244 lines (243 loc) · 28.2 KB

每日安全资讯（2026-03-24）

Recent Commits to cve:main
- Update Mon Mar 23 11:30:41 UTC 2026
SecWiki News
- SecWiki News 2026-03-23 Review
Tenable Blog
- The hidden cost of AI speed: Unmanaged cyber risk
No Headback
- book driven development
先知安全技术社区
- PolarCTF2026春季个人赛 Web方向全解
先知安全技术社区
- PolarCTF2026春季个人赛 Web方向全解
InfoSec Write-ups - Medium
- 192.168.1.1 Walks Into Every House on the Street
- [13 Cubed] Trouble at ACME Challenge — Investigating Windows Endpoint
- Insecure Output Handling: Exploiting XSS in LLM Applications (Part 1)
- Jordak Linux Lab Proving Grounds
- Understanding the insecure deserialization vulnerability
- Shellcode Analysis: Egg Hunters, Encoders, and Polymorphism
paper - Last paper
- 增强网络入侵检测系统：一种抵御对抗攻击的多层集成方法
Microsoft Security Blog
- Case study: How predictive shielding in Defender stopped GPO-based ransomware before it started
嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
- 【附下载】深度拆解OpenClaw“龙虾”风险：AI时代供应链安全，为何成了行业致命软肋？
- 嘶吼安全动态｜国家级电力AI中试基地启用，华为、百度入驻筑牢能源AI安全 OpenWebUI服务器遭攻击，被植入挖矿与信息窃取恶意代码
Bug Bounty in InfoSec Write-ups on Medium
- Understanding the insecure deserialization vulnerability
Reverse Engineering
- /r/ReverseEngineering's Weekly Questions Thread
- We got Skype to log in - One major step in figuring out the popular 2000s IM client
- TIL you can detect a UEFI bootkit from usermode by just asking it nicely
- Using local LLM and Ghidra to analyze malware (Part 2)
- I built an FPGA reimplementation of the 3dfx Voodoo 1
Malwarebytes
- FriendlyDealer mimics official app stores to push unvetted gambling apps
- The March Madness scam playbook
- Advanced Flow will make Android sideloading safer
- A week in security (March 16 – March 22)
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
- When Data Mining Conti Leaks Leads to Actual Binaries and to a Hardcoded C2 With an Encryption Key on Tripod.com - Part Four
人言兑
- 夺回代码控制权与人际关系边界感：阿小信的自由职业周记（2026W12）
Blog
- Farming at the Edge: Where Autonomous Robots and Edge Compute Meet
HackerNews
- Trivy 安全扫描器 GitHub Actions 遭入侵，75 个标签被劫持以窃取 CI/CD 机密
- CISA 将苹果、Craft CMS、Laravel 漏洞列入已知被利用漏洞目录
- 甲骨文修复关键 RCE 漏洞
- FBI 警告：俄罗斯黑客在大规模网络钓鱼攻击中盯上 Signal 和 WhatsApp
Shostack & Friends Blog
- Wasting Failures at RSAC™ 2026 Conference
奇客Solidot–传递最新科技情报
- OnlyFans 所有者 Leonid Radvinsky 去世，年仅 43 岁
- 巴哈马群岛鲨鱼体内发现可卡因
- 因太阳能充足澳大利亚降低电价为居民提供免费三小时用电
- GrapheneOS 拒绝年龄验证
- 石油能源危机推动向可再生能源的转型
- 烟头会在环境中停留十年以上
- 三星 Galaxy S26 支持 AirDrop
- 微软释出紧急更新修复微软账号登录问题
- 龙芯工程师将维护其 DRM 驱动
- 一篇推荐 RSS 阅读器的文章下载了 500 MB 的广告
- 联合国警告地球气候愈发失衡
赵武的自留地
- 网络安全年会不能停
腾讯玄武实验室
- 每日安全动态推送(26/3/23)
安全分析与研究
- 进程操作技术（上）——进程镂空的艺术
威努特安全网络
- 全船覆盖网络智联，威努特为航运智能化筑牢通信根基
- 威努特超融合医疗行业落地实践
黑鸟
- 首个武器化HDMI-CEC协议的安卓电视盒僵尸网络
代码卫士
- Oracle 紧急修复 Identity Manager 和 Web Services Manager 中的严重RCE漏洞
- Trivy供应链攻击触发CanisterWorm 在47个 npm 包中自传播
看雪学苑
- 安卓逆向基础知识之frida Hook
- 首届 PolarisCTF 招新赛正式启幕
- 新型木马绕过 Chrome 加密，无注入窃取浏览器主密钥
- 【非虫系列】打包更优惠！安卓软件开发与逆向分析（开发篇+工具篇）
灾难控制局
- AgentSmith-HUB v0.1.9 更新说明
绿盟科技研究通讯
- RSAC 2026创新沙盒 | Glide Identity：打造AI新一代无密码身份认证平台
- RSAC 2026创新沙盒 | Fig Security：安全检测体系可靠性的守护者
先进攻防
- 学习Palantir那笔没人算的账
奇安信 CERT
- 今日（2026年3月23日）OpenClaw 最新安全动态总结
天御攻防实验室
- 经济学人｜美国政府指示私营企业黑回去
青衣十三楼飞花堂
- 若m<∠COD<n，求n-m
信安之路
- 这个功能你一定喜欢！！！
全频带阻塞干扰
- 美国国务院已发布全球范围安全警示！！
腾讯安全威胁情报中心
- 致命分身 | FakeGit 伪造开源生态投毒活动追踪
安全圈
- 【安全圈】为博眼球使用 AI 造谣“烟花厂爆炸致 2 死 2 伤”，男子被依法处罚
- 【安全圈】晋中网安部门破获一起非法获取公民个人信息案
- 【安全圈】地缘冲突下加密货币“雪崩”，比特币跳水，20万人爆仓血本无归！
极客公园
- 当所有人都在做 Agent，光年之外为什么选择做浏览器？
- 中国团队打造「两轮特斯拉」，一场对日本巨头的「围剿」正在东南亚上演
- 微信推官方龙虾插件；雷军：正在开发电脑版龙虾；Reddit 大量招应届生，因是 AI 原生一代 | 极客早知道
ChaMd5安全团队
- 红队实战指南：AI驱动的渗透测试、红队评估和漏洞挖掘
补天平台
- 【议程发布】补天北京站沙龙解锁AI时代下白帽黑客的新机遇！
- 攻防视角下的OpenClaw恶意插件生态深度复盘与防御
微步在线
- 守护AI智能体Skill安全，SafeSkill已上线！
信息安全国家工程研究中心
- 处罚案例 | 西安市网信办通报一批涉网络安全、数据安全典型案例
阿里安全响应中心
- 【长线活动】2026淘天电商反爬专项
火绒安全
- BYOVD攻击泛滥！火绒专项防护守护系统安全
- 诚邀渠道合作伙伴共启新征程
情报分析师
- 比CIA还早知道打击时间，Bellingcat的Turnstone工具如何用公开数据预判军事行动
- 你以为审讯靠的是威吓？错了——顶级情报官用的是"让对方自愿开口"
安全牛
- 2026 年生成式 AI 时代企业内部风险治理：威胁升级与范式重构
- 中央网信办指导网站平台全面规范短视频内容标注工作；CNCERT发布OpenClaw安全使用实践指南| 牛览
青藤云安全
- 新品发布：无代理・0干扰，护IoT全域安全
嘶吼专业版
- 嘶吼安全动态｜国家级电力AI中试基地启用，华为、百度入驻筑牢能源AI安全 OpenWebUI服务器遭攻击，被植入挖矿与信息窃取恶意代码
三欢师哥
- 倪海厦老师讲2026丙午年：财神爷只认"土"
君哥的体历
- 从终端沙箱到AI Agent：安全隔离的演进与安全角色的重塑｜总第311周
OPPO安全中心
- 【最后7天】OSRC联合4大SRC开启"春日猎洞"，50%额外奖励、新人加成、联合大礼包等你来拿！
陌陌安全
- 陌陌安全招人啦~
丁爸情报分析师的工具箱
- 【开源情报】3.9巴林爆炸源自美军爱国者导弹
安全行者老霍
- Gartner 守护智能体（Guardian Agents）市场指南
数世咨询
- 安全验证的未来：持续验证、自主操作、统一平台
- 【限时免费】全系统加固体验月启动！别让任何一个系统成为安全短板！
京东安全应急响应中心
- 【活动】春风有约，反爬专测已就位，高额奖励等你来拿！
迪哥讲事
- 业务逻辑中存在的权限绕过
安全产品人的赛博空间
- 再推荐一次cc-connect
CNVD漏洞平台
- CNVD漏洞周报2026年第11期
- 上周关注度较高的产品安全漏洞(20260316-20260322)
Over Security - Cybersecurity news aggregator
- RuneScape Boards - 222,762 breached accounts
- Mazda discloses security breach exposing employee and partner data
- Tycoon2FA phishing platform returns after recent police disruption
- Someone has publicly leaked an exploit kit that can hack millions of iPhones
- FBI warns of Russian, Iranian cyber activity involving messaging platforms
- TeamPCP deploys Iran-targeted wiper in Kubernetes attacks
- Crunchyroll probes breach after hacker claims to steal 6.8M users' data
- Education company Kaplan reports data breach impacting more than 230,000
- Digital Omnibus e protezione dati: una riflessione politica sul futuro del GDPR
- Trivy supply-chain attack spreads to Docker, GitHub repos
- US sentences Nigerian national to 7 years in $6 million email fraud scheme
安全419
- RSAC 2026开幕：AI从会议主题变为大会本身
D3Lab
- Falsa email su ChatGPT: nuova campagna di phishing in Italia ruba dati delle carte e codici OTP
Have I Been Pwned latest breaches
- RuneScape Boards - 222,762 breached accounts
ICT Security Magazine
- Difesa dall’AI offensiva: detection proattiva, auto-disruption e nuovi framework di valutazione
安全内参
- CNCERT发布OpenClaw安全使用实践指南
- RSAC 2026参展企业全景透视：Agentic AI安全如何从零到火爆
Securityinfo.it
- AWS Bedrock: otto vettori che trasformano l’AI in un punto d’ingresso
Schneier on Security
- Microsoft Xbox One Hacked
SANS Internet Storm Center, InfoCON: green
- Tool updates: lots of security and logic fixes, (Mon, Mar 23rd)
- ISC Stormcast For Monday, March 23rd, 2026 https://isc.sans.edu/podcastdetail/9860, (Mon, Mar 23rd)
The Hacker News
- North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
- ⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More
- We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them
- Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware
- Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper
- Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
BorderGate
- Pentesting iSCSI
Krebs on Security
- ‘CanisterWorm’ Springs Wiper Attack Targeting Iran
360数字安全
- “龙虾”一句话险些让Meta裸奔，360用AI监管AI守住防线
Blackhat Library: Hacking techniques and research
- What’s missing from most security tools isn’t more detection, it’s guidance
- Free proxy trial to help me diagnose nightmarish
Security Affairs
- QNAP fixed four vulnerabilities demonstrated at Pwn2Own Ireland 2025
- Pro-Iranian Nasir Security is targeting energy companies in the Gulf
- 44 Aqua Security repositories defaced after Trivy supply chain breach
- Iran-linked actors use Telegram as C2 in malware attacks on dissidents
- International police Operation Alice take down 373,000 dark web sites exploiting children
Microsoft Security Blog
- Case study: How predictive shielding in Defender stopped GPO-based ransomware before it started
Information Security
- Participants needed for university research on deepfake detection (18+, Computing Related Fields, 8–10 min)
- Cyber Security Problems
- I got into SANS {woo hoo}
- Why "Prevention" is a dead strategy in 2026.
- Hybrid mesh firewall comparison
- Built an open-source threat modeling tool. Looking for honest feedback.
netsecstudents: Subreddit for students studying Network Security and its related subjects
- Participants needed for university research on deepfake detection (18+, Computing Related Fields, 8–10 min)
- which vpn architecture actually removes operator visibility rather than relying on policy?
- Wanna get into ethical hacking but lowkey lost 😭
- Hello everyone, I’m trying to understand the field of cybersecurity and its future.
Technical Information Security Content & Discussion
- Remote Command Execution in Google Cloud with Single Directory Deletion
- Vulnerability Disclosure - SCHNEIDER ELECTRIC Modicon Controllers M241 / M251 / M262
- Why Your Brain is a Security Risk
- BoxPwnr: AI Agent Benchmark (HTB, TryHackMe, BSidesSF CTF 2026 etc.)
- e open-sourced 209 security tests for multi-agent AI systems (MCP, A2A, L402/x402 protocols)
- Detect SnappyClient C&C Traffic Using PacketSmith + Yara-X Detection Module
IT Service Management News
- Conservazione dei dati: i 7 errori comuni sanzionati dal garante
Your Open Hacker Community
- How can someone access Aadhaar details & gallery just from an app??
- How to make Claude make a hack client for Minecraft
Tor Project blog
- Setting Up a Tor Relay at National Taiwan Normal University: A Practical Experience of Communicating with the University and Leaving Open Possibilities
Computer Forensics
- Ram acquisition on macos
Security Weekly Podcast Network (Audio)
- Can AI help critical infrastructure, the state of the cyber market, and weekly news - Mike Privette, Kara Sprague - ESW #451