# 每日安全资讯(2025-11-29) - Private Feed for M09Ic - [ ] [pydantic released v1.25.1 at pydantic/pydantic-ai](https://github.com/pydantic/pydantic-ai/releases/tag/v1.25.1) - [ ] [LloydLabs starred GoogleContainerTools/distroless](https://github.com/GoogleContainerTools/distroless) - [ ] [bolucat released 202511281935 at bolucat/Archive](https://github.com/bolucat/Archive/releases/tag/202511281935) - [ ] [mgeeky starred Cobalt-Strike/sleepmask-vs](https://github.com/Cobalt-Strike/sleepmask-vs) - [ ] [ManassehZhou starred pocket-id/pocket-id](https://github.com/pocket-id/pocket-id) - [ ] [LloydLabs starred nats-io/nats-kafka](https://github.com/nats-io/nats-kafka) - [ ] [kpcyrd forked kpcyrd/rebuilderd-setup-tutorial from johannesst/rebuilderd-setup-tutorial](https://github.com/kpcyrd/rebuilderd-setup-tutorial) - [ ] [safedv starred monsieurPale/RSA-Backdoor](https://github.com/monsieurPale/RSA-Backdoor) - [ ] [ourren starred zast-ai/zast-extension](https://github.com/zast-ai/zast-extension) - [ ] [gh0stkey starred jrmdev/mitm_relay](https://github.com/jrmdev/mitm_relay) - [ ] [esrrhs starred Tencent/tquic](https://github.com/Tencent/tquic) - [ ] [pydantic released v1.25.0 at pydantic/pydantic-ai](https://github.com/pydantic/pydantic-ai/releases/tag/v1.25.0) - [ ] [Rvn0xsy starred ntop/n2n](https://github.com/ntop/n2n) - [ ] [gh0stkey starred appneta/tcpreplay](https://github.com/appneta/tcpreplay) - [ ] [ourren starred simon-p-j-r/LLM4Pentest](https://github.com/simon-p-j-r/LLM4Pentest) - [ ] [panjf2000 starred ebitengine/purego](https://github.com/ebitengine/purego) - 奇安信攻防社区 - [ ] [黑灰产从绕过到自建“无约束”的AI模型过程](https://forum.butian.net/share/4652) - SecWiki News - [ ] [SecWiki News 2025-11-28 Review](http://www.sec-wiki.com/?2025-11-28) - Doonsec's feed - [ ] [每周文章分享-238](https://mp.weixin.qq.com/s?__biz=MzI1MTQwMjYwNA==&mid=2247503008&idx=1&sn=b38761f6714452627927293a0be5f985) - [ ] [RuBee:隐匿于军工与核设施的小众无线协议](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451183872&idx=1&sn=cfb48fa5fc46313a7a6f224b2c5d2f8c) - [ ] [未来的AI时代可能是怎样的?](https://mp.weixin.qq.com/s?__biz=MzA4NzA5OTYzNw==&mid=2247484739&idx=1&sn=f0c86cdd6e5246f4185de2387afcea89) - [ ] [金蝶云星空CommonFileServer接口存在任意文件读取漏洞 附POC](https://mp.weixin.qq.com/s?__biz=MzIxMjEzMDkyMA==&mid=2247489626&idx=1&sn=e4ff68840a05df4bd3d70967f5ff1c44) - [ ] [学术年会 | 马建峰教授确认出席2025年网络空间安全学术会议并作大会主旨报告](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247506616&idx=1&sn=53ed752e651f14e9cf78823c331a4b9c) - [ ] [12月6日专题会议 | 数字取证](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247506616&idx=2&sn=713999c776a45019fa135a1d6d6cad6a) - [ ] [12月7日专题会议 | 第46期中国电子学会网络空间安全主题青年人才托举沙龙](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247506616&idx=3&sn=773288fc65db56d1a6385e45ca46e538) - [ ] [教你如何看懂反病毒报告(三)](https://mp.weixin.qq.com/s?__biz=MzI2MzM0NjcxNw==&mid=2247485688&idx=1&sn=2c8066f311656a7ed35b411f91fa4953) - [ ] [分享一下10年网络安全成长历程(打基础篇)](https://mp.weixin.qq.com/s?__biz=MjM5MzI3NzE4NA==&mid=2257484469&idx=1&sn=16085aa73b1843a88282eca577b2739c) - [ ] [【高危漏洞预警】Ray AI计算引擎远程代码执行漏洞CVE-2025-62593](https://mp.weixin.qq.com/s?__biz=MzI3NzMzNzE5Ng==&mid=2247491055&idx=1&sn=f15d0d3aa805fe81ac9293dd5b16248d) - [ ] [论国内渗透专家标配,还得是CISP-PTS](https://mp.weixin.qq.com/s?__biz=MzIxNTM4NDY2MQ==&mid=2247519130&idx=1&sn=4b0a201dc08307378f5aa99c7821e0c6) - [ ] [Windows任务计划及其COM组件](https://mp.weixin.qq.com/s?__biz=MzkyODUzMjEzOA==&mid=2247484028&idx=1&sn=5f934602032d7f264dcda59dc957b177) - [ ] [LoopLLM:大模型Token能耗攻击新路径](https://mp.weixin.qq.com/s?__biz=MzU0NDI5NTY4OQ==&mid=2247486497&idx=1&sn=fa2d0a1245940a6ec66c8c3c563dc91a) - [ ] [37.8万!融达期货RPA自动化系统采购项目](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653933012&idx=1&sn=27880d8427abb3e366c74f4a3ad887bb) - [ ] [新华时代单一中!中行人工智能大模型应用场景配套算力设备采购项目](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653933012&idx=2&sn=a6d3df8b4074640f9ee058820d77a3fc) - [ ] [分享的图片、视频、链接](https://mp.weixin.qq.com/s?__biz=MzI5NTQ3NzIxMw==&mid=2247485815&idx=1&sn=89f7014011be8a59aa7d7505103bc30c) - [ ] [全球 11 家类似思科的网络公司有哪些?](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247532341&idx=1&sn=be87cbf309126adcf815430156f2da11) - [ ] [非涉密政务信息系统明确密评要求!](https://mp.weixin.qq.com/s?__biz=MzU1ODM1Njc1Ng==&mid=2247498418&idx=1&sn=b88d3b5598beb5b61e50a0de670f1083) - [ ] [ctftools-all-in-oneV8.6研发进度、ctfpwn-all-in-one研发进度](https://mp.weixin.qq.com/s?__biz=MzI1NzUxOTUzMA==&mid=2247486415&idx=1&sn=fa3c5f5be1f7a6b43f599de700cdd4a3) - [ ] [覆盖 charsets.jar 打内存马脚本](https://mp.weixin.qq.com/s?__biz=MzkwMzQyMTg5OA==&mid=2247488896&idx=1&sn=1852ec9d72950b153f5d822fec7c7e9d) - [ ] [公众号(H5)、小程序、云函数的动调方案](https://mp.weixin.qq.com/s?__biz=MzI3NjM2ODA2Mg==&mid=2247486406&idx=1&sn=54706729f7c96bf99c0bc09131ca25ad) - [ ] [Antigravity 停飞!Google 最新 IDE 中的安全漏洞](https://mp.weixin.qq.com/s?__biz=MzkzNzM1MTcwMA==&mid=2247490536&idx=1&sn=dbb9da8c2b79da55d99d0ac1e120df1d) - [ ] [东方通TongWeb反序列化漏洞分析](https://mp.weixin.qq.com/s?__biz=MzkxNzUxMjU5OQ==&mid=2247485589&idx=1&sn=0aec0d0ad71583176b2325c99e90e35f) - [ ] [【会议活动】基础软件质量控制与技术评价工业和信息化部重点实验室2025年度学术委员会会议在京隆重召开](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649256241&idx=1&sn=a4c2d3c09cc1a7f20ec19234ba28aaf0) - [ ] [初赛收官!2025 智能机器人大赛初赛亮点直击](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649256241&idx=2&sn=c20972f2a2a716c32288294fc619b4b6) - [ ] [关于征集机器人智能化与信息安全领域国家标准项目建议的通知](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649256241&idx=3&sn=0d638832a30acb79e47502ff5ee95c7a) - [ ] [碳核查中风险评估必知的五大步骤(中)](https://mp.weixin.qq.com/s?__biz=MjM5NzYwNDU0Mg==&mid=2649256241&idx=4&sn=6bfa242f3c4d5ef28b2456629a3ee1bc) - [ ] [Z0扫描器架构解析:从指纹到二级参数解析的实践](https://mp.weixin.qq.com/s?__biz=Mzk0NjQ2NzQ0Ng==&mid=2247485184&idx=1&sn=a633224ff4e2625614e34c842160a54b) - [ ] [内网综合渗透靶场一(下) 附靶场环境](https://mp.weixin.qq.com/s?__biz=MzI5NDg0ODkwMQ==&mid=2247487328&idx=1&sn=44eefd5938726b3466b14a12b48589da) - [ ] [漏洞预警 | Cursor远程代码执行漏洞(CVE-2025-62354)](https://mp.weixin.qq.com/s?__biz=Mzk3NTE5NTI0OQ==&mid=2247484700&idx=1&sn=df5d841601a01cf413097400a672a53f) - [ ] [域控策略文件获取域控密码](https://mp.weixin.qq.com/s?__biz=MzA3NTc0MTA1Mg==&mid=2664712627&idx=1&sn=9187390bf06dbbce1b838ca960e1fac4) - [ ] [【大话工控安全】工业控制系统基础知识之常见工业协议家族电力专用协议IEC104、IEC61850(二)](https://mp.weixin.qq.com/s?__biz=MzI0MzM3NTQ5MA==&mid=2247485228&idx=1&sn=be74c1eafb068f931657c39dcfa4e88e) - [ ] [移动安全之以逆向角度管中窥豹海外风控机制](https://mp.weixin.qq.com/s?__biz=MzU0MjUwMTA2OQ==&mid=2247486891&idx=1&sn=d7620f4cdcde3d1c17eb180dea8eb74b) - [ ] [让Trae SOLO自主发挥,看看能做出个啥项目](https://mp.weixin.qq.com/s?__biz=MzkwODQyMjgwNg==&mid=2247485765&idx=1&sn=6c66b40bdfd771834eb08d955d8923a2) - [ ] [MCPZoo 主页上线|让 MCP 生态第一次“看得见、摸得着”](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247496800&idx=1&sn=35a999bbecd497423efd7975645e93e1) - [ ] [年终福利领取 | 本年度最后一期DPO数据保护官,12月6日开课](https://mp.weixin.qq.com/s?__biz=MzU4MjUxNjQ1Ng==&mid=2247525852&idx=1&sn=fd152c364f03e0fa3d79d9d8efe12a09) - [ ] [fastjson0day报名直接送](https://mp.weixin.qq.com/s?__biz=Mzg5ODgxMTIzMg==&mid=2247483959&idx=1&sn=ac901f670ce7e23f53baad513f2b64ad) - [ ] [【AI安全】Strix安全测试AI神器](https://mp.weixin.qq.com/s?__biz=MzkxNzU2NDgxNQ==&mid=2247484095&idx=1&sn=2a560532d858f334d3cba4bd141f2de4) - [ ] [赏金猎人必备技能:手把手带你拆解SQL注入(上篇)](https://mp.weixin.qq.com/s?__biz=MjM5MzM0MTY4OQ==&mid=2447797447&idx=1&sn=ceec7bbbbec6238dbb96df6f72254647) - [ ] [我们开通小红书啦!](https://mp.weixin.qq.com/s?__biz=MjM5NTU4NjgzMg==&mid=2651448795&idx=1&sn=473dd46fa1addd4bdec5ce09b95c3ddd) - [ ] [【协会风采】副会长单位:厦门源昌城建集团有限公司](https://mp.weixin.qq.com/s?__biz=MjM5NTU4NjgzMg==&mid=2651448795&idx=2&sn=58d25a9b21652a4328db8da5fab35694) - [ ] [记一次 Tor 浏览器后门分析过程](https://mp.weixin.qq.com/s?__biz=Mzk3NTM5MDA5MA==&mid=2247483775&idx=1&sn=614982871c2c44f8193cdb4fb7511911) - [ ] [新品|磁盘清理工具 BuhoCleaner,跨平台 HTTP 开发工具 Reqable 上架!](https://mp.weixin.qq.com/s?__biz=MzI2MjcwMTgwOQ==&mid=2247492779&idx=1&sn=d53d1d968ec0b0a1fc3e81621c72337a) - [ ] [深度丨仪综所等:工业控制系统网络安全需求分析和技术趋势](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247536151&idx=1&sn=877e84e527d3d6bdc804164b9b41ab76) - [ ] [荐读丨全球多个AI集群遭AI恶意软件劫持,被改造成挖矿僵尸网络](https://mp.weixin.qq.com/s?__biz=MzI2MDk2NDA0OA==&mid=2247536151&idx=2&sn=ad4c27d1584c2b7b42adcac0c91174fc) - [ ] [专题·低空经济安全 | 低空经济数智化转型的网络安全与国际化治理路径](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664254130&idx=1&sn=f4f5a68bb300772fec1a12bc52911224) - [ ] [通知 | 国家能源局组织开展“人工智能+”能源试点工作](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664254130&idx=2&sn=ee54298e43e873b7e3898c47f64d5038) - [ ] [关注 | 市场监管总局集中发布第四批直播电商领域典型案例](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664254130&idx=3&sn=b7a9328751fcb1ec70c3ac0d627fb025) - [ ] [发布 | 中国信通院发布《数据要素发展报告(2025年)》(附下载)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664254130&idx=4&sn=004518e252db70a50527d62e09bc9663) - [ ] [CertiK与WEMADE携手启动全球韩元稳定币联盟](https://mp.weixin.qq.com/s?__biz=MzU5OTg4MTIxMw==&mid=2247504839&idx=1&sn=0e49b19f11e978e5515a8614e4a25b35) - [ ] [Intent本地拒绝服务漏洞](https://mp.weixin.qq.com/s?__biz=MzU1ODk1MzI1NQ==&mid=2247493293&idx=1&sn=1d3b8f8b59cbaf3a85b917e54a2c4815) - [ ] [国家金融与发展实验室杨涛:“3+12+X”测评体系规范金融大模型选型与应用](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653933011&idx=1&sn=94106259d71ee606be459cd900d65aff) - [ ] [AI快讯:港交所已将AI用于日常办公,中国开源AI模型下载量首超美国,DeepSeekMath‑V2模型推出](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653933011&idx=2&sn=af2c7b3aeaef97c756fe2b82052be1b9) - [ ] [中信银行信用卡中心招AI产品经理岗](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653933011&idx=3&sn=a7db4f1c0ae35f99e6dbe77b6164f02c) - [ ] [190万!天津银行数据中心机房AI智能改造提升项目](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653933011&idx=4&sn=0232a09cab02490d4127e7a8ba50d8d8) - [ ] [聊聊LNK文件在授权安全测试中的一点应用](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651331296&idx=2&sn=e9c6770a3adddb26864007756ebedede) - [ ] [教育部财政部烟草总局密集预警仿冒诈骗 首批涉诈网址清单曝光](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247629921&idx=2&sn=a33e772aa0983d3b98defe13b3e05376) - [ ] [勇夺魁首!启明星辰斩获“供应链安全挑战赛”团队赛一等奖](https://mp.weixin.qq.com/s?__biz=MzA3NDQ0MzkzMA==&mid=2651735044&idx=1&sn=85f5aada056e0044d5e89950b3c4d345) - [ ] [勒索攻击防御:为何基于 TTP 的行为检测胜过传统指标追踪](https://mp.weixin.qq.com/s?__biz=MzIwNjYwMTMyNQ==&mid=2247493585&idx=1&sn=acb0f3e01cc47fe659d3b9926fa5f18a) - [ ] [荣耀再续!江南信安通过国家级专精特新“小巨人”企业复核](https://mp.weixin.qq.com/s?__biz=MzA4MTE0MTEwNQ==&mid=2668670854&idx=1&sn=cd459ab0c2736c0a198db48f4aa33a41) - [ ] [安全资讯汇总:2025.11.24-2025.11.28](https://mp.weixin.qq.com/s?__biz=MzA4MTE0MTEwNQ==&mid=2668670854&idx=2&sn=87c191a287719bfbf15181428cf950b3) - [ ] [烽火狼烟丨暗网数据及攻击威胁情报分析周报(11/24-11/28)](https://mp.weixin.qq.com/s?__biz=Mzk0NjMxNTgyOQ==&mid=2247484825&idx=1&sn=c4553ffa24830ea8a4375ce8e5f93c23) - [ ] [网络安全信息与动态周报2025年第47期(11月17日-11月23日)](https://mp.weixin.qq.com/s?__biz=Mzk0NjMxNTgyOQ==&mid=2247484825&idx=2&sn=44b752909c1a74153eaaa0b0e9aec1fe) - [ ] [第三方供应商导致OpenAI客户数据遭泄露](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247524535&idx=1&sn=b7fe9e8a785380e376468375bde77bce) - [ ] [Python遗留包中易受攻击代码可用于攻击PyPI](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247524535&idx=2&sn=7e176ec2a38d6df2d5cc3ecae45cdffa) - [ ] [OpenAI承认数据泄露事件:合作伙伴遭钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651331296&idx=1&sn=2691f3061ffd83eb25a9ab5b5e77d0b2) - [ ] [攻击者利用物联网漏洞部署新型ShadowV2恶意软件](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651331296&idx=3&sn=13b59c62185fa7245c93506d7bcf9d1a) - [ ] [遗留Python包中的漏洞代码可通过域名劫持攻击Python包索引](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651331296&idx=4&sn=ae9c319b0b73d7888bb0e4af8b227255) - [ ] [ChatGPT开发者数据泄露,但是OpenAI说没被黑](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515274&idx=1&sn=6825b5dc2993e4b771a7f760f3624fb7) - [ ] [网络与数据安全十大系统性法律问题](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515274&idx=2&sn=f8dfda8b293073a10a304ff34b81de7e) - [ ] [安全动态丨网络空间安全动态第301期](https://mp.weixin.qq.com/s?__biz=MzU2MjcwOTY1Mg==&mid=2247522103&idx=1&sn=813e2cebef939f163026faad431114da) - [ ] [每周网络安全简讯 ( 2025年 第48周 )](https://mp.weixin.qq.com/s?__biz=MzU2MjcwOTY1Mg==&mid=2247522103&idx=2&sn=4550be200b67c3495e917f1488ff9b2e) - [ ] [北非零售新标杆!华为星河AI融合SASE解决方案护航摩洛哥Marjane零售业务高速发展](https://mp.weixin.qq.com/s?__biz=MzAwODU5NzYxOA==&mid=2247506699&idx=1&sn=22e310a693d008cd4a4777bff3de8cc0) - [ ] [ISC2认证过期?带您了解如何恢复认证](https://mp.weixin.qq.com/s?__biz=MzUzNTg4NDAyMg==&mid=2247493394&idx=1&sn=ea6cc0ac9e8696c441f91e14ee7bf084) - [ ] [【漏洞通告】Cursor远程代码执行漏洞(CVE-2025-62354)](https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247489427&idx=1&sn=0de2d32a84d3e3685723814776d55971) - [ ] [Gartner®首次发布中国DLP市场指南,腾讯云零信任iOA入选代表厂商](https://mp.weixin.qq.com/s?__biz=Mzg5OTE4NTczMQ==&mid=2247528657&idx=1&sn=7d9ac906c2b4f2dd8d3d9a70b944bff0) - [ ] [首届AI安全挑战赛,全球白帽集结,360SRC邀您上海GDPS开战!](https://mp.weixin.qq.com/s?__biz=MzkzOTIyMzYyMg==&mid=2247495674&idx=1&sn=9b536022292e0a31c194f674302f14d9) - [ ] [单位网络安全等级保护备案实操指南:从定级到备案落地](https://mp.weixin.qq.com/s?__biz=Mzg3MTU1MTIzMQ==&mid=2247498023&idx=1&sn=8c40499cd50fb483fedd66f4fd0c4e3e) - [ ] [2025年北京市职工数据安全管理员职业技能决赛成功举办 顶尖选手同台竞技,共筑首都数据安全防线](https://mp.weixin.qq.com/s?__biz=Mzg3MTU1MTIzMQ==&mid=2247498023&idx=2&sn=39309b3461c16acd951ad133b04fd05d) - [ ] [2025年11月份网络安全态势感知月报](https://mp.weixin.qq.com/s?__biz=MzUyMjAyODU1NA==&mid=2247492867&idx=1&sn=3e3956fa897f827ad0fbd314defc3676) - [ ] [第五届网络空间内生安全学术大会在宁开幕——聚焦AI安全可信应用 为“AI+”产业保驾护航](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247534952&idx=1&sn=1dab8c88e16d889c2da453f7d8f8dd48) - [ ] [论坛即将开始,邀您现场参加:数字生态供应链安全论坛](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247534952&idx=2&sn=a2fa83bedd4f3f3db4e82aabb6c4ab36) - [ ] [日本朝日集团控股:网络安全事件致近 200 万份个人信息面临泄露风险](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247543319&idx=1&sn=364a2bb12a9ccb1211d3095f8958f5d1) - [ ] [合合信息入选“科创板价值50强”,多模态文本智能技术助推AI应用升级](https://mp.weixin.qq.com/s?__biz=MzAxMzg0NjY2NA==&mid=2247493712&idx=1&sn=53f05cc6689c15b9a2670d44d0d30d83) - [ ] [启信宝发布《全国产业集群大全》哈尔滨篇:2300家企业织就冰雪产业网](https://mp.weixin.qq.com/s?__biz=MzAxMzg0NjY2NA==&mid=2247493712&idx=2&sn=7eb69db2075ce33d924eef8f95b3ec9b) - [ ] [网络安全法迎重要更新!2026xa0年起实施,这些变化与你我息息相关](https://mp.weixin.qq.com/s?__biz=MzU0NDkyNTQ2OA==&mid=2247486317&idx=1&sn=66e957a8c5ed548173047e4293ed1b4d) - [ ] [电子文档保密管理指南,这些要点须牢记!](https://mp.weixin.qq.com/s?__biz=MzkzNjIzMjM5Ng==&mid=2247493319&idx=1&sn=909eea55458282224d97f5371f382418) - [ ] [每周蓝军技术推送(2025.11.22-11.28)](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494527&idx=1&sn=759b1af89b6caaccc7783031bc8246cb) - [ ] [关于 Python 版本的简要说明](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649472481&idx=1&sn=71bf532b8d3b3319a7f4c16d6621b216) - [ ] [什么是安全启动?](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247563372&idx=1&sn=47f4059f0a3b319f70861f1cbd98eb1e) - [ ] [爆料!原东风奕派营销事业部总经理余飞已低调入职奇瑞](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247563372&idx=2&sn=df8f3cb9b7323fa7e88c85ada4a73a03) - [ ] [解读中国汽车数据出境安全合规要求与指引(附回看)丨谈思AutoSec直播课](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247563372&idx=3&sn=cac77a7473d65fd7ff05558426d82391) - [ ] [xVMP项目分析(基于LLVM的VMP实现)](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458604601&idx=1&sn=a16a91ea3424a8b809cefcde896f4764) - [ ] [本周职位更新!速速投简历](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458604601&idx=2&sn=79164f11db318adba20a898e49ac6e9b) - [ ] [新曝Next.js未授权DoS漏洞,可一键击溃服务器](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458604601&idx=3&sn=35dd5bd4c71a05d1a770635c98edf0ec) - [ ] [一周回顾:从云服务到公共警报系统,网安防线接连被“击穿”](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247629921&idx=1&sn=f50371eb7bb4c1696e4b71e988ead679) - [ ] [日本朝日集团公开道歉](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247583087&idx=1&sn=9184f9b3bcc297aa2df74e92491bde24) - [ ] [通知 | 网安标委就个人信息识别、去标识化、匿名化等3项网络安全标准实践指南公开征求意见](https://mp.weixin.qq.com/s?__biz=MzkyNDUyNzU1MQ==&mid=2247489095&idx=1&sn=90c040821fb61b0d2777f7f3569e7b55) - [ ] [松颢科技正式加入武汉市网络安全协会](https://mp.weixin.qq.com/s?__biz=MzA3OTEyODAxMw==&mid=2247510803&idx=1&sn=bbef058dbf9cd4f3d9aab31a62392e8d) - [ ] [市科创局关于2025年度第二批武汉市重点研发计划拟立项项目的公示](https://mp.weixin.qq.com/s?__biz=MzA3OTEyODAxMw==&mid=2247510803&idx=2&sn=162341fd6d80cd46419841ec3ae89c75) - [ ] [告别手敲命令,证书一键生成!](https://mp.weixin.qq.com/s?__biz=Mzk0MTM4NzIxMQ==&mid=2247529146&idx=1&sn=9d20f2b391b2761bb0dda864ab8f6c20) - [ ] [足不出户看“世界”,浏览器黑客就是爽](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247556844&idx=1&sn=525778243ebfb6f045d21a1f3082d15b) - [ ] [【免费领】全网最详尽的漏洞挖掘实战技巧大全](https://mp.weixin.qq.com/s?__biz=MzkxNTIwNTkyNg==&mid=2247556844&idx=2&sn=2a18bcce1553d9801df6f48c92aad23f) - [ ] [2025必看系列:AI如何重新定义研究?万字长文讲透Deep Research](https://mp.weixin.qq.com/s?__biz=MjM5ODYwMjI2MA==&mid=2649796931&idx=1&sn=442cd53a6dc24397f47b75d8008280aa) - [ ] [小模型的大智慧:思考Agentic AI安全实战中的推理效率革命](https://mp.weixin.qq.com/s?__biz=Mzg4Njk4MDQ4MQ==&mid=2247483900&idx=1&sn=1d39151c8e24492483262902b9d7b6d3) - [ ] [逍遥安全实验室,今天起正式改名!](https://mp.weixin.qq.com/s?__biz=Mzk0NTc2MTMxNQ==&mid=2247485074&idx=1&sn=8985008f534ab08918e4928c159a0727) - [ ] [火绒小问答——「企业版」中心/终端如何进行安装部署](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247528076&idx=1&sn=f1c45635555ce4d7c86e220640b4125c) - [ ] [【火绒安全周报】公安破获窃密串标案/涉密电脑违规联网导致泄密](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247528076&idx=2&sn=ff76b9d8786082dd74789bad0e1d2d30) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247528076&idx=3&sn=99ea8edab75c899bb014233d934903bc) - [ ] [净网—2025| 网站未按规定审核,导致违法信息传播,网警依法处罚](https://mp.weixin.qq.com/s?__biz=MzAxOTU4ODM2Nw==&mid=2651179974&idx=1&sn=e5a2e9c224517a3257a7399ecc646876) - [ ] [大模型应用频现重大事故,责任归属与治理困局如何破局?](https://mp.weixin.qq.com/s?__biz=MjM5NzA3Nzg2MA==&mid=2649872896&idx=1&sn=98023d897625600021b4fa14ffef9c04) - [ ] [404星链计划 | 项目版本更新](https://mp.weixin.qq.com/s?__biz=MzAxNDY2MTQ2OQ==&mid=2650991031&idx=1&sn=874486d5ab57f3e0523d0a52a08a8a4f) - [ ] [观安信息入选上海市经济和信息化委员会网络和数据安全支撑单位](https://mp.weixin.qq.com/s?__biz=MzIxNDIzNTcxMg==&mid=2247510014&idx=1&sn=805d21f473fe944c0931de65b8500602) - [ ] [APT-C-35(肚脑虫)近期针对巴基斯坦新型木马攻击活动分析](https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247507603&idx=1&sn=af41be456f6393a24771846328e8d7f2) - [ ] [安全动态丨国内外安全动态(11.24-11.28)](https://mp.weixin.qq.com/s?__biz=Mzg5ODU0OTI1NA==&mid=2247486160&idx=1&sn=e61976c642fb283e1ba2f88e01375ef4) - [ ] [行业动态|一周安全行业资讯(11.24-11.28)](https://mp.weixin.qq.com/s?__biz=Mzg5ODU0OTI1NA==&mid=2247486160&idx=2&sn=536073e08cd6a705bc381d9e94aa2975) - [ ] [陕西某公司涉无人机管理平台遭攻击导致数据泄露被罚](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247602505&idx=1&sn=fc7b0da7e0561e95d5f011e68c0905b7) - [ ] [“AI+”时代网络安全挑战升级,如何构建有效新防线?](https://mp.weixin.qq.com/s?__biz=MzkwMTMyMDQ3Mw==&mid=2247602505&idx=2&sn=6f1859a450e6ac3d82280bcf54ac28f4) - [ ] [信息安全漏洞周报【第049期】](https://mp.weixin.qq.com/s?__biz=MzA4MDk4NTIwMg==&mid=2454064440&idx=1&sn=0f05abb5c71fa09d41987be333b56230) - [ ] [企业人员安全意识|员工是第一道安全防线](https://mp.weixin.qq.com/s?__biz=MjM5MTAwNzUzNQ==&mid=2650511750&idx=1&sn=d49c3dd7497b36dee0b4ef22fc5f9d39) - [ ] [超级CSO研修班 | 鲁京辉:AgenticAI时代的安全治理与实践路径](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247647819&idx=1&sn=18dc1f2e7185aaf52d52a76676ec0ec1) - [ ] [巅峰对决,硬核启幕!第八届“强网”拟态防御国际精英挑战赛正式打响](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247647819&idx=2&sn=5bf8a1fce741a43ff41fd721662a1562) - [ ] [免费赠送 | 企业办公安全意识培训科普素材(第四期)](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247647819&idx=3&sn=913bd4fa7768710c30696cd6e69f6ae2) - [ ] [利用弹窗广告非法引流,公安机关侦破一起非法控制计算机信息系统案](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649175180&idx=1&sn=2327a1dfa33eecdf096244bbdfc3bebf) - [ ] [怎样理解前瞻布局未来产业](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649175180&idx=2&sn=2d7220d88ead580cab264ca20fbe983d) - [ ] [银狐恶意样本_WindowEvent.exe](https://mp.weixin.qq.com/s?__biz=MzIxMDAwNzM3MQ==&mid=2247522397&idx=1&sn=3de01d25dc23cbf7363538aa269e9f8c) - [ ] [“共建共治、智护未来” | 第二届华为漏洞管理与应急响应技术大会于深圳成功举办](https://mp.weixin.qq.com/s?__biz=MzI0MTY5NDQyMw==&mid=2247526232&idx=1&sn=a59329238022edbb164a1dd34de6d3cd) - Tenable Blog - [ ] [Cybersecurity Snapshot: What Security Pros’ Are Saying About Exposure Management, Risk Prioritization, Tool Sprawl and More](https://www.tenable.com/blog/cybersecurity-snapshot-what-security-pros-are-saying-about-exposure-management-risk) - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com - [ ] [安全巨头数据泄露事件警示:企业邮件安全该补哪些短板?](https://www.4hou.com/posts/gyml) - [ ] [Shai-Hulud供应链攻击再升级 数百款知名npm包遭恶意篡改](https://www.4hou.com/posts/VW39) - [ ] [年访问量 2600 万的电视盗版流媒体平台Photocall遭联合查处后停运](https://www.4hou.com/posts/OG3G) - paper - Last paper - [ ] [快速响应:在边缘网关利用 IDS 和 LLMs 实现物联网实时入侵推理](https://paper.seebug.org/3419/) - 安全客-有思想的安全新媒体 - [ ] [大规模npm供应链攻击“亡命开关”正驱动恶意软件攻击,其持久化机制依赖特定激活条件](https://www.anquanke.com/post/id/313473) - [ ] [GitLab发布安全更新,修复可导致认证绕过与拒绝服务攻击的多重漏洞](https://www.anquanke.com/post/id/313477) - [ ] [Apache SkyWalking 中存在漏洞,可导致攻击者发起跨站脚本攻击](https://www.anquanke.com/post/id/313482) - [ ] [Next.js服务器存在未授权拒绝服务漏洞,单次请求即可致服务崩溃](https://www.anquanke.com/post/id/313486) - [ ] [高级威胁“Shai Hulud”升级至v2版本,利用GitHub Actions工作流作为攻击载体窃取敏感机密](https://www.anquanke.com/post/id/313468) - [ ] [逾390个被弃用的iCalendar同步域名存在安全隐患,可能导致近400万台设备暴露于安全风险之下](https://www.anquanke.com/post/id/313462) - [ ] [纳闽再保险启用绿色数据中心,实现效能提升与运营成本优化](https://www.anquanke.com/post/id/313459) - [ ] [遗留Python包中的代码漏洞,可通过劫持其依赖域名进而危及整个PyPI软件生态](https://www.anquanke.com/post/id/313453) - [ ] [投资机构TA Associates正式注资Aeris,旨在强化其AI驱动的物联网安全能力](https://www.anquanke.com/post/id/313450) - [ ] [趋势科技发布AI安全套件,以应对日益增长的网络风险](https://www.anquanke.com/post/id/313447) - Verne in GitHub - [ ] [Z-Image-Turbo 高性能 AI 图像生成模型](https://blog.einverne.info/post/2025/11/z-image-turbo.html) - Recent Commits to cve:main - [ ] [Update Fri Nov 28 11:35:31 UTC 2025](https://github.com/trickest/cve/commit/53b5b5fe9fb57c4ed69c26ac378999d701dbe028) - Securelist - [ ] [Tomiris wreaks Havoc: New tools and techniques of the APT group](https://securelist.com/tomiris-new-tools/118143/) - Malwarebytes - [ ] [How CVSS v4.0 works: characterizing and scoring vulnerabilities](https://www.malwarebytes.com/blog/news/2025/11/how-cvss-v4-0-works-characterizing-and-scoring-vulnerabilities) - SentinelOne - [ ] [The Good, the Bad and the Ugly in Cybersecurity – Week 48](https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-48-7/) - 博客园 - 飘渺红尘✨ - [ ] [google tagmanager idor - 飘渺红尘✨](https://www.cnblogs.com/piaomiaohongchen/p/19283283) - 黑海洋Wiki | Web开发工具包 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台 - [ ] [香港阿里小号增强版:无需实名,微信小程序接码,支持eSIM和漫游上网](https://blog.upx8.com/4911) - [ ] [NetExec 网络服务漏洞利用工具](https://blog.upx8.com/4910) - 奇客Solidot–传递最新科技情报 - [ ] [改变推荐算法排名能改变一个人的政治立场](https://www.solidot.org/story?sid=82914) - rtl-sdr.com - [ ] [An Overview of 2025 SDR Black Friday Deals](https://www.rtl-sdr.com/an-overview-of-2025-sdr-black-friday-deals/) - 绿盟科技CERT - [ ] [【漏洞通告】Cursor远程代码执行漏洞(CVE-2025-62354)](https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247489427&idx=1&sn=0de2d32a84d3e3685723814776d55971) - 虎符智库 - [ ] [勒索攻击防御:为何基于 TTP 的行为检测胜过传统指标追踪](https://mp.weixin.qq.com/s?__biz=MzIwNjYwMTMyNQ==&mid=2247493585&idx=1&sn=acb0f3e01cc47fe659d3b9926fa5f18a) - 看雪学苑 - [ ] [xVMP项目分析(基于LLVM的VMP实现)](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458604601&idx=1&sn=a16a91ea3424a8b809cefcde896f4764) - [ ] [本周职位更新!速速投简历](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458604601&idx=2&sn=79164f11db318adba20a898e49ac6e9b) - [ ] [新曝Next.js未授权DoS漏洞,可一键击溃服务器](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458604601&idx=3&sn=35dd5bd4c71a05d1a770635c98edf0ec) - 奇安信 CERT - [ ] [安全热点周报:Oracle Identity Manager 中的严重漏洞正被积极利用](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247504220&idx=1&sn=558289331957486b5fa0f121fa99ceca) - 威努特安全网络 - [ ] [意大利国家铁路2.3TB信息泄露,马自达、佳能遭勒索攻击|一周特辑](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651138227&idx=1&sn=c486b83401f8dda42ac314b12644136d) - 天黑说嘿话 - [ ] [安全测试扫描工具ZAP](https://mp.weixin.qq.com/s?__biz=MzI5NTQ5MTAzMA==&mid=2247485441&idx=1&sn=7d16e9926b6b9670b6c099a88a05afb4) - [ ] [当“修仙”照进现实:在996的裂缝里,我们都在等一场逆袭](https://mp.weixin.qq.com/s?__biz=MzI5NTQ5MTAzMA==&mid=2247485441&idx=2&sn=d4870803aaca36c171413373d2e2c5c6) - [ ] [香港大埔突发大火致多人死亡,谈谈个人看法](https://mp.weixin.qq.com/s?__biz=MzI5NTQ5MTAzMA==&mid=2247485441&idx=3&sn=8649e1361817da359152a68bf27dc919) - ChaMd5安全团队 - [ ] [PAM Backdoor分析](https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247513736&idx=1&sn=a50f47d25bc548afa308bf2f29027377) - 代码卫士 - [ ] [第三方供应商导致OpenAI客户数据遭泄露](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247524535&idx=1&sn=b7fe9e8a785380e376468375bde77bce) - [ ] [Python遗留包中易受攻击代码可用于攻击PyPI](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247524535&idx=2&sn=7e176ec2a38d6df2d5cc3ecae45cdffa) - 丁爸 情报分析师的工具箱 - [ ] [【情报】这家公司在大量招聘开源情报分析师(含懂中文的)](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651153104&idx=1&sn=6aca23c3e0c2c3f178b7116cdb695370) - [ ] [【会议议程】第五届全国开源情报技术大会(COSINT-2025)](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651153104&idx=2&sn=3d50e8f0942058b974cc63a2dd70258c) - 奇安信病毒响应中心 - [ ] [每周勒索威胁摘要](https://mp.weixin.qq.com/s?__biz=MzI5Mzg5MDM3NQ==&mid=2247498559&idx=1&sn=3f2f61796988b25357ebc7853a0238ba) - 奇安信威胁情报中心 - [ ] [每周高级威胁情报解读(2025.11.21~11.27)](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247516804&idx=1&sn=d9d99a2f3d63b283f7882b5baa4b1c0c) - 知道创宇404实验室 - [ ] [404星链计划 | 项目版本更新](https://mp.weixin.qq.com/s?__biz=MzAxNDY2MTQ2OQ==&mid=2650991031&idx=1&sn=874486d5ab57f3e0523d0a52a08a8a4f) - 黑鸟 - [ ] [RuBee:隐匿于军工与核设施的小众无线协议](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451183872&idx=1&sn=cfb48fa5fc46313a7a6f224b2c5d2f8c) - 安全牛 - [ ] [把安全卖给中小企业,90%的人第一步就错了](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651139480&idx=1&sn=d79c2df0a3918b83dda90487cb027351) - [ ] [数据要素市场化提速:11月招标透露哪些技术风向?;欺诈团伙工业化运作:AI驱动的支付欺诈激增477% | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651139480&idx=2&sn=c3862c0de7d77ce6a3bc326b30d4f88b) - HackerNews - [ ] [美国法院备案机构遭勒索软件攻击](https://hackernews.cc/archives/61724) - [ ] [黑客劫持美国无线电设备发送虚假警报](https://hackernews.cc/archives/61722) - [ ] [Bloody Wolf 威胁行为体扩大中亚地区活动范围](https://hackernews.cc/archives/61719) - [ ] [朝日集团确认约 200 万客户及员工数据遭黑客窃取](https://hackernews.cc/archives/61716) - [ ] [OpenAI 用户数据或因分析公司 Mixpanel 遭网络攻击而泄露](https://hackernews.cc/archives/61713) - [ ] [华硕发布新版固件,修复 AiCloud 高危漏洞](https://hackernews.cc/archives/61710) - 威胁棱镜 - [ ] [ATT&CK 2023(ATT&CKCon 4.0)议题慢递](https://mp.weixin.qq.com/s?__biz=MzkyMzE5ODExNQ==&mid=2247488061&idx=1&sn=23563682c3e93ca3e904c864194fd5c5) - 复旦白泽战队 - [ ] [MCPZoo 主页上线|让 MCP 生态第一次“看得见、摸得着”](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247496800&idx=1&sn=35a999bbecd497423efd7975645e93e1) - 京东安全应急响应中心 - [ ] [JoySafety再更新!提示词注入攻击检测模型升级, 开放大模型安全评测服务](https://mp.weixin.qq.com/s?__biz=MjM5OTk2MTMxOQ==&mid=2727850267&idx=1&sn=5ea8bca1b5bea7eefe7023fd7ddda856) - 慢雾科技 - [ ] [美英澳联合打击俄罗斯网络犯罪基础设施 Media Land 与 Aeza Group](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247503924&idx=1&sn=59bff522b714a60b4cca7993f62beb4b) - M01N Team - [ ] [每周蓝军技术推送(2025.11.22-11.28)](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494527&idx=1&sn=759b1af89b6caaccc7783031bc8246cb) - 火绒安全 - [ ] [火绒小问答——「企业版」中心/终端如何进行安装部署](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247528076&idx=1&sn=f1c45635555ce4d7c86e220640b4125c) - [ ] [【火绒安全周报】公安破获窃密串标案/涉密电脑违规联网导致泄密](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247528076&idx=2&sn=ff76b9d8786082dd74789bad0e1d2d30) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247528076&idx=3&sn=99ea8edab75c899bb014233d934903bc) - 迪哥讲事 - [ ] [资产收集神器](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247498723&idx=1&sn=a080422736ea381a7d513720aa50e500) - 数世咨询 - [ ] [CISO必读:AI供应链攻击防御指南](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247541017&idx=1&sn=71f5bba2d069fe899fc87b41932d2e08) - 极客公园 - [ ] [捐赠自研OS内核背后:Rust 先行者 vivo 的「担当」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653092552&idx=1&sn=0b29ba90097b9fe58dee376774bcce15) - [ ] [70% 学生选 AI,大学校长怎么教?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653092552&idx=2&sn=5f73f1155cb784ba367f46600d448e79) - [ ] [宗馥莉卸任娃哈哈集团公司董事长;小米、OV 等手机厂商取消 AIR 机型;Deepseek 推出新数学模型 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653092498&idx=1&sn=bb96f8f91ed6351e60e26a4ffcdd811d) - 嘶吼专业版 - [ ] [Shai-Hulud供应链攻击再升级 数百款知名NPM包遭恶意篡改](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247585658&idx=1&sn=8e1a46aeb54a50aa3fd19d9258f7dd37) - [ ] [年访问量2600万的电视盗版流媒体平台Photocall遭联合查处后停运](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247585658&idx=2&sn=96ac9523ab71d18f8203ab3a8b667e04) - 情报分析师 - [ ] [Tesari:美国新锐OSINT情报公司的战略剖析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650563726&idx=1&sn=c62417993d5601ec35993579ddd01294) - [ ] [刚果(金)东部动荡局势升级及对我旗舰项目战略影响分析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650563726&idx=2&sn=84a8a3114b5803dd4b7ed9c470e01395) - 大兵说安全 - [ ] [教你如何看懂反病毒报告(三)](https://mp.weixin.qq.com/s?__biz=MzI2MzM0NjcxNw==&mid=2247485688&idx=1&sn=2c8066f311656a7ed35b411f91fa4953) - Yak Project - [ ] [告别手敲命令,证书一键生成!](https://mp.weixin.qq.com/s?__biz=Mzk0MTM4NzIxMQ==&mid=2247529146&idx=1&sn=9d20f2b391b2761bb0dda864ab8f6c20) - 360数字安全 - [ ] [日本朝日集团公开道歉](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247583087&idx=1&sn=9184f9b3bcc297aa2df74e92491bde24) - 360威胁情报中心 - [ ] [APT-C-35(肚脑虫)近期针对巴基斯坦新型木马攻击活动分析](https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247507603&idx=1&sn=af41be456f6393a24771846328e8d7f2) - IT Service Management News - [ ] [OWASP AI Testing Guide](http://blog.cesaregallotti.it/2025/11/owasp-ai-testing-guide.html) - 白泽安全实验室 - [ ] [朝鲜APT组织Kimsuky十年来持续升级迭代其攻击武器——每周威胁情报动态第248期(11.21-11.27)](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492845&idx=1&sn=6f6518249709e0e0716663339de96129) - Over Security - Cybersecurity news aggregator - [ ] [Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison](https://www.bleepingcomputer.com/news/security/man-behind-in-flight-evil-twin-wifi-attacks-gets-7-years-in-prison/) - [ ] [Microsoft: Windows updates make password login option invisible](https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-updates-hide-password-icon-on-lock-screen/) - [ ] [Public GitLab repositories exposed more than 17,000 secrets](https://www.bleepingcomputer.com/news/security/public-gitlab-repositories-exposed-more-than-17-000-secrets/) - [ ] [Japanese beer giant Asahi says ransomware attack may have exposed data of 1.5 million people](https://therecord.media/asahi-says-ransomware-incident-exposed-data) - [ ] [IA agentica e sicurezza informatica: online l’analisi del CERT-AgID](https://cert-agid.gov.it/news/ia-agentica-e-sicurezza-informatica-online-lanalisi-del-cert-agid/) - [ ] [Il campione biologico è un dato personale: cosa insegna la sanzione privacy all’Humanitas](https://www.cybersecurity360.it/legal/il-campione-biologico-e-un-dato-personale-cosa-insegna-la-sanzione-privacy-allhumanitas/) - [ ] [French Football Federation discloses data breach after cyberattack](https://www.bleepingcomputer.com/news/security/french-football-federation-fff-discloses-data-breach-after-cyberattack/) - [ ] [Sintesi riepilogativa delle campagne malevole nella settimana del 22 – 28 novembre](https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-del-22-28-novembre/) - [ ] [Il nuovo strumento di whistleblowing per l’AI Act: cos’è e come funziona](https://www.cybersecurity360.it/news/il-nuovo-strumento-di-whistleblowing-per-lai-act-cose-e-come-funziona/) - [ ] [GreyNoise launches free scanner to check if you're part of a botnet](https://www.bleepingcomputer.com/news/security/greynoise-launches-free-scanner-to-check-if-youre-part-of-a-botnet/) - [ ] [Malicious LLMs empower inexperienced hackers with advanced tools](https://www.bleepingcomputer.com/news/security/malicious-llms-empower-inexperienced-hackers-with-advanced-tools/) - [ ] [California law regulating web browsers could have national data privacy impact, experts say](https://therecord.media/california-web-browser-law-national-implications) - [ ] [La trappola di Chat Control: minori tutelati, cittadini sorvegliati](https://www.cybersecurity360.it/legal/privacy-dati-personali/la-trappola-di-chat-control-minori-tutelati-cittadini-sorvegliati/) - [ ] [Dal ragionamento all’accountability: la logica come prova documentata](https://www.cybersecurity360.it/cultura-cyber/dal-ragionamento-allaccountability-la-logica-come-prova-documentata/) - [ ] [Tomiris wreaks Havoc: New tools and techniques of the APT group](https://securelist.com/tomiris-new-tools/118143/) - Instapaper: Unread - [ ] [Malicious LLMs empower inexperienced hackers with advanced tools](https://www.bleepingcomputer.com/news/security/malicious-llms-empower-inexperienced-hackers-with-advanced-tools/) - [ ] [GrapheneOS bails on OVHcloud over France's privacy stance](https://www.theregister.com/2025/11/28/grapheneos_ovhcloud/) - [ ] [Registry FeatureUsage](http://windowsir.blogspot.com/2025/11/registry-featureusage.html) - [ ] [When Windows takes a nap and leaves you evidence Inside hiberfil.sys](https://www.magnetforensics.com/blog/when-windows-takes-a-nap-and-leaves-you-evidence-inside-hiberfil-sys/) - Schneier on Security - [ ] [Friday Squid Blogging: Flying Neon Squid Found on Israeli Beach](https://www.schneier.com/blog/archives/2025/11/friday-squid-blogging-flying-neon-squid-found-on-israeli-beach.html) - [ ] [Prompt Injection Through Poetry](https://www.schneier.com/blog/archives/2025/11/prompt-injection-through-poetry.html) - The Hacker News - [ ] [Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages](https://thehackernews.com/2025/11/legacy-python-bootstrap-scripts-create.html) - [ ] [North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware](https://thehackernews.com/2025/11/north-korean-hackers-deploy-197-npm.html) - [ ] [Why Organizations Are Turning to RPAM](https://thehackernews.com/2025/11/why-organizations-are-turning-to-rpam.html) - [ ] [MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants](https://thehackernews.com/2025/11/ms-teams-guest-access-can-remove.html) - The Register - Security - [ ] [PostHog admits Shai-Hulud 2.0 was its biggest ever security bungle](https://go.theregister.com/feed/www.theregister.com/2025/11/28/posthog_shaihulud/) - [ ] [Brit telco Brsk confirms breach as bidding begins for 230K+ customer records](https://go.theregister.com/feed/www.theregister.com/2025/11/28/brsk_breach/) - [ ] [GrapheneOS bails on OVHcloud over France's privacy stance](https://go.theregister.com/feed/www.theregister.com/2025/11/28/grapheneos_ovhcloud/) - [ ] [TryHackMe races to add women to Christmas cyber challenge roster after backlash](https://go.theregister.com/feed/www.theregister.com/2025/11/28/tryhackme_diversity_row/) - [ ] [OBR drags in cyber bigwig after Budget leak blunder](https://go.theregister.com/feed/www.theregister.com/2025/11/28/obr_ciaran_martin/) - [ ] [UK digital ID plan gets a price tag at last – £1.8B](https://go.theregister.com/feed/www.theregister.com/2025/11/28/digital_id_cost/) - [ ] [Korean web giant Naver acquired crypto exchange Upbit, which reported a $30m heist a day later](https://go.theregister.com/feed/www.theregister.com/2025/11/28/naver_upbit_crypto_heist/) - TorrentFreak - [ ] [Pirate Site Operator’s Appeal Goes Bad, Court Extends Prison Term By 50%](https://torrentfreak.com/pirate-site-operators-appeal-goes-bad-court-extends-prison-term-by-50-251128/) - ICT Security Magazine - [ ] [Sicurezza SCADA e ICS tra persistenza degli attaccanti e opacità dei sistemi legacy](https://www.ictsecuritymagazine.com/articoli/sicurezza-scada-ics/) - [ ] [Sovranità digitale e cybersecurity: la sfida italiana ed europea verso il 2030](https://www.ictsecuritymagazine.com/articoli/sovranita-digitale-cybersecurity-italia/) - [ ] [Securing Intelligence at the Edge: cybersecurity e standard per il continuum Edge-to-Cloud nell’era dell’IA](https://www.ictsecuritymagazine.com/articoli/edge-to-cloud/) - Security Affairs - [ ] [Attackers stole member data from French Soccer Federation](https://securityaffairs.com/185160/data-breach/attackers-stole-member-data-from-french-soccer-federation.html) - [ ] [Thousands of sensitive secrets published on JSONFormatter and CodeBeautify](https://securityaffairs.com/185150/security/thousands-of-sensitive-secrets-published-on-jsonformatter-and-codebeautify.html) - [ ] [New Mirai variant ShadowV2 tests IoT exploits amid AWS disruption](https://securityaffairs.com/185135/malware/new-mirai-variant-shadowv2-tests-iot-exploits-amid-aws-disruption.html) - Security Weekly Podcast Network (Audio) - [ ] [Dealing with loss, phone loss with Aaran, Doug, and Josh. - SWN #533](http://sites.libsyn.com/18678/dealing-with-loss-phone-loss-with-aaran-doug-and-josh-swn-533) - Deeplinks - [ ] [The UK Has It Wrong on Digital ID. Here’s Why.](https://www.eff.org/deeplinks/2025/11/uk-has-it-wrong-digital-id-heres-why) - [ ] [EFF’s Holiday Gift Guide](https://www.eff.org/deeplinks/2025/11/effs-holiday-gift-guide)
每日安全资讯(2025-11-29)