https://www.ictsecuritymagazine.com/notizie/commissione-europea-violata/) - [ ] [Attacchi informatici ai dispositivi medicali: rischi per pazienti e ospedali](https://www.ictsecuritymagazine.com/articoli/dispositivi-medicali/) - 安全419 - [ ] [六大趋势重塑IAM市场:从非人类身份到代理式AI](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247552776&idx=1&sn=5da2dc40ec4db9ed10cc8a7ad2caa050) - CNVD漏洞平台 - [ ] [CNVD漏洞周报2026年第12期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247496809&idx=1&sn=2db62d67bc97271b6af9bf9845928dc2) - [ ] [上周关注度较高的产品安全漏洞(20260323-20260329)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247496809&idx=2&sn=bfe39e048853c801b423b3c8d8b6b845) - Desync InfoSec - [ ] [Apache ActiveMQ漏洞导致LockBit勒索软件攻击事件分析](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247489546&idx=1&sn=c5c6a044f6ddc321b2897d9ce70a3c9b) - Troy Hunt's Blog - [ ] [HIBP Mega Update: Passkeys, k-Anonymity Searches, Massive Speed Enhancements and a Bulk Domain Verification API](https://www.troyhunt.com/passkeys-k-anonymity-searches-massive-speed-enhancements-bulk-domain-verification-api/) - Lenny Zeltser - [ ] [Security Governance at the Speed of Vibe Coding](https://zeltser.com/security-governance-vibe-coding) - Schneier on Security - [ ] [Apple’s Camera Indicator Lights](https://www.schneier.com/blog/archives/2026/03/apples-camera-indicator-lights.html) - 希潭实验室 - [ ] [第158篇:某AI IDE智能体越权劫持会话+提示词注入导致命令执行](https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247488268&idx=1&sn=40970694de8f1f03dbfe068a2eee681f) - 吾爱破解论坛 - [ ] [【2026春节领红包】解题过程,纯手工分析(第八题、第十题未解出](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651144146&idx=1&sn=46f307dd70f4af1ffac9fc85baac5313) - The Hacker News - [ ] [OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability](https://thehackernews.com/2026/03/openai-patches-chatgpt-data.html) - [ ] [DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials](https://thehackernews.com/2026/03/deepload-malware-uses-clickfix-and-wmi.html) - [ ] [⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More](https://thehackernews.com/2026/03/weekly-recap-telecom-sleeper-cells-llm.html) - [ ] [3 SOC Process Fixes That Unlock Tier 1 Productivity](https://thehackernews.com/2026/03/3-soc-process-fixes-that-unlock-tier-1.html) - [ ] [Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels](https://thehackernews.com/2026/03/russian-ctrl-toolkit-delivered-via.html) - [ ] [The State of Secrets Sprawl 2026: 9 Takeaways for CISOs](https://thehackernews.com/2026/03/the-state-of-secrets-sprawl-2026-9.html) - [ ] [Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign](https://thehackernews.com/2026/03/three-china-linked-clusters-target.html) - Deeplinks - [ ] [EFF's Cindy Cohn on The Daily Show! Tonight Monday, March 30](https://www.eff.org/deeplinks/2026/03/effs-cindy-cohn-daily-show-tonight-monday-march-30) - [ ] [UK Politicians Continue to Miss the Point in Latest Social Media Ban Proposal](https://www.eff.org/deeplinks/2026/03/uk-politicians-continue-miss-point-latest-social-media-ban-proposal) - The Register - Security - [ ] [OpenAI patches ChatGPT flaw that smuggled data over DNS](https://go.theregister.com/feed/www.theregister.com/2026/03/30/openai_chatgpt_dns_data_snuggling_flaw/) - [ ] [Telnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach](https://go.theregister.com/feed/www.theregister.com/2026/03/30/telnyx_pypi_supply_chain_attack_litellm/) - [ ] [Citrix NetScaler bug exploited in days, may be multiple flaws in a trench coat](https://go.theregister.com/feed/www.theregister.com/2026/03/30/citrix_netscaler_flaw/) - [ ] [European Commission admits attackers broke into public web systems, but says little else](https://go.theregister.com/feed/www.theregister.com/2026/03/30/european_commission_breach/) - [ ] [Security contractor blew the whistle on support crew's viral indifference](https://go.theregister.com/feed/www.theregister.com/2026/03/30/who_me/) - [ ] [US foreign router ban criticized for being ‘industrial policy disguised as cybersecurity’](https://go.theregister.com/feed/www.theregister.com/2026/03/30/professor_criticizes_fcc_router_ban/) - Security Affairs - [ ] [China-Linked groups target Southeast Asian government with advanced malware in 2025](https://securityaffairs.com/190174/apt/china-linked-groups-target-southeast-asian-government-with-advanced-malware-in-2025.html) - [ ] [It’s a mystery … alleged unpatched Telegram zero-day allows device takeover, but Telegram denies](https://securityaffairs.com/190167/security/its-a-mystery-alleged-unpatched-telegram-zero-day-allows-device-takeover-but-telegram-denies.html) - [ ] [Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution](https://securityaffairs.com/190158/security/critical-fortinet-forticlient-ems-flaw-exploited-for-remote-code-execution.html) - [ ] [New macOS Infinity Stealer uses Nuitka Python payload and ClickFix](https://securityaffairs.com/190147/security/new-macos-infinity-stealer-uses-nuitka-python-payload-and-clickfix.html) - [ ] [Russia-linked APT TA446 uses DarkSword exploit to target iPhone users in phishing wave](https://securityaffairs.com/190139/apt/russia-linked-apt-ta446-uses-darksword-exploit-to-target-iphone-users-in-phishing-wave.html) - Trend Micro Research, News and Perspectives - [ ] [TeamPCP’s Telnyx Attack Marks a Shift in Tactics Beyond LiteLLM](https://www.trendmicro.com/en_us/research/26/c/teampcp-telnyx-attack-marks-a-shift-in-tactics.html) - DEFION Research Labs - [ ] [Ruckus Unleashed: Multiple vulnerabilities exploited](/en/research-labs/ruckus-unleashed-multiple-vulnerabilities-exploited) - [ ] [Pwn2Own Automotive 2024: Hacking the Autel MaxiCharger](/en/research-labs/pwn2own-automotive-2024-hacking-the-autel-maxicharger) - [ ] [Pwn2Own Automotive 2024: Hacking the JuiceBox 40](/en/research-labs/pwn2own-automotive-2024-hacking-the-juicebox-40) - [ ] [Pwn2Own Automotive 2024: Hacking the ChargePoint Home Flex (and their cloud...)](/en/research-labs/pwn2own-automotive-2024-hacking-the-chargepoint-home-flex-and-their-cloud) - [ ] [DoNex/DarkRace Ransomware Decryptor](/en/research-labs/donex-darkrace-ransomware-decryptor) - [ ] [CVE-2024-20693: Windows cached code signature manipulation](/en/research-labs/cve-2024-20693-windows-cached-code-signature-manipulation) - [ ] [Bringing process injection into view(s): exploiting all macOS apps using nib files](/en/research-labs/bringing-process-injection-into-view-s-exploiting-all-macos-apps-using-nib-files) - [ ] [Don’t Talk All at Once! Elevating Privileges on macOS by Audit Token Spoofing](/en/research-labs/don-t-talk-all-at-once-elevating-privileges-on-macos-by-audit-token-spoofing) - [ ] [Getting SYSTEM on Windows in style](/en/research-labs/getting-system-on-windows-in-style) - [ ] [Technical analysis of the Genesis Market](/en/research-labs/technical-analysis-of-the-genesis-market) - [ ] [Bad things come in large packages: .pkg signature verification bypass on macOS](/en/research-labs/bad-things-come-in-large-packages-pkg-signature-verification-bypass-on-macos) - [ ] [Pwn2Own Miami 2022: ICONICS GENESIS64 Arbitrary Code Execution](/en/research-labs/pwn2own-miami-2022-iconics-genesis64-arbitrary-code-execution) - [ ] [Pwn2Own Miami 2022: Unified Automation C++ Demo Server DoS](/en/research-labs/pwn2own-miami-2022-unified-automation-c-demo-server-dos) - [ ] [Pwn2Own Miami 2022: AVEVA Edge Arbitrary Code Execution](/en/research-labs/pwn2own-miami-2022-aveva-edge-arbitrary-code-execution) - [ ] [Process injection: breaking all macOS security layers with a single vulnerability](/en/research-labs/process-injection-breaking-all-macos-security-layers-with-a-single-vulnerability) - [ ] [Pwn2Own Miami 2022: Inductive Automation Ignition Remote Code Execution](/en/research-labs/pwn2own-miami-2022-inductive-automation-ignition-remote-code-execution) - [ ] [Pwn2Own Miami 2022: OPC UA .NET Standard Trusted Application Check Bypass](/en/research-labs/pwn2own-miami-2022-opc-ua-net-standard-trusted-application-check-bypass) - [ ] [CoronaCheck App TLS certificate vulnerabilities](/en/research-labs/coronacheck-app-tls-certificate-vulnerabilities) - [ ] [Sandbox escape + privilege escalation in StorePrivilegedTaskService](/en/research-labs/sandbox-escape-privilege-escalation-in-storeprivilegedtaskservice) - [ ] [Proctorio Chrome extension Universal Cross-Site Scripting](/en/research-labs/proctorio-chrome-extension-universal-cross-site-scripting) - [ ] [Zoom RCE from Pwn2Own 2021](/en/research-labs/zoom-rce-from-pwn2own-2021) - [ ] [Adobe Acrobat privilege escalation](/en/research-labs/adobe-acrobat-privilege-escalation) - [ ] [iOS VPN support: 3 different bugs](/en/research-labs/ios-vpn-support-3-different-bugs) - [ ] [Sign in with Apple - authentication bypass](/en/research-labs/sign-in-with-apple-authentication-bypass) - [ ] [Jenkins - authentication bypass](/en/research-labs/jenkins-authentication-bypass) - [ ] [DNS rebinding for HTTPS](/en/research-labs/dns-rebinding-for-https) - [ ] [Spring Security - insufficient cryptographic randomness](/en/research-labs/spring-security-insufficient-cryptographic-randomness) - [ ] [XenServer - path traversal leading to authentication bypass](/en/research-labs/xenserver-path-traversal-leading-to-authentication-bypass) - [ ] [Volkswagen Auto Group MIB infotainment system - unauthenticated remote code execution as root](/en/research-labs/volkswagen-auto-group-mib-infotainment-system-unauthenticated-remote-code-execution-as-root) - [ ] [NAPALM - command execution on NAPLM controller from host](/en/research-labs/napalm-command-execution-on-naplm-controller-from-host) - [ ] [MySQL Connector/J - Unexpected deserialisation of Java objects](/en/research-labs/mysql-connector-j-unexpected-deserialisation-of-java-objects) - [ ] [Ansible - command execution on Ansible controller from host](/en/research-labs/ansible-command-execution-on-ansible-controller-from-host) - [ ] [Observium - unauthenticated remote code execution](/en/research-labs/observium-unauthenticated-remote-code-execution) - [ ] [cSRP/srpforjava - obtaining of hashed passwords](/en/research-labs/csrp-srpforjava-obtaining-of-hashed-passwords) - [ ] [StartEncrypt - obtaining valid SSL certificates for unauthorized domains](/en/research-labs/startencrypt-obtaining-valid-ssl-certificates-for-unauthorized-domains) - TorrentFreak - [ ] [Judge Allows BitTorrent Seeding Claims Against Meta, Despite Lawyers ‘Lame Excuses’](https://torrentfreak.com/judge-allows-bittorrent-seeding-claims-against-meta-despite-lawyers-lame-excuses/) - Security Weekly Podcast Network (Audio) - [ ] [Oops, all Interviews: Switching to Cyber, CISO Reflections, and the State of TPCRM - Alexandre Sieira, Lenny Zeltser, Helen Patton - ESW #452](http://sites.libsyn.com/18678/oops-all-interviews-switching-to-cyber-ciso-reflections-and-the-state-of-tpcrm-alexandre-sieira-lenny-zeltser-helen-patton-esw-452) - 网安寻路人 - [ ] [《智能体数据处理安全要求》国标制定申请的初步思考](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247508207&idx=1&sn=df426e0315fa79bc1ea67932b8274a41)
每日安全资讯(2026-03-31)