# 每日安全资讯(2026-04-24) - Armin Ronacher's Thoughts and Writings - [ ] [Equity for Europeans](https://lucumr.pocoo.org/2026/4/23/equity-for-europeans/) - Private Feed for M09Ic - [ ] [anthropics released v2.1.119 at anthropics/claude-code](https://github.com/anthropics/claude-code/releases/tag/v2.1.119) - [ ] [joaoviictorti starred rasta-mouse/Crystal-Kit](https://github.com/rasta-mouse/Crystal-Kit) - [ ] [bolucat released 202604232121 at bolucat/Archive](https://github.com/bolucat/Archive/releases/tag/202604232121) - [ ] [INotGreen starred QuantumNous/new-api](https://github.com/QuantumNous/new-api) - [ ] [spf13 contributed to spf13/pathologize](https://github.com/spf13/pathologize/pull/85) - [ ] [mgeeky starred SnailSploit/Claude-Red](https://github.com/SnailSploit/Claude-Red) - [ ] [joaoviictorti starred cloudflare/wirefilter](https://github.com/cloudflare/wirefilter) - [ ] [theLSA starred YIKUAIBANZI/forge-skill](https://github.com/YIKUAIBANZI/forge-skill) - [ ] [kpcyrd contributed to spdx/license-list-XML](https://github.com/spdx/license-list-XML/pull/2952) - [ ] [spf13 contributed to spf13/fileflow](https://github.com/spf13/fileflow/pull/80) - [ ] [esrrhs contributed to esrrhs/fakelua](https://github.com/esrrhs/fakelua/pull/57) - [ ] [github released v0.8.0 at github/spec-kit](https://github.com/github/spec-kit/releases/tag/v0.8.0) - [ ] [kpcyrd starred kpcyrd/signal-tlsd](https://github.com/kpcyrd/signal-tlsd) - [ ] [joaoviictorti starred dtolnay/clang-ast](https://github.com/dtolnay/clang-ast) - SecWiki News - [ ] [SecWiki News 2026-04-23 Review](http://www.sec-wiki.com/?2026-04-23) - Recent Commits to cve:main - [ ] [Update Thu Apr 23 11:30:09 UTC 2026](https://github.com/trickest/cve/commit/59f2accfcb3b59563519a406e4ed2602aa3efe64) - Google Online Security Blog - [ ] [AI threats in the wild: The current state of prompt injections on the web](http://security.googleblog.com/2026/04/ai-threats-in-wild-current-state-of.html) - Tenable Blog - [ ] [Five steps to become Mythos ready](https://www.tenable.com/blog/5-steps-to-become-mythos-ready-ai-cybersecurity) - obaby 𝐢𝐧⃝ void - [ ] [人间四月芳菲尽](https://zhongxiaojie.cn/2026/04/1108/) - Sucuri Blog - [ ] [WordPress DDoS Protection: How to Keep Your Site Online](https://blog.sucuri.net/2026/04/wordpress-ddos-protection-how-to-keep-your-site-online.html) - Doonsec's feed - [ ] [信号失守:揭秘隐秘监控势力对全球电信网络的系统性渗透](https://mp.weixin.qq.com/s/73pjIJR6Kjglclez8foZGA) - [ ] [百度发布2025年度反贪腐通报:144人被查处,33人移送司法,最高获刑12年](https://mp.weixin.qq.com/s/WVoWcS4IAMWGQNkrtkigoA) - [ ] [全程云OA download.ashx接口存在任意文件读取漏洞 附POC](https://mp.weixin.qq.com/s/LRjrEUoutKGQDj2loGBzxw) - [ ] [编造“大葱免费拿”谣言,造成种植户财产损失,多人被处罚](https://mp.weixin.qq.com/s/4D-Cf2n4hgsgZiVxvQ4amw) - [ ] [暗网付费帖子解锁(第十三期)](https://mp.weixin.qq.com/s/XbhBfMgfsmH7JdKJRc5Tsw) - [ ] [2025-2026学年第二学期西安工业大学网络空间安全协会第五次沙龙成功举办](https://mp.weixin.qq.com/s/x1Y0dSWAOXJdVjfhar0nEA) - [ ] [用了一年的 MacBook,电池健康仍 100%?踩过坑,才知道这有多夸张](https://mp.weixin.qq.com/s/x9T595dASQlE9107-bo3Vw) - [ ] [关于Agentic AI未来监管方式的六点预测](https://mp.weixin.qq.com/s/Ze1NgKvjdY-d5m2zryjnQg) - [ ] [最新 Checkmarx 供应链投毒事件(2026.4.22 )深度分析](https://mp.weixin.qq.com/s/BIeHi-_SnsytI5qwF9ZghA) - [ ] [OpenClaw用户必看:被token逼疯后,我靠Token Plan彻底摆脱焦虑](https://mp.weixin.qq.com/s/CkVGkpYgmrCOYFDC8qIhXQ) - [ ] [防御三难!提示注入 wrapper 防御不可能性](https://mp.weixin.qq.com/s/5IeURxjsKaUFkt0Q8fPURA) - [ ] [edu漏洞之若依nday漏洞复现(一)](https://mp.weixin.qq.com/s/CZmoztuvC2mYssA2VVtWgg) - [ ] [自己跟公司HR谈的工资是12K,结果入职后每月工资发了15K!我也没吭声,后来每个月工资又涨到了20K!这是啥操作,谁懂啊?](https://mp.weixin.qq.com/s/MMN_dLNOdoKYpaQoOXoKMQ) - [ ] [深度拆解 MCP 协议下的 12 类新型攻击](https://mp.weixin.qq.com/s/ovfvBioIi4XqCHSFfKDNYg) - [ ] [分享的图片、视频、链接](https://mp.weixin.qq.com/s/w8SClGWq8pH277zdxPKo2g) - [ ] [红队外网资产梳理神器:dddd](https://mp.weixin.qq.com/s/BjoaSdY3iE6JyWchc4jvmw) - [ ] [2026年第9届中国高校智能机器人创意大赛软件系统安全赛 流量题wp](https://mp.weixin.qq.com/s/iXR_ndB_wbYdE2FHxzFtgg) - [ ] [网警打谣记|虚假摆拍“抓蜈蚣致眼睛失明”,2人被查](https://mp.weixin.qq.com/s/wjZePJyvGuycsprm1mtxSg) - [ ] [以赛促学,攻防决胜!网安协会学子在软件系统安全赛中勇创佳绩!](https://mp.weixin.qq.com/s/Prv_HTSVGMOBooYS-5F_Lw) - [ ] [生成即安全?——基于hooks的coding agent代码生成安全审计实践](https://mp.weixin.qq.com/s/N_uPuJG9nnlMn0d1OTD7Ew) - [ ] [小红书SRC发布《AI生成漏洞报告提交规范》](https://mp.weixin.qq.com/s/7q46MgR4mOjZtprymtOpoA) - [ ] [国家互联网应急中心2026年网络安全学术征文通知](https://mp.weixin.qq.com/s/EhP_0gvGO5hzhGGqvaXrDA) - [ ] [100+ 工具 + AI Agent,CyberStrikeAI 重塑安全测试方式](https://mp.weixin.qq.com/s/lIPKwZUr1jyRoCKzRz5xvw) - [ ] [我的第一台 Bazzite PC 组装机(乐高 + BC250)](https://mp.weixin.qq.com/s/ksVsY3Kuz1urI5yr4p8DXA) - [ ] [苹果防晕车功能终于来了](https://mp.weixin.qq.com/s/cTC78RhsqB-Oez05Hs0ZNA) - [ ] [【转载】跨越“中立陷阱”:以香港为鉴推演台湾统一后的行政与司法重构](https://mp.weixin.qq.com/s/890fhU4AM5WEVMQdNbJTwg) - [ ] [【转载】这个被台湾伪政权控制的非洲小国,共产党正在茁壮成长](https://mp.weixin.qq.com/s/arNL8W8QC-tnfdGosgjDqA) - [ ] [基于AI快速浏览器内核与CEF源码分析定制](https://mp.weixin.qq.com/s/SZTXoCv1X98cO1YaQs7Llg) - [ ] [理想汽车SRC关于AI生成漏洞报告的处置公告](https://mp.weixin.qq.com/s/Tb5_9TR-TWm96pGOVMyWbQ) - [ ] [2分钟速览 | ChatGPT Images 2.0 | 完爆Nano Banana | 开启图像AI“思考时代”(含多风格图效果实测)](https://mp.weixin.qq.com/s/kos0FF5mLJGKTqWYCFSuGA) - [ ] [C3高光|大咖齐聚,共绘Agent时代安全数智蓝图](https://mp.weixin.qq.com/s/2tv4BUYU7JOmytsP-9060g) - [ ] [“铁穹不铁”是一个时代的结束,AI XDR是另一个时代的开始](https://mp.weixin.qq.com/s/wutqMBa7zVGpQzcxv3XPbg) - [ ] [常见系统漏洞分析](https://mp.weixin.qq.com/s/2F0PSxubSi3kKWAkKkAMbQ) - [ ] [Obsidian + OpenWork:2026年最强AI知识管理方案,手把手教你搭建](https://mp.weixin.qq.com/s/WNh7BLGZWz9pdu3vaRHQEg) - [ ] [姚顺雨在DeepSeek V4前交卷了!混元Hy3 发布](https://mp.weixin.qq.com/s/ImiFVii1mWdHzrpHp_FPOQ) - [ ] [【警示】微软联姻Anthropic:AI网络安全进入\'巨舰时代\'](https://mp.weixin.qq.com/s/dcIVy_qzvFc5vGwl07c90A) - [ ] [【AI产品】阿里HappyHorse登顶评测榜:4月27日企业邀测背后的技术底牌](https://mp.weixin.qq.com/s/FsGemNSClE1ZHzu-w-puMQ) - [ ] [【警示】FortiSandbox高危漏洞:一条命令获取root权限](https://mp.weixin.qq.com/s/Mmn48idakM3oW_ey2jEtng) - [ ] [【警示】MCP协议致命缺陷:20万台AI服务器沦为肉鸡](https://mp.weixin.qq.com/s/9HJRws7RqveA-53kt_nszQ) - [ ] [【警示】AI首次参与挖出NGINX高危漏洞,安全工程师还剩什么](https://mp.weixin.qq.com/s/03XwoW8lYlsO4K23ltAtZA) - [ ] [AI Agent十大安全风险!OWASP首份框架出炉](https://mp.weixin.qq.com/s/IYHb6Zc7un3mslUeBgl1nw) - [ ] [行业资讯:浪潮信息 授权董事会制定中期分红方案](https://mp.weixin.qq.com/s/cP5CIXTDJpOVvrKbys4C6g) - [ ] [年度报告:浪潮软件 拟使用最高额度不超过人民币10亿元进行现金理财管理](https://mp.weixin.qq.com/s/N96giDxtgpy-FPZvN7G3Kg) - [ ] [年度报告:东软集团实现营业收入120.3亿,同比增长4.14%;实现归属于上市公司股东的净利润-3.58亿,同比减少668.07%](https://mp.weixin.qq.com/s/iiSSyakK8zSkSFEchL010Q) - [ ] [行业资讯:神州数码 预计2026年度出售和出租房产收益达20亿](https://mp.weixin.qq.com/s/DL9VXxxbkBtKqshC9YEa5Q) - [ ] [一季度报告:中际旭创 一季度营收194亿,业绩同比增长近2.92倍,净利润同比增长3.62倍,派发现金红利都11.11亿](https://mp.weixin.qq.com/s/CYce1c5rDrdwFToWarcSeg) - [ ] [清华美团数字生活研究院五周年,一场科技与美好生活的双向奔赴](https://mp.weixin.qq.com/s/N27RtaXDwOZ4fAW2lt8WTQ) - [ ] [LARYBench 发布:定义具身动作表征 ImageNet,首次度量从人类视频学习的泛化表征](https://mp.weixin.qq.com/s/AZ3r96L--DJEhHMzjlDJyw) - [ ] [30万+元奖金池!美团校园 AI Hackathon 大赛等你来战](https://mp.weixin.qq.com/s/jZ5KyzjVaSH8T-RJWbF9rw) - [ ] [滴滴的工程师们,都在读什么书?](https://mp.weixin.qq.com/s/4_QGbM4Hjk8FOkHPF_J4KA) - [ ] [【免费工具】AI代码审计实战:0成本挖洞,三款工具对比测评](https://mp.weixin.qq.com/s/01VMR8LG4Q9Q2jBG96M-vQ) - [ ] [保持盈利!一图看懂天融信(002212)2025年报](https://mp.weixin.qq.com/s/lgnL3jvvLZXz5rhzZcTOVw) - [ ] [TSRC关于AI辅助漏洞挖掘报告的提交规范:每一份漏洞报告,都值得被认真对待](https://mp.weixin.qq.com/s/HB68pJqjK-IChj3zpprWnQ) - [ ] [美国参议院通过量子计划法案:强化应用、制造与安全](https://mp.weixin.qq.com/s/rPSTbZmjddlOLn4cjv5xqg) - [ ] [360漏洞云关于AI生成漏洞报告的处置公告](https://mp.weixin.qq.com/s/3PSBLswSHOYb4traQqw4Fg) - [ ] [梁文锋电话被打爆:不是养不起,是不够健康](https://mp.weixin.qq.com/s/OXvJkSa6VV0ivvNPUNichw) - [ ] [Hermes 能自我“进化”的龙虾](https://mp.weixin.qq.com/s/KL77bJyxVzTgzRmy9B0xRg) - [ ] [Lazarus 利用带有后门的编码测试引诱开发者](https://mp.weixin.qq.com/s/Stjq9b8VzREZhplg0yRyHQ) - [ ] [小米安全中心关于AI生成漏洞报告的处置公告](https://mp.weixin.qq.com/s/jvO4_xIs-lHx_cD068kgVw) - [ ] [智融中原・数创未来|AI 与信息化暨安全融合发展合作伙伴大会圆满举办](https://mp.weixin.qq.com/s/Z5Fts7PD-1bmq5F9Ykn8GQ) - [ ] [马来西亚企业代表团到访360 共探智能经济时代AI安全新路径!](https://mp.weixin.qq.com/s/Ep8FzGCkUur2JKg0hx0YYw) - [ ] [Pack2TheRoot 的关键漏洞允许攻击者获得 Root 权限或攻破系统](https://mp.weixin.qq.com/s/CE2Bwu3NQUOldJqFY4K9gA) - [ ] [RAG 知识库投毒 例题](https://mp.weixin.qq.com/s/jYyq_pzCvHtZufoEmprxqw) - [ ] [春秋云境 Privilege](https://mp.weixin.qq.com/s/YtJCp9PWlK33DKTBOV2YiQ) - [ ] [苹果修复了通知隐私漏洞,该漏洞曾允许FBI访问已删除的Signal消息](https://mp.weixin.qq.com/s/HMBYweMEslpzOQ8EURKlcA) - [ ] [3月银行AI项目动态:温州银行采购11台大模型服务器,联想拿下近千万算力大单](https://mp.weixin.qq.com/s/qHdJyM2LwH8TWeJAs22olg) - [ ] [AI快讯:银行业“数据分类分级”大模型发布,谷歌发布一系列新AI工具](https://mp.weixin.qq.com/s/hW7FHcTgeou1KwA4C-zugw) - [ ] [万国数据中!万家基金2026年多模态大模型基础算力服务项目](https://mp.weixin.qq.com/s/t-ERnCesxIf55Xe0Yqu8Eg) - [ ] [2026 ISC.AI训练营正式启动,四大培训序列+工信部ADE认证护航人才培育](https://mp.weixin.qq.com/s/YGF9TUbF5wsi1BYPVeXnsg) - [ ] [日本「国家情报会议」创设法案众议院通过](https://mp.weixin.qq.com/s/xr7rwsuQjzG56VqNDCOeYQ) - [ ] [【公告】JSRC关于AI生成漏洞报告提交规范](https://mp.weixin.qq.com/s/IOjGKzOG-WQDsZLWgcsI7A) - [ ] [微软紧急修复严重的 ASP.NET 漏洞](https://mp.weixin.qq.com/s/7GZgED4pCSwGFicuaQo5xA) - [ ] [自传播供应链蠕虫劫持 npm 包,窃取开发人员令牌](https://mp.weixin.qq.com/s/IYw-_dFMD1taxANPwLQqCA) - [ ] [勒索情报通告 | The Gentlemen 组织声称勒索浙江某物联网科技公司4.3TB数据](https://mp.weixin.qq.com/s/1TsrGpcvv-5CVyDCyRgNWQ) - [ ] [Claude代码安全功能,究竟会拖垮哪些安全公司?](https://mp.weixin.qq.com/s/n5m8jInZQIl93LCUUZF2Iw) - [ ] [理想回应“杭州某用户车辆系统遭黑客破解”:涉及多方复杂纠纷,将协助警方开展调查](https://mp.weixin.qq.com/s/YVUjWLmjTzvzSAA-YbBm-g) - [ ] [免费赠送 | 415全民国家安全教育日-安全意识培训科普素材](https://mp.weixin.qq.com/s/q_uwywQZLAEHcLxq6-WHww) - [ ] [古法代码审计 VS AI代码审计,怎么选?](https://mp.weixin.qq.com/s/qK6hKjlXvv-5yrgeEm3cxQ) - [ ] [关于AI生成漏洞报告的处置公告](https://mp.weixin.qq.com/s/Vj28G9lP8hDJh7yexsZdkQ) - [ ] [AI驱动,实战验证!奇安信入选全球威胁情报代表厂商](https://mp.weixin.qq.com/s/LvLAmBEXmkpvDPChGRE9ZQ) - [ ] [深度解析LiteLLM投毒事件:AI供应链首次引爆“爆炸半径”风险](https://mp.weixin.qq.com/s/H8HOGZB3CqMI6imykOkogQ) - [ ] [RSAC 2026 :从梦想到现实,网络安全进入“自主防御”新纪元](https://mp.weixin.qq.com/s/YBTWiUY9e5R8FAYfwyS6Qw) - [ ] [政策重磅落地|AI+全面提速,安全与国产化才是产业落地核心底座](https://mp.weixin.qq.com/s/Mnkp3d2lwGeNO6AnIoV8kQ) - [ ] [亚数 TrustAsia 正式收到谷歌定向邀请,开启后量子加密 MTC 时代!](https://mp.weixin.qq.com/s/ROHxCv8YvEB3qQnmEVA14A) - [ ] [斗象开源了个AI安全保险箱,思路有点不一样](https://mp.weixin.qq.com/s/Vw0JzNbZFm-S_Ik3Kxnvnw) - [ ] [Claude Mythos发现271个Firefox漏洞,0Day时代或将终结](https://mp.weixin.qq.com/s/qu7PxNEr8iD2uDdiqcmq1w) - [ ] [GitHub评论可触发Claude Code、Gemini CLI和GitHub Copilot的提示注入漏洞](https://mp.weixin.qq.com/s/HkcUWECi3nwUgglYoUoMhw) - [ ] [苹果AI令牌漏洞曝光,窃取者可跨设备滥用服务](https://mp.weixin.qq.com/s/cjUIX5GqnEFV4Oenl2-GnA) - [ ] [从融合SASE到总部园区安全:华为携手光联世纪共筑网安融合共生之路](https://mp.weixin.qq.com/s/RBoaHqqScOAU1ogIDdMYlA) - [ ] [小鹏汽车SRC发布《AI生成漏洞报告的处置公告》](https://mp.weixin.qq.com/s/-iaA1fhpv4jx6_yRfg6O_Q) - [ ] [有毒组合:当跨应用权限叠加成风险时](https://mp.weixin.qq.com/s/VDqNVXjz0WCDvMs1IvJ_LQ) - [ ] [腾讯混元新里程碑:Hy3 preview 发布开源,Agent 表现全面提升](https://mp.weixin.qq.com/s/fUIC9BQCBeI4VMWcS03_pw) - [ ] [某211高校从一个文档到全校三要素泄露&RCE](https://mp.weixin.qq.com/s/XNe2xRx_yVgJtwfMgDxolg) - [ ] [中通SRC关于AI生成漏洞报告的处置公告](https://mp.weixin.qq.com/s/w1mRvwW2F6UAQHre6DMLwg) - [ ] [【等保百科】第12期:等级保护全流程周期与影响因素解析](https://mp.weixin.qq.com/s/VT-xIgaiaW5Cro2O9TxiJg) - [ ] [环球财经丨手机直连卫星关键技术及展望](https://mp.weixin.qq.com/s/7mE8tsrkOovGxV8rI8C3aA) - [ ] [美国众议院共和党推动联邦数据隐私立法,拟统一规则并强化企业数据约束](https://mp.weixin.qq.com/s/e96tIJp_qH-cV32S00Oy0g) - [ ] [浅谈代码审计+漏洞批量一把梭哈思路](https://mp.weixin.qq.com/s/3j9Q5oZlPOZWzYWKussXIg) - [ ] [【免费领】网安大神从业笔记:安全事件应急响应实战案例全纪录](https://mp.weixin.qq.com/s/A-00_LBIXUSNf0q2yBOcoA) - [ ] [海外报告|决胜感知与认知之战](https://mp.weixin.qq.com/s/IW45svx0sjkjN3WjFY9iJQ) - [ ] [AI新模型拉响网络安全攻防警报](https://mp.weixin.qq.com/s/oIRL2SpaGMqdP22TZMGhvA) - [ ] [警惕!“龙虾”智能体被投毒](https://mp.weixin.qq.com/s/QhhQkaoPFm3a-i5BViAddA) - [ ] [今日第一笑](https://mp.weixin.qq.com/s/ErAc_TxynI0Niy6aainQag) - [ ] [丈八兵推观察之实战篇:当离散事件仿真遇上电力IT/OT融合战场](https://mp.weixin.qq.com/s/Rq-0wuwMqMJlXLzS2Hwqug) - [ ] [ByteSRC发布《AI生成漏洞报告提交规范》](https://mp.weixin.qq.com/s/qKLGITV0_pYTfSC3j3RIWw) - [ ] [AI嵌入企业核心业务:安全体系面临结构性挑战](https://mp.weixin.qq.com/s/lkMh2SxJq9HI-UC5z5XrDA) - [ ] [AI驱动网络攻击升维:数字安全如何从“被动防御”到“主动免疫”](https://mp.weixin.qq.com/s/LYIN2T_fqY5sq_wiQ-JU_Q) - [ ] [【梆梆安全监测】安全隐私合规监管趋势及漏洞风险报告(0323-0405)](https://mp.weixin.qq.com/s/bGPbTDjnYyaB7bH9r0vA2w) - [ ] [【AI自动渗透】GitHub 3.9万Star的白盒AI渗透测试神器,Shannon来了](https://mp.weixin.qq.com/s/cbxW214zZKzXm-Bb4LzWYg) - [ ] [处罚案例 | 杭州某科技公司数据遭境外窃取被罚5万元](https://mp.weixin.qq.com/s/hzm04iRgAW5LZJmBwLl3KQ) - [ ] [2016年至2026年十大最常被利用的漏洞列表](https://mp.weixin.qq.com/s/i4KL0YoiOOP7c_s6hz4YJw) - [ ] [【已复现】FortiSandbox 身份验证绕过漏洞(CVE-2026-39813)](https://mp.weixin.qq.com/s/ZRSw0R8mH1tY_7jsYUswRA) - [ ] [高危漏洞预警:Windows TCP/IP 远程代码执行漏洞(CVE-2026-33827)](https://mp.weixin.qq.com/s/xZGyvHv_Qh4MuxoAESrkaQ) - [ ] [重磅!经纬信安入选《2026中国AI赋能网络安全全景图》](https://mp.weixin.qq.com/s/DHp789zEbWkz7RgE3W554w) - [ ] [Anthropic估值升值1万亿美元,超越OpenAI](https://mp.weixin.qq.com/s/8PPcgUMu3TC9XKzjyPtOyA) - [ ] [安全简讯(2026.04.23)](https://mp.weixin.qq.com/s/U5Y7hXEcX3mVkF1MI9B4JA) - [ ] [数据安全服务能力评定管理办法(试行)全文解读](https://mp.weixin.qq.com/s/dIZyTigysSR7_AICjFHnjg) - [ ] [记一次任意文件下载(尝试Getshell未果)](https://mp.weixin.qq.com/s/qc-zG6ls_I7uxcU4G_63RQ) - [ ] [สวัสดีครับ กรุงเทพฯ(你好,曼谷)!飞天诚信亮相Money20/20 Asia 2026](https://mp.weixin.qq.com/s/6vqpMBXCTmfV9bnN6QZQag) - [ ] [蓝队反击战:AD域防御加固完整指南](https://mp.weixin.qq.com/s/oLEf2fpTx5oubIyYXrKoeA) - [ ] [2026年4月17日职业技能等级认定评价结果公示](https://mp.weixin.qq.com/s/tKQoCQLFRbkkW8FAKnIcgg) - ElcomSoft blog - [ ] [Recovering Windows Credentials with Elcomsoft System Recovery](https://blog.elcomsoft.com/2026/04/recovering-windows-credentials-with-elcomsoft-system-recovery/) - Cerbero Blog - [ ] [CRAMFS Format Package](https://blog.cerbero.io/cramfs-format-package/) - Malware-Traffic-Analysis.net - Blog Entries - [ ] [2026-04-23: SmartApeSG activity](https://www.malware-traffic-analysis.net/2026/04/23/index.html) - Malwarebytes - [ ] [How cyberattacks on companies affect everyone](https://www.malwarebytes.com/blog/privacy/2026/04/how-cyberattacks-on-companies-affect-everyone) - [ ] [Apple fixes iOS bug that kept deleted notifications, including chat previews](https://www.malwarebytes.com/blog/news/2026/04/apple-fixes-ios-bug-that-kept-deleted-notifications-including-chat-previews) - [ ] [Roblox clamps down on chats and age checks as legal pressure builds](https://www.malwarebytes.com/blog/news/2026/04/roblox-clamps-down-on-chats-and-age-checks-as-legal-pressure-builds) - Intigriti - [ ] [Vulnpocalypse Now? How AI is changing vulnerability discovery](https://www.intigriti.com/blog/business-insights/vulnpocalypse-now-how-ai-is-changing-vulnerability-discovery) - The Trail of Bits Blog - [ ] [Trailmark turns code into graphs](https://blog.trailofbits.com/2026/04/23/trailmark-turns-code-into-graphs/) - Reverse Engineering - [ ] [I spent 4 years building a static unpacker for Nuitka-compiled Python binaries including Commercial encrypted builds. Finally open-sourcing it.](https://www.reddit.com/r/ReverseEngineering/comments/1stgmt2/i_spent_4_years_building_a_static_unpacker_for/) - [ ] [Fibratus 3.0.0 | Ad-hoc direct/indirect syscall evasion detection and 50+ new rules](https://www.reddit.com/r/ReverseEngineering/comments/1st9tug/fibratus_300_adhoc_directindirect_syscall_evasion/) - [ ] [Claude Code - What do you think? What do you feel is missing?](https://www.reddit.com/r/ReverseEngineering/comments/1sth4w4/claude_code_what_do_you_think_what_do_you_feel_is/) - Bug Bounty in InfoSec Write-ups on Medium - [ ] [$800 Bounty: Privilege Escalation via API — From Scheduler to Team Admin](https://infosecwriteups.com/800-bounty-privilege-escalation-via-api-from-scheduler-to-team-admin-810bb8401a0f?source=rss----7b722bfd1b8d--bug_bounty) - [ ] [When “Safe” Isn’t Safe: Turning a Simple HTML Injection into a Real Security Story.](https://infosecwriteups.com/when-safe-isnt-safe-turning-a-simple-html-injection-into-a-real-security-story-34332d4851df?source=rss----7b722bfd1b8d--bug_bounty) - 绿盟科技技术博客 - [ ] [绿盟NF防火墙:筑牢OpenClaw安全防线,构筑AI时代安全基石](https://blog.nsfocus.net/%e7%bb%bf%e7%9b%9fnf%e9%98%b2%e7%81%ab%e5%a2%99%ef%bc%9a%e7%ad%91%e7%89%a2openclaw%e5%ae%89%e5%85%a8%e9%98%b2%e7%ba%bf%ef%bc%8c%e6%9e%84%e7%ad%91ai%e6%97%b6%e4%bb%a3%e5%ae%89%e5%85%a8%e5%9f%ba-2/) - [ ] [权威认可 | 绿盟科技防火墙实力入选“2025中国网络安全防火墙市场销量明星品牌”](https://blog.nsfocus.net/%e6%9d%83%e5%a8%81%e8%ae%a4%e5%8f%af-%e7%bb%bf%e7%9b%9f%e7%a7%91%e6%8a%80%e9%98%b2%e7%81%ab%e5%a2%99%e5%ae%9e%e5%8a%9b%e5%85%a5%e9%80%892025%e4%b8%ad%e5%9b%bd%e7%bd%91%e7%bb%9c%e5%ae%89/) - [ ] [渗透测试新纪元——绿盟智能渗透系统(AI-PTS)新版本发布](https://blog.nsfocus.net/%e6%b8%97%e9%80%8f%e6%b5%8b%e8%af%95%e6%96%b0%e7%ba%aa%e5%85%83-%e7%bb%bf%e7%9b%9f%e6%99%ba%e8%83%bd%e6%b8%97%e9%80%8f%e7%b3%bb%e7%bb%9f%ef%bc%88ai-pts%ef%bc%89%e6%96%b0%e7%89%88/) - [ ] [【公益译文】2026年国际AI安全报告(一)](https://blog.nsfocus.net/%e3%80%90%e5%85%ac%e7%9b%8a%e8%af%91%e6%96%87%e3%80%912026%e5%b9%b4%e5%9b%bd%e9%99%85ai%e5%ae%89%e5%85%a8%e6%8a%a5%e5%91%8a%ef%bc%88%e4%b8%80%ef%bc%89/) - [ ] [【公益译文】2026年国际AI安全报告(四)](https://blog.nsfocus.net/%e3%80%90%e5%85%ac%e7%9b%8a%e8%af%91%e6%96%87%e3%80%912026%e5%b9%b4%e5%9b%bd%e9%99%85ai%e5%ae%89%e5%85%a8%e6%8a%a5%e5%91%8a%ef%bc%88%e5%9b%9b%ef%bc%89/) - bishopfox.com - [ ] [Otto Support – An MCP, Agentic-AI Security Challenge](https://bishopfox.com/blog/otto-support-an-mcp-agentic-ai-security-challenge) - Checkmarx - [ ] [Checkmarx Security Update: April 22](https://checkmarx.com/blog/checkmarx-security-update-april-22/) - [ ] [Guardrails for Agentic Development](https://checkmarx.com/blog/guardrails-for-agentic-development/) - 奇客Solidot–传递最新科技情报 - [ ] [猕猴吃土帮助消化游客的高热量垃圾食品](https://www.solidot.org/story?sid=84134) - [ ] [特朗普模因币导致投资者损失数十亿美元](https://www.solidot.org/story?sid=84133) - [ ] [53 国齐聚哥伦比亚商讨淘汰化石燃料](https://www.solidot.org/story?sid=84132) - [ ] [加密货币骗子瞄准滞留在霍尔木兹海峡附近的船只](https://www.solidot.org/story?sid=84131) - [ ] [古代人类曾三次迁徙到南美洲](https://www.solidot.org/story?sid=84130) - [ ] [盖茨基金会准备裁员,正在审查与爱泼斯坦的关联](https://www.solidot.org/story?sid=84129) - [ ] [高收入人群的 AI 普及率远高于低收入人群](https://www.solidot.org/story?sid=84128) - [ ] [孙宇晨起诉特朗普家族的加密货币公司 World Liberty](https://www.solidot.org/story?sid=84127) - [ ] [沥青会释放有毒的挥发性有机物](https://www.solidot.org/story?sid=84126) - [ ] [乒乓球机器人击败了人类顶尖选手](https://www.solidot.org/story?sid=84125) - [ ] [苹果修复了在原始信息删除之后预览仍然保留在通知数据库里的 Bug](https://www.solidot.org/story?sid=84124) - 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台 - [ ] [WhatsApp在印度新增预付电话卡充值功能](https://blog.upx8.com/WhatsApp%E5%9C%A8%E5%8D%B0%E5%BA%A6%E6%96%B0%E5%A2%9E%E9%A2%84%E4%BB%98%E7%94%B5%E8%AF%9D%E5%8D%A1%E5%85%85%E5%80%BC%E5%8A%9F%E8%83%BD) - HackerNews - [ ] [睧 Bluesky ĺŽďźŒMastodon é DDoS 攝凝](http://0.0.0.0:8080/post/64171) - [ ] [Claude Mythos ĺ‘现 271 个çŤç‹ćľč§ˆĺ™¨ćźć´ž](http://0.0.0.0:8080/post/64170) - [ ] [čś… 1300 ĺ°ĺžŽč˝Ż SharePoint ćœĺŠĄĺ™¨ć˜“ĺ—揺骗攝凝](http://0.0.0.0:8080/post/64169) - [ ] [ć–°ĺž‹ npm äž›ĺş”é“žć”ťĺ‡ťč‡Şćˆ‘äź ć’äťĽçŞƒĺ–莤čŻäť¤ç‰Œ](http://0.0.0.0:8080/post/64168) - [ ] [č‹šćžœäżŽĺ¤ iOS çłťçťŸäżç•™ĺˇ˛ĺˆ é™¤é€šçŸĽć•°ćŽçš„ćźć´ž](http://0.0.0.0:8080/post/64167) - [ ] [â€œć”śĺ‰˛č€…â€ ĺˆŠç”¨ĺžŽč˝Żĺ›žĺ˝˘ API ĺœ¨ĺ—äşšéƒ¨ç˝˛ Linux 版 GoGra ĺŽé—¨ç¨‹ĺş](http://0.0.0.0:8080/post/64166) - 威努特安全网络 - [ ] [国务院:支持采购大模型、智能体服务](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651141420&idx=1&sn=20ee3d6a9f42e03787cb6d3922c44607) - 微步在线研究响应中心 - [ ] [突发:Checkmarx再次遭遇供应链投毒!速查](https://mp.weixin.qq.com/s?__biz=Mzg5MTc3ODY4Mw==&mid=2247508649&idx=1&sn=a1931d6a89e8851fa93a599af6cf6e15) - [ ] [突发:Xinference PyPI 遭投毒!速查](https://mp.weixin.qq.com/s?__biz=Mzg5MTc3ODY4Mw==&mid=2247508649&idx=2&sn=de697976c81a783cbcb86ffaeb528875) - 看雪学苑 - [ ] [更好理解:CVE-2021-1732漏洞分析报告与利用](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458614046&idx=1&sn=4141c556c1195141951d4ee5fe9911b3) - [ ] [Checkmarx KICS 官方 Docker 镜像遭投毒](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458614046&idx=2&sn=f6ce43ecd42ee8eccccff9fd2ec04693) - [ ] [开启Android应用的“上帝模式”:Frida源码级调试与定制开发实战](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458614046&idx=3&sn=2b92c3e13ac62948ead75f8318dd708f) - 黑鸟 - [ ] [信号失守:揭秘隐秘监控势力对全球电信网络的系统性渗透](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451186507&idx=1&sn=edc2a734994d93f434048dce5edba550) - 虎符智库 - [ ] [RSAC 2026 :从梦想到现实,网络安全进入“自主防御”新纪元](https://mp.weixin.qq.com/s?__biz=MzIwNjYwMTMyNQ==&mid=2247493787&idx=1&sn=bcbecc3a2ff31609650d6a949fc9bf02) - 奇安信 CERT - [ ] [深度分析 | 在官方 KICS Docker 中发现恶意 Checkmarx 构件](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247505361&idx=1&sn=01078dadf040b30872c7fc973f212085) - 腾讯玄武实验室 - [ ] [每日安全动态推送(26/4/23)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651960457&idx=1&sn=4616f4e6452cddc0a62060cfeef7593d) - 安全内参 - [ ] [AI编程默认不安全:知名AI公司发生重大数据泄露](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515858&idx=1&sn=d28bb9b88c16814f1c969ac84c30ad0a) - [ ] [聚焦联合作战和博弈对抗:美国防部披露美军网络战略布局与发展方向](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515858&idx=2&sn=3dd2e394d609801341ddc831db1c2d94) - 丁爸 情报分析师的工具箱 - [ ] [【转载】跨越“中立陷阱”:以香港为鉴推演台湾统一后的行政与司法重构](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651155252&idx=1&sn=59edffc80fb95a675fbdceb948bde8b7) - [ ] [【转载】这个被台湾伪政权控制的非洲小国,共产党正在茁壮成长](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651155252&idx=2&sn=231dd3635e9069e529aa2a2612c1bf76) - 代码卫士 - [ ] [微软紧急修复严重的 ASP.NET 漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247525844&idx=1&sn=a5155ad25d1a9cad18cd399ac56c9d05) - [ ] [自传播供应链蠕虫劫持 npm 包,窃取开发人员令牌](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247525844&idx=2&sn=3f396c2336c086719e62350cd61cd2bb) - 安全学术圈 - [ ] [行业会议 | 第七届网络空间安全前沿论坛(常安论坛详细全日程)](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247495279&idx=1&sn=5620974b374e7d9da2d34f5af5f9dbb3) - 奇安信威胁情报中心 - [ ] [又又一起AI相关供应链事件:Xinference PyPI (版本 2.6.0–2.6.2)供应链污染报告](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247518509&idx=1&sn=bef0b7230e3d69d03629a6f6c6ee60bb) - 电子物证 - [ ] [【当秘密藏进图片,取证人员怎么看出来?】](https://mp.weixin.qq.com/s?__biz=MzAwNDcwMDgzMA==&mid=2651048986&idx=1&sn=30d2aec20a76ab23035640a71c68114f) - [ ] [【详解】电子数据取证现场勘查步骤及注意事项](https://mp.weixin.qq.com/s?__biz=MzAwNDcwMDgzMA==&mid=2651048986&idx=2&sn=6502a90f1a9782c159ff5e76b02fc183) - 腾讯安全应急响应中心 - [ ] [TSRC关于AI辅助漏洞挖掘报告的提交规范:每一份漏洞报告,都值得被认真对待](https://mp.weixin.qq.com/s?__biz=MjM5NzE1NjA0MQ==&mid=2651208362&idx=1&sn=d023ab60dba98fa2e6d7f35d1f371664) - 数世咨询 - [ ] [Mythos正在袪魅?](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247542658&idx=1&sn=cbd7fd4c2c6b1b09c419e266a3ade54c) - [ ] [在预算有限的情况下提升企业网络安全的八种方法](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247542658&idx=2&sn=8d04a004ad0f08370fbdde7188ac3bd4) - 网络空间安全科学学报 - [ ] [“可信与机密计算”专题征稿](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247507447&idx=1&sn=efbaf8583b1d4c0556f020cc9333654e) - 信息安全国家工程研究中心 - [ ] [处罚案例 | 杭州某科技公司数据遭境外窃取被罚5万元](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247503709&idx=1&sn=2aa5165311819c75f98c2cdd88c98cb1) - 微步在线 - [ ] [微步EDR,双第一!](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650186248&idx=1&sn=a53d077f1990e77c2604d051df25d01a) - 阿里安全响应中心 - [ ] [先知平台关于AI生成漏洞报告的处置公告](https://mp.weixin.qq.com/s?__biz=MzIxMjEwNTc4NA==&mid=2652998827&idx=1&sn=87a4ffd29c09a117121fa8beccca7ce5) - 安全牛 - [ ] [被遗忘的幽灵接口:已废弃 API 正成为攻击者的 “黄金后门”](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651141120&idx=1&sn=c8db4bd3d4506b1ca55e371f8b5dab5f) - [ ] [国家病毒中心发布通报:龙虾智能体现恶意技能包攻击;SpaceX押注Cursor:600亿美元期权交易背后的AI算力与开发工具博弈| 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651141120&idx=2&sn=d4bada727dd807a3a7c8c949554f3424) - 字节跳动安全中心 - [ ] [ByteSRC发布《AI生成漏洞报告提交规范》](https://mp.weixin.qq.com/s?__biz=MzUzMzcyMDYzMw==&mid=2247496182&idx=1&sn=8c843d9a103ba7f711df7f6e06771f43) - M01N Team - [ ] [AI安全案例分析 | Marimo 零日漏洞与Hugging Face平台滥用(文末附邀请码)](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494999&idx=1&sn=8a33dea317d873ca1912b36c3fab507f) - 国家互联网应急中心CNCERT - [ ] [国家互联网应急中心2026年网络安全学术征文通知](https://mp.weixin.qq.com/s?__biz=MzIwNDk0MDgxMw==&mid=2247501495&idx=1&sn=eb81e2f42b03bbf80acd0b88937e98a4) - 情报分析师 - [ ] [1000 万美元买一个黑客名字!美国点名伊朗Handala,真正要打的不是一封邮箱](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650567692&idx=1&sn=f2206f6b77fe699c1c3faaf5692e0f08) - 中通安全应急响应中心 - [ ] [中通SRC关于AI生成漏洞报告的处置公告](https://mp.weixin.qq.com/s?__biz=MzUyMTcwNTY3Mg==&mid=2247486646&idx=1&sn=1659e438858303dc1b6a440198931f9b) - 百度安全应急响应中心 - [ ] [【从这里 向世界出发】2025 BSRC年度盛典圆满落幕!](https://mp.weixin.qq.com/s?__biz=MzA4ODc0MTIwMw==&mid=2652544053&idx=1&sn=701ba00515fc2c436d1954a4ab4d2500) - 京东安全应急响应中心 - [ ] [【公告】JSRC关于AI生成漏洞报告提交规范](https://mp.weixin.qq.com/s?__biz=MjM5OTk2MTMxOQ==&mid=2727850820&idx=1&sn=d437e9c1db71941782dcf1e0e5cb7cc5) - 火绒安全 - [ ] [火绒安全 | 以专业之力 为企业数字化转型筑牢安全屏障](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247532438&idx=1&sn=588f6fd7c8bcf6838d71479f2a88eb1c) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247532438&idx=2&sn=1990976eb048f23967fe24ebb622e0fe) - 慢雾科技 - [ ] [Hacking Time 回顾:慢雾携手行业专家,深度拆解 AI & Web3 的攻防新范式](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247504768&idx=1&sn=4589da9b7bea88de8f7b4dbd5cbfd0c8) - 绿盟科技研究通讯 - [ ] [AI靶场安全实战系列:RAG知识源投毒——利用PDF隐藏文字劫持AI客服](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247499850&idx=1&sn=98bb03ec10cb11c6aadd040ddea29589) - 安全圈 - [ ] [【安全圈】《王者荣耀》惊现逆天bug](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075971&idx=1&sn=87382d2f57b8f0b6d5e7f3203b830e4d) - [ ] [【安全圈】理想汽车严正声明:系统遭黑客破解、配合走私均为不实信息](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075971&idx=2&sn=ef4ca71b65ec892a68ab6e5aeb1ab6df) - [ ] [【安全圈】Claude Mythos 发现 271 个火狐浏览器漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075971&idx=3&sn=d88245ccf278317f520a1fdb52cbc91b) - 嘶吼专业版 - [ ] [纵横网络靶场社区正式发布 以虚实融合技术构建工业信息安全实战生态](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247587699&idx=1&sn=fbb2c84d9a470bf1a6c029ebabc611c9) - 极客公园 - [ ] [一年烧掉 1850 亿美元、Google 要做智能体时代的「企业 Windows」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653104590&idx=1&sn=ba274f340d47386ec565ecc2508c3595) - [ ] [阿里、美团、字节、小米罕见「会师」,四大厂为何共同押注自变量机器人](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653104574&idx=1&sn=d51817d3f0a4a99c2e65e725468b4de8) - [ ] [华为余承东:新 M9 友商永远追不上;谷歌曝光智能体专项 AI 芯片;兵乓机器人击败人类顶级选手|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653104514&idx=1&sn=03378040facc37a4362991aa0c8bbcf3) - Tide安全团队 - [ ] [python免杀工具学习记录](https://mp.weixin.qq.com/s?__biz=Mzg2NTA4OTI5NA==&mid=2247522039&idx=1&sn=c350284908280300312997428c9ca991) - 360漏洞云 - [ ] [360漏洞云关于AI生成漏洞报告的处置公告](https://mp.weixin.qq.com/s?__biz=Mzg5MTc5Mzk2OA==&mid=2247505106&idx=1&sn=d03bf915dd581b70aef84e47aa60f39a) - 吴鲁加 - [ ] [产品设计:敲敲里的小花](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247486049&idx=1&sn=fedb211ea9015a53e20afc677c33800e) - Desync InfoSec - [ ] [从设计层面消灭机会型攻击:微软安全架构实践](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247490163&idx=1&sn=c7d48b009317d8a04bafddbd4eef8b70) - [ ] [微软深度解析:如何检测渗透进企业的朝鲜IT工人](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247490163&idx=2&sn=088647f08494a1756d616fbf843d0072) - [ ] [AI技能生态的"狂野西部":安全治理何时到来](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247490163&idx=3&sn=9792634bad890b1844bae365dd1c5001) - 字节跳动技术团队 - [ ] [告别OpenClaw运维盲区:火山引擎日志服务TLS一键开启全景观测](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247519455&idx=1&sn=6e82259aa596557beefc85e20e90b7e5) - 迪哥讲事 - [ ] [1day:可实现Nginx服务器完全控制](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247499371&idx=1&sn=32c47ad71d300fe9cbe182df852f982c) - TrustedSec - [ ] [Kerberos with Titanis](https://trustedsec.com/blog/kerberos-with-titanis) - 小米安全中心 - [ ] [小米安全中心关于AI生成漏洞报告的处置公告](https://mp.weixin.qq.com/s?__biz=MzI2NzI2OTExNA==&mid=2247520758&idx=1&sn=780378239f8aae74642d2d63164517c7) - 云鼎实验室 - [ ] [AI 模型部署工具 Xinference 供应链投毒,腾讯云安全已支持防护](https://mp.weixin.qq.com/s?__biz=MzU3ODAyMjg4OQ==&mid=2247497513&idx=1&sn=1a6633ee397f15f577bb22c97043c48e) - 安全行者老霍 - [ ] [ChatGPT 安全漏洞:仅需一条提示词即可窃取数据](https://mp.weixin.qq.com/s?__biz=Mzg3NjU4MDI4NQ==&mid=2247486519&idx=1&sn=477feb6c180059b6dbb58e7a541a3fc6) - 美团技术团队 - [ ] [清华美团数字生活研究院五周年,一场科技与美好生活的双向奔赴](https://mp.weixin.qq.com/s?__biz=MjM5NjQ5MTI5OA==&mid=2651782526&idx=1&sn=ebbe054ccd2922ff1ce26c54c3007269) - [ ] [LARYBench 发布:定义具身动作表征 ImageNet,首次度量从人类视频学习的泛化表征](https://mp.weixin.qq.com/s?__biz=MjM5NjQ5MTI5OA==&mid=2651782526&idx=2&sn=b65922b008289d429050a655ce8d62a0) - [ ] [30万+元奖金池!美团校园 AI Hackathon 大赛等你来战](https://mp.weixin.qq.com/s?__biz=MjM5NjQ5MTI5OA==&mid=2651782526&idx=3&sn=e240fa4aed4aefbcf5c974d1f41aeebb) - CNVD漏洞平台 - [ ] [Oracle发布2026年4月的安全公告](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247496861&idx=1&sn=e84728250c6c7e960ff202fd58a47932) - 安全419 - [ ] [安全419|一周国际网安资讯:AI写漏洞 古典漏洞重燃](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247553069&idx=1&sn=4f36887e769ae2f6329b6252ae7cc0d0) - [ ] [ISC.AI 2026 创新独角兽沙盒大赛启幕 三大赛道聚焦智能体创新](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247553069&idx=2&sn=e667f1737c79c0617d05da71ac2d73c7) - Tails - News - [ ] [Tails 7.7](https://tails.net/news/version_7.7/) - 悬镜安全 - [ ] [AI投毒情报预警 | Xinference国产推理框架遭受供应链窃密后门投毒](https://mp.weixin.qq.com/s?__biz=MzA3NzE2ODk1Mg==&mid=2647799026&idx=1&sn=1729fca9f605b1ead40156146881a6cd) - ICT Security Magazine - [ ] [Cybersecurity e cavi sottomarini: la nuova sfida strategica nell’era della competizione globale](https://www.ictsecuritymagazine.com/articoli/cavi-sottomarini-cyber/) - [ ] [Intelligenza artificiale e criminalità Informatica: quando lo stesso strumento difende e attacca](https://www.ictsecuritymagazine.com/articoli/ai-criminalita-informatica/) - 360数字安全 - [ ] [马来西亚企业代表团到访360 共探智能经济时代AI安全新路径!](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247585777&idx=1&sn=c3a723e0f93c81774c85aa25c961aa1d) - SANS Internet Storm Center, InfoCON: green - [ ] [Apple Patches Exploited Notification Flaw, (Thu, Apr 23rd)](https://isc.sans.edu/diary/rss/32922) - [ ] [ISC Stormcast For Thursday, April 23rd, 2026 https://isc.sans.edu/podcastdetail/9904, (Thu, Apr 23rd)](https://isc.sans.edu/diary/rss/32920) - Future of Tech and Security: Strategy & Innovation with Raffy - [ ] [How to Build an AI Company Now](https://raffy.ch/blog/2026/04/23/how-to-build-an-ai-company-now/) - Schneier on Security - [ ] [FBI Extracts Deleted Signal Messages from iPhone Notification Database](https://www.schneier.com/blog/archives/2026/04/fbi-extracts-deleted-signal-messages-from-iphone-notification-database.html) - The Hacker News - [ ] [UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware](https://thehackernews.com/2026/04/unc6692-impersonates-it-helpdesk-via.html) - [ ] [Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign](https://thehackernews.com/2026/04/bitwarden-cli-compromised-in-ongoing.html) - [ ] [ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories](https://thehackernews.com/2026/04/threatsday-bulletin-290m-defi-hack.html) - [ ] [[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speed](https://thehackernews.com/2026/04/webinar-mythos-reality-check-beating.html) - [ ] [Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?](https://thehackernews.com/2026/04/project-glasswing-proved-ai-can-find.html) - [ ] [China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors](https://thehackernews.com/2026/04/china-linked-gopherwhisper-infects-12.html) - [ ] [Vercel Finds More Compromised Accounts in Context.ai-Linked Breach](https://thehackernews.com/2026/04/vercel-finds-more-compromised-accounts.html) - [ ] [Apple Fixes iOS Flaw That Let FBI Recover Deleted Signal Messages](https://thehackernews.com/2026/04/apple-patches-ios-flaw-that-stored.html) - Deeplinks - [ ] [EFF to 9th Circuit (Again): App Stores Shouldn’t Be Liable for Processing Payments for User Content](https://www.eff.org/deeplinks/2026/04/eff-9th-circuit-again-app-stores-shouldnt-be-liable-processing-payments-user) - [ ] [Speaking Freely: Lizzie O'Shea](https://www.eff.org/deeplinks/2026/04/speaking-freely-lizzie-oshea) - The Register - Security - [ ] [Dev targeted by sophisticated job scam: 'I let my guard down, and ran the freaking code'](https://go.theregister.com/feed/www.theregister.com/2026/04/23/job_scam_targeted_developer/) - [ ] [Chinese attackers are pwning your infrastructure to use in attacks, 10 countries warn](https://go.theregister.com/feed/www.theregister.com/2026/04/23/china_covert_networks/) - [ ] [Age checks could turn internet into an ID checkpoint, complains Proton CEO](https://go.theregister.com/feed/www.theregister.com/2026/04/23/proton_ceo_age_checks_id_checkpoint/) - [ ] [American farms have a new steward for their safety net, disaster programs... Palantir](https://go.theregister.com/feed/www.theregister.com/2026/04/23/palantir_wins_us_department_of_agriculture_contract/) - [ ] [Medical data of 500k Biobank volunteers listed for sale on Alibaba, UK minister reveals](https://go.theregister.com/feed/www.theregister.com/2026/04/23/500k_biobank_volunteers_data_listed/) - [ ] [Hybrid clouds have two attack surfaces and you’re not paying enough attention to either](https://go.theregister.com/feed/www.theregister.com/2026/04/23/wac_flaws_hybrid_cloud_security/) - [ ] [If malware via monitor cables is a matter of national security, this might be the gadget for you](https://go.theregister.com/feed/www.theregister.com/2026/04/23/ncscs_first_foray_into_commercial/) - [ ] [Using the password 'admin123' wasn't as bad as sharing it on Slack](https://go.theregister.com/feed/www.theregister.com/2026/04/23/sharing_isnt_caring_pwned/) - [ ] [Pass the key, passwords have passed their sell-by date](https://go.theregister.com/feed/www.theregister.com/2026/04/23/ncsc_passkey_tech_now_reliable/) - Security Affairs - [ ] [Luxury cosmetics giant Rituals discloses data breach impacting member personal details](https://securityaffairs.com/191192/data-breach/rituals-discloses-a-data-breach-impacting-member-personal-details.html) - [ ] [iOS Flaw Let Deleted Notifications Linger, Apple Issues Fix](https://securityaffairs.com/191183/mobile-2/ios-flaw-let-deleted-notifications-linger-apple-issues-fix.html) - [ ] [RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace](https://securityaffairs.com/191171/cyber-crime/ramp-uncovered-anatomy-of-russias-ransomware-marketplace.html) - [ ] [U.S. CISA adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/191164/hacking/u-s-cisa-adds-a-flaw-in-microsoft-defender-to-its-known-exploited-vulnerabilities-catalog.html) - [ ] [Microsoft Graph API misused by new GoGra Linux malware for hidden communication](https://securityaffairs.com/191153/uncategorized/microsoft-graph-api-misused-by-new-gogra-linux-malware-for-hidden-communication.html) - Social Engineering - [ ] [The art of self deprecation...](https://www.reddit.com/r/SocialEngineering/comments/1st8qz2/the_art_of_self_deprecation/) - TorrentFreak - [ ] [Sflix, Myflixerz, HDtoday, and other Pirate Sites Go Dark as Backend Infrastructure Fails](https://torrentfreak.com/sflix-myflixerz-hdtoday-and-other-pirate-sites-go-dark-as-backend-infrastructure-fails/) - Computer Forensics - [ ] [What forensic/recovery program outputs "filename.ext-slack" ?](https://www.reddit.com/r/computerforensics/comments/1stge3p/what_forensicrecovery_program_outputs/) - Technical Information Security Content & Discussion - [ ] [Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain ...](https://www.reddit.com/r/netsec/comments/1stxtw3/bitwarden_cli_compromised_in_ongoing_checkmarx/) - [ ] [CVE-2026-34621: Adobe Acrobat Reader zero-day was on VirusTotal for 136 days before Adobe named it a CVE](https://www.reddit.com/r/netsec/comments/1str4k9/cve202634621_adobe_acrobat_reader_zeroday_was_on/) - [ ] [UK Biobank Health Data of 500K Listed for Sale in China](https://www.reddit.com/r/netsec/comments/1stxk5z/uk_biobank_health_data_of_500k_listed_for_sale_in/) - Information Security - [ ] [Cisco SD-WAN Manager: 3 CVEs Chain to Full Credential Theft — CISA Deadline Was Today](https://www.reddit.com/r/Information_Security/comments/1stu2kj/cisco_sdwan_manager_3_cves_chain_to_full/) - [ ] [Is device-level control becoming the new security perimeter?](https://www.reddit.com/r/Information_Security/comments/1sthbl2/is_devicelevel_control_becoming_the_new_security/) - [ ] [Automating Domain Impersonation Detection](https://www.reddit.com/r/Information_Security/comments/1sth0jj/automating_domain_impersonation_detection/) - [ ] [솔루션 도입 시 보안 사고 책임 소재와 법적 리스크, 다들 어떻게 대비하시나요?](https://www.reddit.com/r/Information_Security/comments/1stet66/솔루션_도입_시_보안_사고_책임_소재와_법적_리스크_다들_어떻게_대비하시나요/) - [ ] [글로벌 서비스 보안의 핵심: 중앙 집중식 KYC의 한계와 DID의 필요성](https://www.reddit.com/r/Information_Security/comments/1sta5gl/글로벌_서비스_보안의_핵심_중앙_집중식_kyc의_한계와_did의_필요성/) - [ ] [보안 감사 대비: 소스 코드 내 민감 정보 노출을 방지하는 아키텍처와 자동화 전략](https://www.reddit.com/r/Information_Security/comments/1st9w9z/보안_감사_대비_소스_코드_내_민감_정보_노출을_방지하는_아키텍처와_자동화_전략/) - [ ] [Lazarus APT has weaponized new malware to hunt C-level credentials](https://www.reddit.com/r/Information_Security/comments/1st9cvv/lazarus_apt_has_weaponized_new_malware_to_hunt/) - [ ] [Is cybersecurity training still worth it in 2026?](https://www.reddit.com/r/Information_Security/comments/1stcf2j/is_cybersecurity_training_still_worth_it_in_2026/) - netsecstudents: Subreddit for students studying Network Security and its related subjects - [ ] [Stuck in "Tutorial Hell": I know the theory of IDOR perfectly, but can't find anything in the wild. How do I bridge the gap?](https://www.reddit.com/r/netsecstudents/comments/1stjxpj/stuck_in_tutorial_hell_i_know_the_theory_of_idor/) - [ ] [Need respondants for my thesis on Dark Web and Digital Forensics](https://www.reddit.com/r/netsecstudents/comments/1stb2hr/need_respondants_for_my_thesis_on_dark_web_and/) - [ ] [Does anyone have an archive containing all versions of the DarkComet RAT?](https://www.reddit.com/r/netsecstudents/comments/1stadv1/does_anyone_have_an_archive_containing_all/) - Blackhat Library: Hacking techniques and research - [ ] [Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet](https://www.reddit.com/r/blackhat/comments/1sty79t/newly_deciphered_sabotage_malware_may_have/) - Tor Project blog - [ ] [New Release: Tails 7.7](https://blog.torproject.org/new-release-tails-7_7/) - Your Open Hacker Community - [ ] [No trace of Telegram chat - completely disappeared overnight](https://www.reddit.com/r/HowToHack/comments/1std7y4/no_trace_of_telegram_chat_completely_disappeared/) - [ ] [Stuck in "Tutorial Hell": I know the theory of IDOR perfectly, but can't find anything in the wild. How do I bridge the gap?](https://www.reddit.com/r/HowToHack/comments/1stkkuy/stuck_in_tutorial_hell_i_know_the_theory_of_idor/) - [ ] [How to download view only video files from Google Drive](https://www.reddit.com/r/HowToHack/comments/1sthjz6/how_to_download_view_only_video_files_from_google/) - Security Weekly Podcast Network (Audio) - [ ] [Back to (or Start) Fundamentals? - Rajesh Khazanchi - PSW #923](http://sites.libsyn.com/18678/back-to-or-start-fundamentals-rajesh-khazanchi-psw-923) - 网安寻路人 - [ ] [从Mythos到GPT-5.4-Cyber:超强AI网络能力的访问秩序正在形成](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247508379&idx=1&sn=50b2f33138da1511aa965f48b3f0994d)
每日安全资讯(2026-04-24)