# 每日安全资讯(2026-06-25) - SecWiki News - [ ] [SecWiki News 2026-06-24 Review](http://www.sec-wiki.com/?2026-06-24) - Paper - 知道创宇404实验室 - [ ] [NRT-Bench:面向安全关键控制室中 LLM 智能体的多轮红队测试基准](https://paper.seebug.org/3492) - Private Feed for M09Ic - [ ] [joaoviictorti starred claration/Impactor](https://github.com/claration/Impactor) - [ ] [Teach2Breach starred sums001/Windows-Copilot-API](https://github.com/sums001/Windows-Copilot-API) - [ ] [liamg contributed to infracost/vcs](https://github.com/infracost/vcs/pull/8) - [ ] [gh0stkey starred zhaoxuya520/reverse-skill](https://github.com/zhaoxuya520/reverse-skill) - [ ] [huoji120 starred OpenPipe/ART](https://github.com/OpenPipe/ART) - [ ] [gh0stkey starred abiosoft/colima](https://github.com/abiosoft/colima) - [ ] [esrrhs contributed to esrrhs/fakelua](https://github.com/esrrhs/fakelua/pull/215) - [ ] [4ra1n starred cloudflare/security-audit-skill](https://github.com/cloudflare/security-audit-skill) - [ ] [Teach2Breach starred entropykit/entropia](https://github.com/entropykit/entropia) - Recent Commits to cve:main - [ ] [Update Wed Jun 24 11:57:22 UTC 2026](https://github.com/trickest/cve/commit/165adf93b8ce154cf2a245344d02ff41bb63a569) - Doonsec's feed - [ ] [【DCMM科普】第16期:DCMM评估工作涉及哪些部门和岗位?](https://mp.weixin.qq.com/s/yhqmls8TtArj6FxLHQZ0mQ) - [ ] [2026\"工赋砺网\" | 工业数据安全治理与实践专场培训启动报名](https://mp.weixin.qq.com/s/TlUJluF66rxYDW6fmJ8qWQ) - [ ] [安全419|一周国际网安资讯:FortiBleed席卷全球 AI安全治理迫在眉睫](https://mp.weixin.qq.com/s/VnUPwr8lvcDqUIRNnsczEw) - [ ] [周鸿祎:网络安全面临第二次“单向透明” 中国必须拥有自己的Mythos](https://mp.weixin.qq.com/s/P-vEglgOB_EkRRD2qfXNjA) - [ ] [关于规范 AI 辅助漏洞报告提交标准的公告](https://mp.weixin.qq.com/s/YEm5YIvDE_8U7EZ4aeqcOQ) - [ ] [分享的图片、视频、链接](https://mp.weixin.qq.com/s/1uDigc9T9gx11TTsjuTT1w) - [ ] [国际首秀!亚信卫星互联网、Physical AI、Token产品亮相2026MWC上海,铸就新增长](https://mp.weixin.qq.com/s/O6iSrODH1ZwPEkLxKn4TIQ) - [ ] [企业 AI 落地流程,先做一个可验收流程](https://mp.weixin.qq.com/s/tjOOB3NzQlIWV_2KHsqAJg) - [ ] [Libssh2 严重漏洞可导致攻击者执行远程代码](https://mp.weixin.qq.com/s/G9LnlaMKR93T9XGNU81hNQ) - [ ] [“冬虫夏草”供应链漏洞影响数千家组织机构的代码仓库](https://mp.weixin.qq.com/s/PfoHqQUojOONl1M4FMe0zw) - [ ] [Burp/Yakit平替?一个更适合新人用的抓包工具 + 插件扩展](https://mp.weixin.qq.com/s/ks3-CQnXZZgdlu9qP_Tmdg) - [ ] [2026网络安全秋招高频八股文,收藏](https://mp.weixin.qq.com/s/__UJg7KTYkgf9eybvRy2bg) - [ ] [湖北银行信息科技部招软件开发岗(AI大模型方向)若干](https://mp.weixin.qq.com/s/Nyf3dmKTDhklldHt-7pqog) - [ ] [裁员降薪不断,网络安全还能干吗?写给正焦虑的网安人!](https://mp.weixin.qq.com/s/8fq6J0QaLppRbFVxoKzc7w) - [ ] [印度代工巨头超630GB数据泄露:涉特斯拉、苹果,后者已启动调查](https://mp.weixin.qq.com/s/9_YdX33-dPszN2Kc3sCzgg) - [ ] [特朗普签署总统行政令,启动后量子密码强制迁移](https://mp.weixin.qq.com/s/et0dhmQWH4RXTshUKb1BHA) - [ ] [火绒小问答--「个人版」近期top问题解答](https://mp.weixin.qq.com/s/LjsG3SvcSQRZNJGZB96SBQ) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s/M8_0htNuDmSvM5_bJxWtTw) - [ ] [Anthropic 的 Mythos 模型在美国政府系统中发现漏洞](https://mp.weixin.qq.com/s/pAhdg_YyZY-pMDA_5-muwg) - [ ] [美参议院提案评估由民企代美军实施网络渗透的可行性](https://mp.weixin.qq.com/s/IKTzKf5_YvcXGUKev1Anug) - [ ] [数世咨询:ASIC安全芯片防火墙能力白皮书正式发布](https://mp.weixin.qq.com/s/drMAXr9XlNoUmoQfJZPeAg) - [ ] [ISC 2026:周鸿祎发布“中国版Mythos”](https://mp.weixin.qq.com/s/A7LbxHV_HKGhT-RugRbQTg) - [ ] [“第六届数字安全大会”倒计时3天](https://mp.weixin.qq.com/s/RRGbC6HNn6NCqYMuUOU90A) - [ ] [邮件服务器预警:Exchange 多个 SSRF 漏洞利用细节已公开](https://mp.weixin.qq.com/s/52YAM_DXiI9hE4eXddOVlw) - [ ] [依旧打不开](https://mp.weixin.qq.com/s/Q3o9YMRzBQYICvGJzowFsQ) - [ ] [sci论文一直投不中?大牛帮指导选刊投稿返修后,被拒的5篇SCI全中了!](https://mp.weixin.qq.com/s/7nNzTIVqYgggbGXx2qeZwA) - [ ] [盒子邀请你参加「国家官方+高奖金+返现送token」大模型挖洞比赛](https://mp.weixin.qq.com/s/mVflPYGWAAr9QwjXt0S-ng) - [ ] [用友U8 CRM getsrvtemplate.php SQL注入漏洞](https://mp.weixin.qq.com/s/Kp_lGaMx_tlm7uUbKFup2w) - [ ] [CVE-2026-8461(PixelSmash) - 分析及复现](https://mp.weixin.qq.com/s/Xqd0CHRhVqbhKYXBZwu-Sw) - [ ] [信息安全漏洞周报(2026年第25期)](https://mp.weixin.qq.com/s/ElFbb2djZzUy6npR595KfA) - [ ] [安博通创始人、董事长钟竹受邀出席第十七届夏季达沃斯论坛](https://mp.weixin.qq.com/s/kEc2zV-GTbUICmI3s3Qb1w) - [ ] [逻辑漏洞之注册模块](https://mp.weixin.qq.com/s/LYqeuFLZr3VoeDQmHGL_PA) - [ ] [V 模型——系统工程的\"生命周期地图\"](https://mp.weixin.qq.com/s/JQZHqQ7N4jScAIuxyXhRXQ) - [ ] [白宫发布《国家韧性战略》](https://mp.weixin.qq.com/s/dOsiCN7M2VjY1kRrLv8nBw) - [ ] [2025年全球高被引科学家分布及人才发展启示](https://mp.weixin.qq.com/s/SUZytSgsrTDlZusba24BRA) - [ ] [中国通信学会标准化工作委员会通过数据智能应用标准工作组成立申请,工作组成员单位征集启动](https://mp.weixin.qq.com/s/eb6Jnwdf6NgbpW6UUK6PPA) - [ ] [“格物”评测 | 中国信通院启动物理AI实景实训空间与虚拟仿真平台能力评估工作](https://mp.weixin.qq.com/s/sxd6lCJtyd6ljMug0xGH0g) - [ ] [【打假】兄弟赚钱嘛?今年HW四个月!](https://mp.weixin.qq.com/s/fb54I7GHkgGqnIrpf4_aDg) - [ ] [第四章 智能体经典构建](https://mp.weixin.qq.com/s/jvOgUbQxLVj4urbRPhfyYg) - [ ] [政策动态丨中国政府发布关于全球治理的白皮书;2026世界人工智能大会将于7月举办](https://mp.weixin.qq.com/s/1saD2uhayY_IHm_GDnfcPQ) - [ ] [安全宣传丨女子下载App免费领卷纸后,2万存款半夜被盗刷!](https://mp.weixin.qq.com/s/tKUkSPyI2F0O1t4cqPYqBA) - [ ] [LeoAI:AI 接管后渗透](https://mp.weixin.qq.com/s/U3pkId8Tw_MXgq68nZDSbw) - [ ] [山石网科协助国药太极涪陵“灯塔工厂”安全体系建设](https://mp.weixin.qq.com/s/GmQ58aXXxNo6CO24IfK_HA) - [ ] [ASIC防火墙七大核心业务场景:④连接复用/多请求](https://mp.weixin.qq.com/s/OKkVEDNl3nokAb6mQZKIkA) - [ ] [ACM CCS 2025论文解读 | CPU Fuzzing的下一站不是更随机,而是更懂语义:从DiveFuzz看RISC-V验证的反馈升级](https://mp.weixin.qq.com/s/DLyBJlE43DI6v9G7X6ZSgQ) - [ ] [“断网下的自救\"——伊朗发生断网怎么发出消息?](https://mp.weixin.qq.com/s/BxI7D_TUNW_ON1NOBm1xZQ) - [ ] [【理论专著】全域联合作战电磁空间控制理论与网电一体战法](https://mp.weixin.qq.com/s/_i6QpHvEv4W_7c9UnseNrA) - [ ] [【研究报告】基于俄乌和美以伊冲突的高价值目标防护与防空反导体系运用研究](https://mp.weixin.qq.com/s/z2DPjI_-_3ZCrWnSXUC6Kw) - [ ] [【研究报告】局部海上冲突背景下无人水面艇作战效应及海战体系演化研究](https://mp.weixin.qq.com/s/zjI5IAJijErabNz9doy0kg) - [ ] [【研究报告】美以伊冲突背景下美军战时后勤物资跨区域采购体系运行效能评估研究](https://mp.weixin.qq.com/s/_VG0uKIqaN39MP2weeFq8g) - [ ] [【研究报告】国外人工影响天气技术发展现状及其军事应用评估](https://mp.weixin.qq.com/s/rFMNLJzrNEen3M3ekTTGmw) - [ ] [【研究报告】联合全域指挥控制框架下美军电磁战斗管理体系演进与能力评估](https://mp.weixin.qq.com/s/etQK0jel73mvAdyU2YhjlQ) - [ ] [人工智能对抗认知战的基本风险](https://mp.weixin.qq.com/s/X7jxPNihgWhWFSgDpxL8eA) - [ ] [美国陆军经验教训中心发文《无人机声学探测系统——乌克兰与新兴技术》](https://mp.weixin.qq.com/s/Utpaj6Hig-jLGAAmSo2GUQ) - [ ] [Jeecgboot SSTI老洞新招](https://mp.weixin.qq.com/s/jBKXOUbDKQuQsoKVsGEW3Q) - [ ] [首都机场旅客端“一体化”平台与国家网络身份认证公共服务平台成功对接](https://mp.weixin.qq.com/s/xGl6DrAEr8mSGEoEuvxEtQ) - [ ] [《AI时代云安全发展报告——DDoS攻击趋势与防御演进》即将发布!](https://mp.weixin.qq.com/s/swWJyG0GbtF7Tl1uMFR0cw) - [ ] [wifiscope:不接入任何WiFi,探测周围设备并全部“可视化”](https://mp.weixin.qq.com/s/Hl6vrPPh9KKA9zMMWPE8CA) - [ ] [持续走进高校!S-PLAN校园行落地西安工程大学、渭南师范学院](https://mp.weixin.qq.com/s/WjwS4k9k7ByHNKwoX9PHMw) - [ ] [Active Directory 攻击面扩展:WSUS 与 Veeam 视角](https://mp.weixin.qq.com/s/pruiziqUVNHz7_Qfopoq0w) - [ ] [万行规则无损迁移|双园区F5平滑替换](https://mp.weixin.qq.com/s/BLTXT86I2j78BiKP9eYXRw) - [ ] [周鸿祎:中国必须拥有自己的 Mythos](https://mp.weixin.qq.com/s/xFP9fywoTtywx_r3-kgGQQ) - [ ] [从\"内容治理\"到\"行为治理\":中国智能体治理框架深度解析与绿盟科技实践](https://mp.weixin.qq.com/s/50QYwa4P2FpYhHIXtw678A) - [ ] [强强联袂,共筑网安长城——郑州观辰至诚科技有限公司携手船山院士网络安全团队](https://mp.weixin.qq.com/s/VP5v-kGvcG8cV22staA-yg) - [ ] [计算机的芯片从需要卡车装到口袋装,科技进步了很大,下一个阶段会是怎样的?](https://mp.weixin.qq.com/s/EUDboOkHPWNZdxHtFt36Ag) - [ ] [从命令注入到凭据泄露,手把手教你复现命令行工具高危漏洞](https://mp.weixin.qq.com/s/PX8h51A5vT8nglsayj0_tw) - [ ] [ADCS-ESC5 权限误配置利用:结合 SubCA 模板获取域控权限](https://mp.weixin.qq.com/s/bnF3-MaclG5UYDdvREnWww) - [ ] [重磅突破!我院软件与安全团队成果斩获 ICSE2026会议 ACM SIGSOFT杰出论文奖](https://mp.weixin.qq.com/s/CpVhX1bXY_lpzZl1jGQN3A) - [ ] [“美军作战评估(OA)研修班”主题六:战斗评估(CA)流程与实施](https://mp.weixin.qq.com/s/vm6cXpUs254XLYnvqZnubg) - [ ] [【上新】美军联合战斗搜救行动解析:以2026年美以伊冲突F-15E机组营救为例](https://mp.weixin.qq.com/s/rgjyw5f7xhAxBqCxaRQULg) - [ ] [【上新】如何化解战区后勤指挥面临的结构性矛盾?](https://mp.weixin.qq.com/s/OihnBK1sodN9kKWiH87GEA) - [ ] [【上新】四场伊以冲突中伊朗导弹与无人机打击情况](https://mp.weixin.qq.com/s/X8JHna0GxSzt7-WyLEpSbg) - [ ] [对抗性后勤兵棋推演:印太美军油料保障弱点和韧性](https://mp.weixin.qq.com/s/YPB3QYYS3N-9sgjJ0lQF8g) - [ ] [分队战术决心 | “高价值目标防护”课目推演通知](https://mp.weixin.qq.com/s/eDUHBIzPhAZ_64y03YFCsw) - [ ] [第15篇 全栈AI · AI 渗透测试蜂群](https://mp.weixin.qq.com/s/tibalUMBJVtQ5i5nbT7dJg) - [ ] [良心中转站!ChatGPT 0.1倍计费](https://mp.weixin.qq.com/s/xCnWY1cGp8O3kC8AK9Asiw) - [ ] [某证书站的艰难挖掘历程](https://mp.weixin.qq.com/s/TR5JzAvzfAXGq_KqPyde0A) - [ ] [真相来了丨网传“驾考增项”实为谣言 揭驾校从业者营销套路](https://mp.weixin.qq.com/s/B86DwhovqCg5ka4joHgkuQ) - [ ] [安全透视 | AI安全选型,没跑通这三件事很难落地](https://mp.weixin.qq.com/s/ZhsxZ7rsBCa4tVwOueljLA) - [ ] [重磅预警|Operation Escaneo:AI驱动跨境批量入侵,拉美政企金融大规模数据泄露](https://mp.weixin.qq.com/s/gs0Maun6y1W0DLm3Xl3KDA) - [ ] [2026网络专业应届生求职破局:用职业认证建立差异化优势](https://mp.weixin.qq.com/s/4BZw9hb7G4G3VXaD5_Q43g) - [ ] [纽约时报证实金融时报和经济学人关于NSA使用Mythos的相关报道为假新闻](https://mp.weixin.qq.com/s/tioFirZVmd7UHYFaUa5VSw) - [ ] [中国银行行长张辉:已构建“326”全球化AI赋能体系](https://mp.weixin.qq.com/s/d8SHT5WEHxJMB5d2-mOZ0Q) - [ ] [2026年第三届“聚合獬豸杯”详细版初赛Wireup(手机部分)](https://mp.weixin.qq.com/s/c1ievCExth-u1cAQB1r7rA) - [ ] [前沿论道xa0 聚力前行 | 第一届NCC白帽大会顺利落幕](https://mp.weixin.qq.com/s/mfXrB-jK0cQlqhCxbNuhpA) - [ ] [CTF比赛入门第十期:文件上传漏洞全解](https://mp.weixin.qq.com/s/WFYj3seeH2_xti7RLU16vQ) - [ ] [面向安全治理的大语言模型风险分析与应对策略研究丨中国工程科学](https://mp.weixin.qq.com/s/xOrgMlF6Un3thyNAocYzTg) - [ ] [一家AI公司被黑后,九家网络安全公司发生数据泄露](https://mp.weixin.qq.com/s/lIWEajVv2Ix2NWZ6CJLIxw) - [ ] [世界杯背后暗流涌动:66,128个相关域名被抢注,博彩与钓鱼风险激增](https://mp.weixin.qq.com/s/dZkZ9nINkaXWMzSyff697g) - [ ] [上海浦东发展银行股份有限公司2026年AI红蓝攻防服务项目-上海浦东发展银行股份有限公司2026年AI红蓝攻防服务项目采购公告](https://mp.weixin.qq.com/s/0KIcGfcJM0MA6IyXQj2-kA) - [ ] [福建省通信管理局 福建省人力资源和社会保障厅 福建省总工会关于开展2026年福建省信息通信行业职业技能竞赛的通知](https://mp.weixin.qq.com/s/2eg-0aIfYpcoe2nBObbgCA) - [ ] [关于举办2026年“技夺天工”天津市职工职业技能大赛暨第九届全国职工职业技能大赛天津选拔赛的预通知](https://mp.weixin.qq.com/s/Ng_bBXraWxHZRkh2zcTlZA) - [ ] [大学生人工智能安全竞赛作品赛启动报名🥁五大实战命题等你来攻坚!](https://mp.weixin.qq.com/s/HW1dP4MgExSUDQZcs8DqIg) - [ ] [SekaiCTF 2026|倒计时3天!](https://mp.weixin.qq.com/s/DCuAY5kZS-EcCk7w2Mco7Q) - [ ] [2026西湖论剑大会第九届数据要素与数据安全创新实践征集活动](https://mp.weixin.qq.com/s/7LW0di4c44-zRcTmGHabww) - [ ] [第四届黄河流域公安院校网络安全技能挑战赛WP(Reverse+Web)](https://mp.weixin.qq.com/s/v2wxeX2IHRg65vXx7pK7Uw) - [ ] [第四届黄河流域公安院校网络安全技能挑战赛WP(Crypto)](https://mp.weixin.qq.com/s/o9ZaE1DtmQeQYVHxfOBljQ) - [ ] [CVE-2026-41089:Windows Netlogon 通过 CLDAP 堆栈缓冲区溢出进行远程代码执行漏洞](https://mp.weixin.qq.com/s/CbxafV85UwNkyL7lSRksrQ) - [ ] [libssh2 CVE-2026-55200 PoC 和本地 RCE](https://mp.weixin.qq.com/s/3MEUCzesYJmxq1aHAreM4A) - [ ] [别让一次断电,毁掉你所有的数据安全——UPS巡检为什么不能省?](https://mp.weixin.qq.com/s/ajNTrOZL2eIjUxTBQksciA) - [ ] [2026HVV蓝队中高级精英招聘](https://mp.weixin.qq.com/s/C0gzqjf-_bBDm5CJZJwcqQ) - [ ] [键盘](https://mp.weixin.qq.com/s/jhgOIrIj-mQ8UgeghY_86A) - [ ] [邮箱/手机验证绕过](https://mp.weixin.qq.com/s/MhBHAVGPNyY0SMH_NZgdig) - [ ] [护网研判/安全分析/威胁分析数字专家/AI智能平台分享](https://mp.weixin.qq.com/s/4SL_Ph8AhbJCwF4i0Ud4aw) - [ ] [金融业AI监管落地首例:8号文核心要求与机构合规落地指南(附自查清单)](https://mp.weixin.qq.com/s/pOVJkKFHoNXA2HmvND5olw) - [ ] [一个50KB的视频文件干掉服务器](https://mp.weixin.qq.com/s/msxN0Az53zqqpSTv9keXrw) - [ ] [刷屏的这封“情书”,给AI上了一堂什么课?](https://mp.weixin.qq.com/s/ZT9tM8Z_h5AW3fppLh5fcQ) - [ ] [密评过了吗?](https://mp.weixin.qq.com/s/92ZjS0-sC36nMDt51cgE5A) - [ ] [个人信息保护:以法治为纲、以共治为要](https://mp.weixin.qq.com/s/9xceQFudoG1sHN5t0aN56Q) - [ ] [PixelSmash 让视频文件变成入口:FFmpeg 风险不是一个播放器能解决的](https://mp.weixin.qq.com/s/NgNuEjRNuPXc-PHOwhxMoA) - [ ] [DifyTap 暴露 AI 聊天和文档:多租户 AI 平台,不能只看模型能力](https://mp.weixin.qq.com/s/Mur29N7HoPgnDnK07vOwtg) - [ ] [LastPass 这次不是密码库被攻破:真正该警惕的是 SaaS OAuth 供应链](https://mp.weixin.qq.com/s/ND6kuxpbOAMXSLvzA_cwHQ) - [ ] [Mythos的对手来了,OpenAI发布GPT-5.5-Cyber“满血版”。](https://mp.weixin.qq.com/s/kne6fkfb6re_wS0F7x9xLg) - [ ] [2026年顶流项目,可以试试这个方向,上岸其实不难!](https://mp.weixin.qq.com/s/m7YGvndxbCAFEohLEiRFkg) - [ ] [仲夏有约|双倍心跳,百万奖池加码,单洞最高12万,赴约就现在!](https://mp.weixin.qq.com/s/c_GWR6Lmp3K9kJcikLUQ-Q) - [ ] [苏州银行因网络安全和数据安全问题被罚 721 万元,网金部个人也被追责](https://mp.weixin.qq.com/s/pJ0JCK9QpXrMVYXrivpvnQ) - [ ] [陈文:强化统筹发展和安全的法治保障](https://mp.weixin.qq.com/s/uOqBATUGUO8BR_bHut3vcA) - [ ] [全面加强国家安全教育 护航“十五五”新征程(三)](https://mp.weixin.qq.com/s/mr5IxjmeyTIy0QsFKGDEzg) - [ ] [公安部编制印发《公安发展“十五五”规划》 对推进公安工作现代化作出系统部署](https://mp.weixin.qq.com/s/nTaRpSL0NwWJMjjsyBQDXg) - [ ] [AI渗透测试 -- SQL联合查询注入实战](https://mp.weixin.qq.com/s/hJXjfJ3I6zOqdx28W0hwAA) - [ ] [违反多项安全法规,苏州银行罚没超760万元](https://mp.weixin.qq.com/s/vzhPzPxe5Gfss-mnsGRvsA) - [ ] [网安AI速报 | 2026.06.24](https://mp.weixin.qq.com/s/ylqcUD0t7hGCzzmRkWLq5w) - [ ] [如何使主动扫描在实战中变得更加隐蔽](https://mp.weixin.qq.com/s/-uTSVaOUAJF5toYjtALHAw) - [ ] [CRA豁免清单出炉!医疗/汽车/航空整机不用做CE,但零部件千万别踩红线](https://mp.weixin.qq.com/s/DkqM2lrEFyCO28IGL5tvGg) - [ ] [携程1000万罚单背后,数据出境的\"红线\"](https://mp.weixin.qq.com/s/mW_l7bX2YNZDJ8BOyaCP-w) - [ ] [硬刚!阿里起诉〔美国国防部〕,要求撤销涉军清单](https://mp.weixin.qq.com/s/SXay7QH2_hq8b3RkfohqBg) - [ ] [Shannon:Keygraph 开源 AI 渗透测试框架,从源码分析到真实漏洞利用](https://mp.weixin.qq.com/s/KDPO1p04xSVJGchnSC-qAQ) - [ ] [用 AI 挖掘 IDA Pro 任意代码执行漏洞](https://mp.weixin.qq.com/s/kskTQ5jSnmDAK47sVuzBkw) - [ ] [630GB机密外泄,苹果特斯拉核心供应商遭黑客洗劫](https://mp.weixin.qq.com/s/kohHdlUZCsqYat2SXLJ_xg) - [ ] [Webmin 2.641 修复三个漏洞,其中包括一个严重的身份验证绕过漏洞](https://mp.weixin.qq.com/s/NL2Oa8h__B4pquR5ppN9NQ) - [ ] [长沙十五五(2026-2030)规划](https://mp.weixin.qq.com/s/9v4NVpip7wQTnVW3db1iwQ) - [ ] [范渊带队赴吉林大学交流,与校党委书记田辉共话校企创新合作](https://mp.weixin.qq.com/s/iXy3ulraw84yJXczdM4feQ) - [ ] [人民网报道|陶立峰:以可信技术破解数据流通难题](https://mp.weixin.qq.com/s/uXegG4ZcVWCatDIhv_UjbA) - [ ] [原版 OpenClaw 安装过程](https://mp.weixin.qq.com/s/0Od-ZYbZbYviL4uvADPvTA) - [ ] [2026 中国制造业精益白皮书](https://mp.weixin.qq.com/s/HeqWuBGQEEprfnxq3FPouQ) - [ ] [30分钟搞定Hermes智能体](https://mp.weixin.qq.com/s/ZZCYipMT4Fju9TckGFYywA) - [ ] [Hermes部署安全加固6连问](https://mp.weixin.qq.com/s/myQMSuU0Y0pMxBDgMaILgA) - [ ] [OpenClaw部署5分钟上手](https://mp.weixin.qq.com/s/lcmj66gIN8guXxSTbB1fLw) - [ ] [Hermes技能包推荐Top8](https://mp.weixin.qq.com/s/k7Gxjm5-smJmHNUhpoII8w) - [ ] [Agent安全面试6问全解析](https://mp.weixin.qq.com/s/nFl8ETkXXYL4yQfwZG1QhQ) - [ ] [三星 KNOX 内核释放后重用漏洞,数百万 Galaxy 系列手机面临风险](https://mp.weixin.qq.com/s/fnrsm_ZiyNdY5RO_mSafIQ) - [ ] [DifyTap:四大漏洞致使超百万个 AI 应用面临安全威胁](https://mp.weixin.qq.com/s/R5dOY9rgc_iDddVB1vtBHA) - [ ] [【AI情报】美国农业部资助的“西双版纳哨兵花园”是啥项目?](https://mp.weixin.qq.com/s/ouT_cVFlN70K9DfIXj8Zew) - [ ] [Android 应用安全分析工具集](https://mp.weixin.qq.com/s/ZBqg6LQuy2N_DHhsJAaN0A) - [ ] [本地部署超大模型,正在成为现实](https://mp.weixin.qq.com/s/In5zyybzaroJkjAQOIdfAA) - [ ] [广州银行智能体开发平台采购项目](https://mp.weixin.qq.com/s/ou48fEQGuO56ezenZEgRjg) - [ ] [云趣科技95.96万、中关村科金96.38万、京东科技148中选!东风汽车金融智能客服平台建设项目](https://mp.weixin.qq.com/s/IPaE-9zvyn2HL1FWcr4QiQ) - [ ] [Entra ID条件访问策略绕过实战剖析](https://mp.weixin.qq.com/s/lf0IAKRiG5V1VpJDTAZWFQ) - [ ] [一个多月,我的技术复盘与个人闲话](https://mp.weixin.qq.com/s/uP6khjxe7lGkY4yRjnyxCQ) - [ ] [一种用于逃避EDR的激活上下文劫持新方法](https://mp.weixin.qq.com/s/CNf2yXaJ2b2CYVno00OA4A) - [ ] [华为 区县电子政务外网解决方案](https://mp.weixin.qq.com/s/FNlmkIFom3Wr_Yyo_K-Q9g) - [ ] [漏洞产生的五个原因](https://mp.weixin.qq.com/s/wT1VgZOaLcQ0dEtwtCNytw) - [ ] [大厂怪谈之——员工变外包](https://mp.weixin.qq.com/s/JVUhT5EcCP2TDeoQNBqh1Q) - [ ] [华为 政府总部园区网络解决方案](https://mp.weixin.qq.com/s/AEK5i8gWT8W8Tu0yGO1Dsg) - [ ] [AI Coding Agent 时代,我自己最常用的 4 个终端工具](https://mp.weixin.qq.com/s/xxjE8XVMg43SsOZk40LzKw) - [ ] [你的信息可能早被扒光了:5款免费开源工具帮你自查暴露面](https://mp.weixin.qq.com/s/UN13M7gdXxAZEN7t0r9fuw) - [ ] [暗网快讯【20260624】150期](https://mp.weixin.qq.com/s/DVurc28mxCrGx_7-DLdctg) - [ ] [净网专项行动 | 小时工竟是陷阱?小心卷入网络黑灰产!](https://mp.weixin.qq.com/s/hi8UVMIaRpV2qIM8o88etg) - [ ] [漏洞预警 | Linux kernel权限提升漏洞](https://mp.weixin.qq.com/s/Z-T84ceSUzTF9BoA697AZw) - [ ] [漏洞预警 | 大蚂蚁即时通讯系统任意文件上传漏洞](https://mp.weixin.qq.com/s/Rk9z5dbGcsGAv1wiCpH_VA) - [ ] [工具 | vibe-pentest](https://mp.weixin.qq.com/s/Y_f8IPRsJ34k1URHHbAEhw) - [ ] [《2025年工业控制网络安全态势白皮书》全文](https://mp.weixin.qq.com/s/-YAhPG0RYiRcAcf_eckDUg) - [ ] [GB∕T 47697-2026 网络安全技术 鉴别与授权 基于属性的访问控制模型与管理规范](https://mp.weixin.qq.com/s/PKt9noZT_Ld_ivDsu9u_PQ) - [ ] [AI算力云、边、端的演绎与格局](https://mp.weixin.qq.com/s/BYgx57aIUBb29h6WW_ixwQ) - [ ] [【培训通知】2026年第四期【电磁空间物理安全检测技术提升班】开班通知](https://mp.weixin.qq.com/s/XHi-LGe-5HXPdMWa1UA-mg) - [ ] [鸿蒙(NEXT版本)Root研究](https://mp.weixin.qq.com/s/Qiw4oe2HPcLDdyF6uXdEjA) - [ ] [告别MPLS!手把手带你用华为NE40E从零打通商用级SRv6骨干网](https://mp.weixin.qq.com/s/Z4u-ZdntUwHCQEvx2upb4Q) - [ ] [基于TARA分析的智能网联汽车OTA远程升级信息安全应用](https://mp.weixin.qq.com/s/sAD-aFRyKKepy9S-JJhwzQ) - [ ] [智能汽车网络安全与信息安全基础培训课程 2026](https://mp.weixin.qq.com/s/1wdn5yopf999stsT-tc0Nw) - [ ] [BASIC TD02—2025汽车软件升级通用技术要求应用指南](https://mp.weixin.qq.com/s/OuaenTRKAy_bmaoidOV8kA) - [ ] [AI赋能!一个面向 Windows 主机应急响应场景的轻量化图形客户端](https://mp.weixin.qq.com/s/oRbhZC-mfmsrb4T8BenFEQ) - [ ] [网安热点 · 2026-06-24](https://mp.weixin.qq.com/s/BGGwABhpahca9lwOb0NK3A) - [ ] [印度德里关键污水处理厂遭黑,完整数字基础设施遭控并公开叫卖访问权限](https://mp.weixin.qq.com/s/vPWkwAxFIshI42oQtsleFQ) - [ ] [工程化开发skills : superpowers](https://mp.weixin.qq.com/s/_74brftyujY74e5mI9Lysw) - [ ] [Claude Code简介](https://mp.weixin.qq.com/s/RdJ576iOGiwMkuu3FxOh7g) - [ ] [Claude Code使用](https://mp.weixin.qq.com/s/GfLayOyjyueqaIsXoIJkzg) - [ ] [宁波鄞州警方打掉涉诈黑色产业链,31 人落网](https://mp.weixin.qq.com/s/pcvI1_IjJb9Y068_c3r0Gw) - [ ] [紧急拦截 150 克黄金,连云港东海警方破获电诈案](https://mp.weixin.qq.com/s/Y0e44ML9FaF-f_Gb-qRnTA) - [ ] [免费测血压、送米面陷阱!四川达州网安部门破获专骗空巢老人公民个人信息案](https://mp.weixin.qq.com/s/Rliv5mopQbvMZtjEXmcIBg) - [ ] [小米集团跌的米粉都破防了?](https://mp.weixin.qq.com/s/Ol8Xe3grArw_0tNALK5I6g) - [ ] [秦安:伏羲大典传承人类文明薪火,期待掀起国民偶像级文化热潮](https://mp.weixin.qq.com/s/9dzG4vaI02sN4mosqw0iWg) - [ ] [【AI复盘】智能电视被转售为AI爬虫代理事件](https://mp.weixin.qq.com/s/C9R8jAAdoJKptu37DsVxNQ) - [ ] [速下载!600页PPT图解《网络数据安全风险评估办法》](https://mp.weixin.qq.com/s/pbIxnc04hY0wJPoH-ZJDRA) - [ ] [这里不会让你成为真正的逆向工程师——只能让你掌握可以解决真正问题的办法 — 数据迁移后我想说的!Devil Boy:不为学而学,而为做而学。](https://mp.weixin.qq.com/s/1i8_4mS4tjYlT3YMDljzdQ) - [ ] [ISC·2026今日开展!中龙技术D03展位,全自动攻防实景体验等你来!](https://mp.weixin.qq.com/s/VTEBo-9fC87d3mLheYZUfA) - [ ] [分享图片](https://mp.weixin.qq.com/s/CkkPL2V6dbNFe9RpDWiIVw) - [ ] [小米电视测试环境和生产环境混用导致造谣北京5级地震的P0事故](https://mp.weixin.qq.com/s/4eYkFgzWKATmr11DwKnU6w) - [ ] [连夜冲上热搜第一!小米电视误发地震预警紧急致歉](https://mp.weixin.qq.com/s/mIwLkeyKXlapEztI3zZHFg) - [ ] [取证全套资料免费拿](https://mp.weixin.qq.com/s/oKLh-rrc7XHB2VcHlTd8_g) - [ ] [【你能读出EDR数据吗?】](https://mp.weixin.qq.com/s/-n4k_BZPeS-AQWd8GJJ5Wg) - [ ] [【微信、邮件与录音的如何进行电子数据取证?】](https://mp.weixin.qq.com/s/QXWhFj11Otqwmc_O6yg3Qg) - Microsoft Security Blog - [ ] [CNAPP evolution: How Microsoft aligns with leading cloud risk management platforms](https://www.microsoft.com/en-us/security/blog/2026/06/24/cnapp-evolution-how-microsoft-aligns-with-leading-cloud-risk-management-platforms/) - [ ] [StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them](https://www.microsoft.com/en-us/security/blog/2026/06/24/stealc-and-amadey-breaking-down-infostealers-and-the-cybercrime-services-that-deliver-them/) - Tenable Blog - [ ] [How much cyber risk does AI create for organizations? 457 million security issues. Here’s what you can do about it.](https://www.tenable.com/blog/how-much-cyber-risk-does-ai-create-for-organizations-457-million-security-issues-heres-what) - obaby 𝐢𝐧⃝ void - [ ] [松松垮垮](https://zhongxiaojie.cn/2026/06/1539/) - Blog on STAR Labs - [ ] [Old Bug, Harder Rules : Exploiting CVE-2023-36802 Without the Usual Shortcuts](https://starlabs.sg/blog/2026/06-old-bug-harder-rules-exploiting-cve-2023-36802-without-the-usual-shortcuts/) - ElcomSoft blog - [ ] [Bypassing Stolen Device Protection: Alternative Ways of Installing the Extraction Agent](https://blog.elcomsoft.com/2026/06/bypassing-stolen-device-protection-alternative-ways-of-installing-the-extraction-agent/) - [ ] [Sideloading the extraction agent: a Stolen Device Protection workaround](https://blog.elcomsoft.com/2026/06/sideloading-the-extraction-agent-a-stolen-device-protection-workaround/) - Y4tacker:Hacking The World! - [ ] [What Sticks: Collected, Not Learned](https://y4tacker.github.io/2026/06/24/year/2026/06/What-Sticks-Collected-Not-Learned/) - Bug Bounty in InfoSec Write-ups on Medium - [ ] [I Wasted 3 Days Intercepting a Flutter App. Here’s What Actually Works.](https://infosecwriteups.com/i-wasted-3-days-intercepting-a-flutter-app-heres-what-actually-works-d3e9a4816818?source=rss----7b722bfd1b8d--bug_bounty) - Sandfly Security Blog RSS Feed - [ ] [Linux Scales eBPF Rootkit Detection and Analysis](https://sandflysecurity.com/blog/linux-scales-ebpf-rootkit-detection-and-analysis) - Horizon3.ai - [ ] [CVE-2026-20230 | Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability](https://horizon3.ai/attack-research/vulnerabilities/cve-2026-20230/) - [ ] [Organizations Buy Answers, Not Activities](https://horizon3.ai/intelligence/blogs/the-category-is-not-red-teaming/) - [ ] [CVE-2026-47729 | Squid Heap Buffer Overread Vulnerability](https://horizon3.ai/attack-research/vulnerabilities/cve-2026-47729/) - Reverse Engineering - [ ] [Fixing the soundtrack in Disney’s Aladdin for DOS](https://www.reddit.com/r/ReverseEngineering/comments/1uerhgc/fixing_the_soundtrack_in_disneys_aladdin_for_dos/) - [ ] [Reverse-engineered the Artiphon Orba 2's control protocol (MIDI + SysEx over USB/BLE), spec + Python/JS reference libs](https://www.reddit.com/r/ReverseEngineering/comments/1uek1fc/reverseengineered_the_artiphon_orba_2s_control/) - [ ] [Linux on an ipod touch 2g. Be the change you want to see.](https://www.reddit.com/r/ReverseEngineering/comments/1ueodt9/linux_on_an_ipod_touch_2g_be_the_change_you_want/) - [ ] [Transformers Forged To Fight Revival Discord Server](https://www.reddit.com/r/ReverseEngineering/comments/1ue9sup/transformers_forged_to_fight_revival_discord/) - [ ] [W1R3L355 the reverse framework](https://www.reddit.com/r/ReverseEngineering/comments/1ue79nu/w1r3l355_the_reverse_framework/) - Securelist - [ ] [StrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoader](https://securelist.com/strikeshark-campaign/120326/) - Malwarebytes - [ ] [PixelSmash flaw turns video files into attack tools](https://www.malwarebytes.com/blog/news/2026/06/pixelsmash-flaw-turns-video-files-into-attack-tools) - [ ] [Watch out for renewal scams pretending to be Malwarebytes](https://www.malwarebytes.com/blog/scams/2026/06/watch-out-for-renewal-scams-pretending-to-be-malwarebytes) - [ ] [“Total access to all your devices.” Sextortion scammers strike again](https://www.malwarebytes.com/blog/scams/2026/06/total-access-to-all-your-devices-sextortion-scammers-strike-again) - Intigriti - [ ] [Exploiting web cache poisoning vulnerabilities](https://www.intigriti.com/researchers/blog/hacking-tools/exploiting-web-cache-poisoning-vulnerabilities) - daniel.haxx.se - [ ] [a CVE dispute](https://daniel.haxx.se/blog/2026/06/24/a-cve-dispute/) - [ ] [curl 8.21.0](https://daniel.haxx.se/blog/2026/06/24/curl-8-21-0/) - rtl-sdr.com - [ ] [SwR Shortwave Radio: A New Android App for Listening to Public Online Shortwave Receivers](https://www.rtl-sdr.com/swr-shortwave-radio-a-new-android-app-for-listening-to-public-online-shortwave-receivers/) - [ ] [Rigflow: A Networked HF SDR Transceiver App in Rust with Real-Time DSP Over UDP](https://www.rtl-sdr.com/rigflow-a-networked-hf-sdr-transceiver-app-in-rust-with-real-time-dsp-over-udp/) - 绿盟科技技术博客 - [ ] [权威认可 | 绿盟科技双类别入选《AI大模型安全评估及防护技术应用指南》代表厂商](https://blog.nsfocus.net/%e6%9d%83%e5%a8%81%e8%ae%a4%e5%8f%af-%e7%bb%bf%e7%9b%9f%e7%a7%91%e6%8a%80%e5%8f%8c%e7%b1%bb%e5%88%ab%e5%85%a5%e9%80%89%e3%80%8aai%e5%a4%a7%e6%a8%a1%e5%9e%8b%e5%ae%89%e5%85%a8%e8%af%84%e4%bc%b0/) - HackerNews - [ ] [官员称 Anthropic 的 Mythos 模型在机密美国政府系统中发现漏洞](http://0.0.0.0:8080/post/64381) - [ ] [黑客正在利用 Cisco Unified CM 漏洞](http://0.0.0.0:8080/post/64380) - [ ] [Tata Electronics 确认网络攻击,黑客泄露数据](http://0.0.0.0:8080/post/64379) - [ ] [Scattered Spider 成员承认入侵伦敦交通局罪名](http://0.0.0.0:8080/post/64378) - [ ] [医疗科技公司 Xsolis 遭遇数据泄露,影响 140 万人](http://0.0.0.0:8080/post/64377) - [ ] [FortiBleed 在 1.1 亿凭证窃取行动中针对 FortiGate 防火墙](http://0.0.0.0:8080/post/64376) - 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台 - [ ] [🖼 亚马逊Zoox发布新一代无人驾驶出租车](https://blog.upx8.com/%E4%BA%9A%E9%A9%AC%E9%80%8AZoox%E5%8F%91%E5%B8%83%E6%96%B0%E4%B8%80%E4%BB%A3%E6%97%A0%E4%BA%BA%E9%A9%BE%E9%A9%B6%E5%87%BA%E7%A7%9F%E8%BD%A6) - 奇客Solidot–传递最新科技情报 - [ ] [科学家将早期人类用火时间上溯至 180 万年前](https://www.solidot.org/story?sid=84669) - [ ] [中国一季度 PC 出货量下滑 2%](https://www.solidot.org/story?sid=84668) - [ ] [幼儿早期的屏幕使用与较差的学习成绩和较弱的工作记忆相关](https://www.solidot.org/story?sid=84667) - [ ] [欧洲是变暖速度最快的大陆](https://www.solidot.org/story?sid=84666) - [ ] [伊朗断网期间仅约 2000 个 IP 能访问外网](https://www.solidot.org/story?sid=84665) - [ ] [阿里巴巴起诉美国国防部](https://www.solidot.org/story?sid=84664) - [ ] [心率同步程度可判断社交投入程度](https://www.solidot.org/story?sid=84663) - [ ] [GCC 编译器加入对海光苏州 x86 CPU 的支持](https://www.solidot.org/story?sid=84662) - [ ] [德国铁路因 IT 故障而停运](https://www.solidot.org/story?sid=84661) - [ ] [计划在伦敦举行的极端高温会议因极端高温预警取消](https://www.solidot.org/story?sid=84660) - [ ] [Valve 称它无法与内存厂商沟通报价](https://www.solidot.org/story?sid=84659) - 黑鸟 - [ ] [多层指纹技术精准识别AI爬虫智能体](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451187420&idx=1&sn=74067c1508d7d86776d494a66eaa39ee) - 威努特安全网络 - [ ] [威努特助力园区打造高速安全一体化无线网络](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651142472&idx=1&sn=55d7f9e35bca70d0dc84f928df2fcdba) - [ ] [WinClaw限时全免!注册即享AI大模型免费额度](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651142472&idx=2&sn=9e0e4cdb204178ad5770547ce250da42) - Black Hills Information Security, Inc. - [ ] [Insufficient Egress Filtering: How Weak Outbound Controls Enable Attacks](https://www.blackhillsinfosec.com/insufficient-egress-filtering/) - 安全内参 - [ ] [印度代工巨头超630GB数据泄露:涉特斯拉、苹果,后者已启动调查](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247516139&idx=1&sn=9e0e43c2b0e547cdc1ed90d7af87308f) - [ ] [特朗普签署总统行政令,启动后量子密码强制迁移](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247516139&idx=2&sn=ad5e5f2234b0c14c7010fcc4a8c4496a) - 代码卫士 - [ ] [Libssh2 严重漏洞可导致攻击者执行远程代码](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247526367&idx=1&sn=75309fe9323e5ed5c44c05f759fa40d9) - [ ] [“冬虫夏草”供应链漏洞影响数千家组织机构的代码仓库](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247526367&idx=2&sn=873a39cf55d45ffab906c2a6ab004056) - 安全客 - [ ] [前沿论道 聚力前行 | 第一届NCC白帽大会顺利落幕](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649790119&idx=1&sn=5e5aa2f8ba1c70d34897172d8745632c) - Shostack & Friends Blog - [ ] [Michael at OWASP: Why interactive learning sticks in cybersecurity](https://shostack.org/blog/interactive-learning-owasp/) - 腾讯安全应急响应中心 - [ ] [仲夏有约|双倍心跳,百万奖池加码,单洞最高12万,赴约就现在!](https://mp.weixin.qq.com/s?__biz=MjM5NzE1NjA0MQ==&mid=2651208483&idx=1&sn=0a23acd2bad599957a21e4818d78757b) - 安全研究GoSSIP - [ ] [G.O.S.S.I.P 阅读推荐 2026-06-24 UncoreBleed:窃取 SGX 安全飞地内图像和密钥的非中断侧信道攻击](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247501824&idx=1&sn=c51dc3facdc128e7de433d61a329024e) - 天御攻防实验室 - [ ] [纽约时报证实金融时报和经济学人关于NSA使用Mythos的相关报道为假新闻](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247487019&idx=1&sn=a1391be81574fd21de86c6c6b69d8b76) - 安全学术圈 - [ ] [PentestEval:基于模块化与阶段级设计的 LLM 渗透测试评测基准](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247495539&idx=1&sn=9060afe53252721fda9cb46a0613b55e) - 信息安全国家工程研究中心 - [ ] [邀请函 | 7月3日-5日,工程中心邀您相聚2026年数智医学大会(CHINC)!](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247504311&idx=1&sn=5a4598809d70ff1687242c6637f6c514) - 中国信息安全 - [ ] [陈文:强化统筹发展和安全的法治保障](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664263975&idx=1&sn=64db352995ebc35508ee2c91b08c4d3f) - [ ] [全面加强国家安全教育 护航“十五五”新征程(三)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664263975&idx=2&sn=d070daf64483879aaf400266f60c3391) - 天黑说嘿话 - [ ] [2026年顶流项目,可以试试这个方向,上岸其实不难!](https://mp.weixin.qq.com/s?__biz=MzI5NTQ5MTAzMA==&mid=2247486123&idx=1&sn=166783c92f6ac6864dcf2f002fa6473f) - 数世咨询 - [ ] [数世咨询:ASIC安全芯片防火墙能力白皮书正式发布](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247543355&idx=1&sn=535c38048883d688587c10ae240ff745) - [ ] [ISC 2026:周鸿祎发布“中国版Mythos”](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247543355&idx=2&sn=07c10d85b3587a2e1c1c816f9aa52e1a) - [ ] [“第六届数字安全大会”倒计时3天](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247543355&idx=3&sn=ee7c277d93eb39cfcde274652599d6a2) - XCTF联赛 - [ ] [SekaiCTF 2026|倒计时3天!](https://mp.weixin.qq.com/s?__biz=MjM5NDU3MjExNw==&mid=2247516505&idx=1&sn=a20522f88efe9c5802d1a447f038b804) - 奇安信威胁情报中心 - [ ] [当防火墙成为后门:FortiBleed如何用"合法登录"攻陷8.6万台企业边界](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247519220&idx=1&sn=ea4698059a50bc49756135a03c3215f6) - 微步在线 - [ ] [东方思维段金石:AI攻防企业防护体系的重构](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650186897&idx=1&sn=f7f5f2981e82348b0c2b9a5fe445dbac) - 看雪学苑 - [ ] [【重磅上线】系统0day安全——主流企业防火墙漏洞挖掘(覆盖10+厂商、30+高危CVE)](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458616937&idx=1&sn=dca56c624bc3cea8fc248b38a91b560f) - [ ] [Cocos2d-x Lua 手游多层加固与协议签名逆向实战记录](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458616937&idx=2&sn=749fa2c21ffc456f8293a4a016481219) - [ ] [43万台防火墙被集体“窃听”,1.1亿账号密码遭洗劫!FortiGate用户紧急自查](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458616937&idx=3&sn=ba3179089abb26c3e85d151c8bb85db4) - 安全牛 - [ ] [暴涨 3810%!AI 已成暗网犯罪最强加速器](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651141764&idx=1&sn=8d3956183d1f30484ccd19ba21e8d9af) - [ ] [OpenAI升级Daybreak:网络安全重心从漏洞发现转向自动化修复:CNVD 发布上周热门漏洞:命令注入等多款软硬件漏洞需及时修复| 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651141764&idx=2&sn=20b4d55e40749b12b09f2c6998db979e) - 极客公园 - [ ] [AWS 的老身份和新角色:做 Agentic AI 时代的基础设施](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653109382&idx=1&sn=bc6e376f3a43391f445fd4ff3edd9168) - [ ] [「AI 同事」,把人干抑郁了](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653109358&idx=1&sn=725c0b95bec3b707a7bb11346385dea2) - [ ] [「链企」英伟达](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653109358&idx=2&sn=ab55653f0a7f954235b59efb4b31f6fa) - [ ] [全球股市「黑色星期二」,SpaceX 市值跌破 2 万亿美元;豆包大模型 2.1 上线;孙正义给马斯克泼冷水:太空数据中心意义不大|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653109350&idx=1&sn=13d55ab7adde25f780c96953d2312a5e) - 火绒安全 - [ ] [火绒小问答--「个人版」近期top问题解答](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247534714&idx=1&sn=0d32537be70aeee69ed7d2bb0a9af57c) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247534714&idx=2&sn=a09182fc9fd9c038cd9ca940f1e336af) - 复旦白泽战队 - [ ] [喜报|我实验室项目荣获第十五届“挑战杯”中国大学生创业计划竞赛上海市赛区特等奖](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247499079&idx=1&sn=9340c249e6eaf8dd8337ece55c23130a) - OnionSec - [ ] [书放回去了](https://mp.weixin.qq.com/s?__biz=MzUyMTUwMzI3Ng==&mid=2247485835&idx=1&sn=dc001048dda2292350db4a3159354c54) - 丁爸 情报分析师的工具箱 - [ ] [【AI情报】美国农业部资助的“西双版纳哨兵花园”是啥项目?](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651156356&idx=1&sn=3d008daa375767abf6e06c230e7d19f4) - 迪哥讲事 - [ ] [通过改变请求方法实现权限绕过](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247499596&idx=1&sn=a04c4bbc88d90bac16deacf00c5c99dc) - Over Security - [ ] [DraftKings hacker 'Snoopy' sentenced to 18 months in prison](https://www.bleepingcomputer.com/news/security/draftkings-hacker-snoopy-sentenced-to-18-months-in-prison/) - [ ] [New website names and shames companies that still don’t offer passkeys to users](https://techcrunch.com/2026/06/24/new-website-names-and-shames-companies-that-still-dont-offer-passkeys-to-users/) - [ ] [Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access](https://www.bleepingcomputer.com/news/security/mandiant-reveals-how-cisco-sd-wan-zero-day-attacks-gained-root-access/) - [ ] [Malicious Edge extension abuses Native Messaging as bridge to malware](https://www.bleepingcomputer.com/news/security/malicious-edge-extension-abuses-native-messaging-as-bridge-to-malware/) - [ ] [Three ‘cybercrime as a service’ operations undercut by Microsoft, law enforcement](https://therecord.media/stealc-amadey-socgholish-malware-takedown-europol-microsoft) - [ ] [KPI di sicurezza: come monitorare i fornitori esterni in modo continuativo](https://www.cybersecurity360.it/soluzioni-aziendali/kpi-di-sicurezza-come-monitorare-i-fornitori-esterni-in-modo-continuativo/) - [ ] [Amadey, StealC malware operations disrupted in Operation Endgame action](https://www.bleepingcomputer.com/news/security/amadey-stealc-malware-operations-disrupted-in-operation-endgame-action/) - [ ] [CISA warns of max severity Ubiquiti flaws exploited in attacks](https://www.bleepingcomputer.com/news/security/cisa-warns-of-max-severity-ubiquiti-flaws-exploited-in-attacks/) - [ ] [ACN, maggio in chiaroscuro: troppe aziende vivono la cyber come notifica e non come governo del rischio](https://www.cybersecurity360.it/news/report-acn-maggio-2026-chiaroscuro-ma-nis-2-accende-luci-al-radar/) - [ ] [German rail services resume after wireless communications outage](https://therecord.media/deutsche-bahn-railroad-gsmr-outage) - [ ] [Securing the service desk: Why social engineering attacks keep succeeding](https://www.bleepingcomputer.com/news/security/securing-the-service-desk-why-social-engineering-attacks-keep-succeeding/) - [ ] [Madison Square Garden Sports - 9,796,738 breached accounts](https://haveibeenpwned.com/Breach/MadisonSquareGardenSports) - [ ] [Indian auto giant Bajaj Auto hit by ransomware incident](https://therecord.media/indian-auto-giant-bajaj-auto-hit-by-ransomware) - [ ] [L’economia dei token e il vero prezzo dell’intelligenza artificiale](https://www.guerredirete.it/leconomia-dei-token-e-il-vero-prezzo-dellintelligenza-artificiale/) - [ ] [AI e minaccia cyber, l’allarme dei Five Eyes: il tempo non si misura più in anni, ma in mesi](https://www.cybersecurity360.it/news/ai-e-minaccia-cyber-lallarme-dei-five-eyes-il-tempo-non-si-misura-piu-in-anni-ma-in-mesi/) - [ ] [Stealthy Mistic backdoor linked to ransomware access broker KongTuke](https://www.bleepingcomputer.com/news/security/stealthy-mistic-backdoor-linked-to-ransomware-access-broker-kongtuke/) - [ ] [StrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoader](https://securelist.com/strikeshark-campaign/120326/) - [ ] [VPN con connessione internet veloce di Surfshark: prezzi, vantaggi e servizi inclusi nell’offerta](https://www.cybersecurity360.it/cultura-cyber/vpn-connessione-internet-surfshark-offerta-2-49-euro-tre-mesi-extra/) - [ ] [Digital Identity Shadowing: quando qualcuno crea un’identità digitale a tua insaputa](https://www.cybersecurity360.it/nuove-minacce/digital-identity-shadowing-quando-qualcuno-crea-unidentita-digitale-a-tua-insaputa/) - [ ] [KDDI Data Breach May Have Exposed Up to 14.22 Million Email Accounts](https://thecyberexpress.com/kddi-data-breach-14-million-email-leak-2026/) - [ ] [UK Cybercrime Journal: Hargreaves Landsdown Extortion Attempt by Bashe](https://blog.bushidotoken.net/2026/06/uk-cybercrime-journal-hargreaves.html) - [ ] [Quell’ignoranza inconsapevole delle intelligenze artificiali](https://www.cybersecurity360.it/outlook/quellignoranza-inconsapevole-delle-intelligenze-artificiali/) - [ ] [National Health Care Fraud Takedown Charges 455 Defendants in $6.5 Billion Fraud Crackdown](https://thecyberexpress.com/national-health-care-fraud-takedown/) - [ ] [Multiple Vulnerabilities in QNAP NAS Devices Resolved Through Security Updates](https://thecyberexpress.com/vulnerabilities-in-qnap-nas-cve-2025-59382/) - [ ] [TfL Hackers Plead Guilty After Breach Exposed Customer Data and Cost £29 Million](https://thecyberexpress.com/transport-for-london-cyberattack-plead-guilty/) - [ ] [PCI Compliance Isn’t a Checkbox: How to Secure Ecommerce Checkouts Before Attackers Arrive](https://blog.sucuri.net/2026/06/pci-compliance-isnt-a-checkbox-how-to-secure-ecommerce-checkouts-before-attackers-arrive.html) - Qualys Security Blog - [ ] [CERT-In’s AI Vulnerability Blueprint: Why Indian CISOs Need Machine-Speed Risk Operations in the Post-Mythos Era](https://blog.qualys.com/category/product-tech) - 360数字安全 - [ ] [ISC.AI 2026 周鸿祎演讲全文:打造中国版“Mythos”,应对网络安全新挑战](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247586322&idx=1&sn=c68961f482c2dc603287457d88414ec8) - 安全419 - [ ] [安全419|一周国际网安资讯:FortiBleed席卷全球 AI安全治理迫在眉睫](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247553832&idx=1&sn=fbd0e71c5495b3267683d26ab127162f) - [ ] [周鸿祎:网络安全面临第二次“单向透明” 中国必须拥有自己的Mythos](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247553832&idx=2&sn=31f0352ac88d352ec1e5153fb5b8bfdc) - 大兵说安全 - [ ] [这封钓鱼邮件通过了所有安全认证:Amazon SES 被武器化,你收到的 Docusign 通知可能是陷阱](https://mp.weixin.qq.com/s?__biz=MzI2MzM0NjcxNw==&mid=2247485835&idx=1&sn=0eb4361c918811b9d17cbd900e4afb05) - 深信服千里目安全技术中心 - [ ] [【漏洞通告】Joomla JCE Editor 与 SP Page Builder 文件上传漏洞(CVE-2026-48907/CVE-2026-48908)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247525956&idx=1&sn=c39c853322d0a417d4b054ed9c794974) - Have I Been Pwned latest breaches - [ ] [Madison Square Garden Sports - 9,796,738 breached accounts](https://haveibeenpwned.com/Breach/MadisonSquareGardenSports) - ICT Security Magazine - [ ] [Biometria: abbiamo ancorato l’identità a ciò che non si può revocare](https://www.ictsecuritymagazine.com/notizie/biometria-il-corpo-che-non-si-revoca/) - [ ] [Cisco Unified CM: la falla SSRF CVE-2026-20230 è ora sfruttata in rete](https://www.ictsecuritymagazine.com/notizie/cisco-unified-cm-cve-2026-20230-sfruttata/) - [ ] [Dalla teoria alla trincea: perché i test di intrusione automatizzati non sostituiranno mai l’Ethical Hacker](https://www.ictsecuritymagazine.com/notizie/ethical-hacker-test/) - [ ] [Sicurezza AI: boom dell’IA vs perdita di controllo: dove l’entusiasmo si scontra con la realtà](https://www.ictsecuritymagazine.com/intelligenza-artificiale/sicurezza-ai/) - [ ] [Supply chain agentica: una skill fasulla supera ogni scanner e raggiunge 26.000 agenti](https://www.ictsecuritymagazine.com/notizie/supply-chain-agentica-skill-ai-malevola/) - [ ] [Crittografia post-quantum: l’ordine esecutivo USA fissa le scadenze 2030 e 2031 e fa partire il conto alla rovescia](https://www.ictsecuritymagazine.com/notizie/ordine-esecutivo-usa-crittografia-post-quantum-2030/) - Schneier on Security - [ ] [Embedding Forbidden Text in Spyware to Discourage AI Analysis](https://www.schneier.com/blog/archives/2026/06/embedding-forbidden-text-in-spyware-to-discourage-ai-analysis-2.html) - LockBoxx - [ ] [Book Review: "The Mom Test"](http://blog.lockboxx.org/2026/06/book-review-mom-test.html) - SANS Internet Storm Center, InfoCON: green - [ ] [Linux Process Name Masquerading, (Wed, Jun 24th)](https://isc.sans.edu/diary/rss/33102) - [ ] [ISC Stormcast For Wednesday, June 24th, 2026 https://isc.sans.edu/podcastdetail/9984, (Wed, Jun 24th)](https://isc.sans.edu/diary/rss/33100) - Instapaper: Unread - [ ] [Why Downloading Apps Only from Official Stores Is Not Enough](https://www.pillolhacking.net/why-downloading-apps-only-from-official-stores-is-not-enough/) - [ ] [Comprehensive Waze Forensic Parsing for iOS](https://djangofaiola.blogspot.com/2026/06/comprehensive-waze-forensic-parsing-for.html) - [ ] [Bypassing Stolen Device Protection Alternative Ways of Installing the Extraction Agent](https://blog.elcomsoft.com/2026/06/bypassing-stolen-device-protection-alternative-ways-of-installing-the-extraction-agent/) - [ ] [Windows Search Index Forensics Recovering Deleted Files, User Activity & Web History in Windows](https://digitalinvestigator.blogspot.com/2026/06/windows-search-index-forensics.html) - [ ] [LastPass, nuovo data breach esposti nomi, email, numeri di telefono e indirizzi fisici](https://www.cybersecitalia.it/lastpass-nuovo-data-breach-esposti-nomi-email-numeri-di-telefono-e-indirizzi-fisici/66499/) - TorrentFreak - [ ] [Major Brand Ads on Pirate Sites Surged 80% in a Year, EUIPO Finds](https://torrentfreak.com/major-brand-ads-on-pirate-sites-surged-80-in-a-year-euipo-finds/) - GRAHAM CLULEY - [ ] [Smashing Security podcast #473: How a hacker could have Rickrolled the entire World Cup](https://grahamcluley.com/smashing-security-podcast-473/) - Troy Hunt's Blog - [ ] [Weekly Update 509](https://www.troyhunt.com/weekly-update-509/) - Security Affairs - [ ] [Europol Disrupts StealC and Amadey Malware Infrastructure in Operation Endgame](https://securityaffairs.com/194173/cyber-crime/europol-disrupts-stealc-and-amadey-malware-infrastructure-in-operation-endgame.html) - [ ] [Why Frontier AI makes prioritization the most important part of your CTEM program](https://securityaffairs.com/194161/ai/why-frontier-ai-makes-prioritization-the-most-important-part-of-your-ctem-program.html) - [ ] [Cisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild](https://securityaffairs.com/194153/uncategorized/cisco-unified-cm-flaw-cve-2026-20230-actively-exploited-in-the-wild.html) - [ ] [U.S. CISA adds Ubiquiti UniFi OS and Lantronix EDS5000 plugin flaws to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/194142/security/u-s-cisa-adds-ubiquiti-unifi-os-and-lantronix-eds5000-plugin-flaws-to-its-known-exploited-vulnerabilities-catalog.html) - [ ] [FortiBleed: The Broker Who Turned 73,000 Firewalls Into a Product Catalog](https://securityaffairs.com/194132/cyber-crime/fortibleed-the-broker-who-turned-73000-firewalls-into-a-product-catalog.html) - [ ] [One Railway Radio Outage Stopped Trains Across Germany and Nobody Knew Why](https://securityaffairs.com/194117/security/one-railway-radio-outage-stopped-trains-across-germany-and-nobody-knew-why.html) - www.theregister.com - Articles - [ ] [The hits keep on coming for Cisco vulnerabilities](https://www.theregister.com/security/2026/06/24/the-hits-keep-on-coming-for-cisco-vulnerabilities/5261797) - [ ] [Microsoft uses AI to link two malware operations in racketeering suit](https://www.theregister.com/security/2026/06/24/microsoft-uses-ai-to-link-two-malware-operations-in-racketeering-suit/5261656) - [ ] [London cops bring live facial recognition to West End](https://www.theregister.com/security/2026/06/24/london-cops-bring-live-facial-recognition-to-west-end/5261031) - [ ] [You have got to be KDDI-ng – Japanese telco exposes 14.2 million managed email credentials](https://www.theregister.com/cyber-crime/2026/06/24/you-have-got-to-be-kddi-ng-japanese-telco-exposes-142-million-managed-email-credentials/5260555) - The Hacker News - [ ] [CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited](https://thehackernews.com/2026/06/cisa-warns-critical-lantronix-eds5000.html) - [ ] [Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered](https://thehackernews.com/2026/06/amadey-and-stealc-malware-network.html) - [ ] [Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks](https://thehackernews.com/2026/06/cordyceps-cicd-flaws-expose-300-github.html) - [ ] [Dawn of the Apex Agentic Adversary](https://thehackernews.com/2026/06/dawn-of-apex-agentic-adversary.html) - [ ] [DoJ Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering](https://thehackernews.com/2026/06/doj-seizes-huione-cloud-account-tied-to.html) - [ ] [Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root](https://thehackernews.com/2026/06/cisco-unified-cm-flaw-exploited-after.html) - Deeplinks - [ ] [🦅 Domestic Spying Takes an L | EFFector 38.12](https://www.eff.org/deeplinks/2026/06/domestic-spying-takes-l-effector-3812)
每日安全资讯(2026-06-25)