# 每日安全资讯(2026-01-27) - Doonsec's feed - [ ] [如果是我,我有没有别的办法?](https://mp.weixin.qq.com/s/TDoSAH74WCmU11a2g0iqwQ) - [ ] [网络安全自学书单(6本)](https://mp.weixin.qq.com/s/H65yk28BSUfLHZ89e9WTFw) - [ ] [全球瞭望|网络安全重大事件精选(197期)](https://mp.weixin.qq.com/s/Yb4kh2lZO3zf25a8KVvqGg) - [ ] [这款手机能当安卓机、Linux 工作站、Windows PC 用?](https://mp.weixin.qq.com/s/_mzNrRYumn4yuNSNepX93Q) - [ ] [丝滑注入之万能钥匙](https://mp.weixin.qq.com/s/NJzUjsBQXSTRxB1qNldbag) - [ ] [破防的helen有多可怕](https://mp.weixin.qq.com/s/LGojqnT70rWtYnv3cvhsUw) - [ ] [手把手教你成为白帽黑客!Web架构基础(中)](https://mp.weixin.qq.com/s/BIp8wVczLqHzYK80HjanmA) - [ ] [马化腾1月26日讲话重点-AI动作慢了](https://mp.weixin.qq.com/s/C7T1nfBIBRmPRermw2TtrA) - [ ] [于正的“真实腹肌”难倒AI?](https://mp.weixin.qq.com/s/cybn8PaoSWK5zs_zFWjNuQ) - [ ] [【协会风采】理事单位:福建省四信数字科技集团有限公司](https://mp.weixin.qq.com/s/pnx9WW3rvFb2iLPPcDhLUA) - [ ] [DumpGuard:首个公开绕过Windows Credential Guard的凭据提取工具](https://mp.weixin.qq.com/s/Z0_D7kqGI84Ez3wB4fBzpA) - [ ] [c2各种源码分析视频教程规划](https://mp.weixin.qq.com/s/8Ig1-SwPYsyMCv50iu48ig) - [ ] [此刻起,立马开启无限AI之旅!众多模型等你使用!](https://mp.weixin.qq.com/s/PLL4UT5jfW5-FYUimFPtWw) - [ ] [每日课程更新](https://mp.weixin.qq.com/s/QBgtSa9vijWHuH1GiwWBuw) - [ ] [闲置主机 + 白嫖Claude:零成本打造7x24小时的AI牛马](https://mp.weixin.qq.com/s/y711hmhW9aox9TVvRGwEWw) - [ ] [软件定义车辆的网络安全](https://mp.weixin.qq.com/s/ca3BPYPLwh2t9Qoo57em9g) - [ ] [软件定义汽车(SDV)核心技术培训课程 2026](https://mp.weixin.qq.com/s/ANZJru7GKa-vQHWybscZ7g) - [ ] [车轮上的代码 —— 软件定义汽车的安全与网络安全策略](https://mp.weixin.qq.com/s/-wd-HFkfOSVIlfRUo2anTA) - [ ] [东南大学 |ByteDance :让字节在多视角加密流量分类中表现卓越](https://mp.weixin.qq.com/s/SQ3RwlGpMg9MWLaHLyqr8A) - [ ] [G.O.S.S.I.P 阅读推荐 2026-01-26 以“包”之名](https://mp.weixin.qq.com/s/JmPGL14s6F7vS_aVgDRv3A) - [ ] [百度:智能驾驶一线攻防实战](https://mp.weixin.qq.com/s/80bi1PnDWGRza6CpFdiHTw) - [ ] [16_等保系列之等级保护、风险评估和安全测评三者的区别](https://mp.weixin.qq.com/s/7Tq7AXbVP7NbPis885pKcA) - [ ] [多协议安全测试工具 - MPET](https://mp.weixin.qq.com/s/vnMSAVrkFpG_sefEvolymQ) - [ ] [将网络内容转换为LLM适用数据](https://mp.weixin.qq.com/s/Qu-TTZ-i5LguH8EgQ5z7Mg) - [ ] [CVE-2025-55182 的 POC,可在 Next.js 16.0.6 上运行](https://mp.weixin.qq.com/s/wS-RF_RWWok9W-tjcTcjSA) - [ ] [REINFORCE 越狱攻击让 Llama 3 彻底黑化](https://mp.weixin.qq.com/s/NzOpzOAYQqmmYEesuOQTfA) - [ ] [15_等保系列之三保一评联系与区别](https://mp.weixin.qq.com/s/g0d2W8fqe-Jn6Kvxc5f4_Q) - [ ] [开源计算机科学学位](https://mp.weixin.qq.com/s/Wo8Zqm0KuauL1_feDdI1gQ) - [ ] [马斯克:5年内AI智慧将超越全人类!](https://mp.weixin.qq.com/s/h7kWU2eg6csUruzlXT_yPg) - [ ] [今日腊八节!](https://mp.weixin.qq.com/s/5HrjjleTxwmyWL8zsxwASA) - [ ] [红队C2工具--vshell](https://mp.weixin.qq.com/s/N6aCm2Q4RUDFndkCHxfkVQ) - [ ] [超棒的数学](https://mp.weixin.qq.com/s/JXNteBmzcYo9_evxEXOy6g) - [ ] [MS365 高级版(原copilot pro)使用智能体模式](https://mp.weixin.qq.com/s/uqHWdGet-kK8tc0Kon2yXQ) - [ ] [聊聊信息安全、网络安全和数据安全三个概念](https://mp.weixin.qq.com/s/hVIHmfC4Zk0l1aE1oacxUg) - [ ] [国家网信办就《金融信息服务数据分类分级指南(征求意见稿)》公开征求意见](https://mp.weixin.qq.com/s/SFv2WETO21e09lQRYFkePA) - [ ] [极客无疆——2025京麒白帽大会暨JSRC年终盛典圆满落幕!](https://mp.weixin.qq.com/s/3DaQn_449Vh3-iTr3BBg9A) - [ ] [论坛·原创 | “一带一路”背景下中国海外数字利益保护问题与对策](https://mp.weixin.qq.com/s/VWCtDkiJcj2aFgvcpr0c2A) - [ ] [国安部提示:对网络空间恶意“带节奏”的乱象要时刻保持警醒](https://mp.weixin.qq.com/s/DxRwHJWXUlN5vf0z2s3YTg) - [ ] [通知 | 国家网信办就《金融信息服务数据分类分级指南(征求意见稿)》公开征求意见](https://mp.weixin.qq.com/s/YT1FZAOPHbL_zRyAfj-cHw) - [ ] [评论 | 平台要当好招聘信息“守门人”](https://mp.weixin.qq.com/s/tB8KS0axpVlkXnQhq8gRcQ) - [ ] [警惕!GNU Inetutils telnetd 9.8分高危漏洞来袭,附批量可视化检测工具](https://mp.weixin.qq.com/s/zt3kp5jevfqQTdEPR97UPg) - [ ] [普通人用AI赚第一桶金:不用会技术,从小钱开始,落地就有钱](https://mp.weixin.qq.com/s/esEYVanL-2kGUnWBHCHpCg) - [ ] [Lazarus黑客积极攻击欧洲无人机制造公司](https://mp.weixin.qq.com/s/turJ4YmqIphiCa1NxSX9LA) - [ ] [Webshell网络安全应急响应](https://mp.weixin.qq.com/s/ReV9hl9Zik0UnWzwFjo2Gw) - [ ] [新120万年薪的网络安全总监的,他竟然…](https://mp.weixin.qq.com/s/VH95uawR----nlPVmYmR9Q) - [ ] [央视《新闻联播》:2025年我国数字产业收入超38万亿元](https://mp.weixin.qq.com/s/gGWQTGY6S_6Xbad7QQVq8A) - [ ] [学术前沿 | 西安交通大学蔺琛皓教授团队:跨场景下基于人机交互行为的儿童识别技术](https://mp.weixin.qq.com/s/f3yyI0YTExVcLsOFj-rvdQ) - [ ] [【接口漏洞第八章第六节】GraphQL端点发现了,然后呢?实战利用自省功能“透视”API](https://mp.weixin.qq.com/s/NZbfQNFcp8tQKJHBidP-Ng) - Private Feed for M09Ic - [ ] [xnl-h4ck3r released v8.3 at xnl-h4ck3r/waymore](https://github.com/xnl-h4ck3r/waymore/releases/tag/v8.3) - [ ] [bolucat released 202601261945 at bolucat/Archive](https://github.com/bolucat/Archive/releases/tag/202601261945) - [ ] [joaoviictorti starred JelteF/derive_more](https://github.com/JelteF/derive_more) - [ ] [PrefectHQ released 3.6.14.dev3 at PrefectHQ/prefect](https://github.com/PrefectHQ/prefect/releases/tag/3.6.14.dev3) - [ ] [itm4n released 2026.01.26-1 at itm4n/PrivescCheck](https://github.com/itm4n/PrivescCheck/releases/tag/2026.01.26-1) - [ ] [Mel0day starred clawdbot/clawdbot](https://github.com/clawdbot/clawdbot) - [ ] [kpcyrd starred lucasgelfond/zerobrew](https://github.com/lucasgelfond/zerobrew) - [ ] [su18 starred clawdbot/clawdbot](https://github.com/clawdbot/clawdbot) - [ ] [gh0stkey starred enspirit/elo](https://github.com/enspirit/elo) - [ ] [Ridter starred clawdbot/clawdbot](https://github.com/clawdbot/clawdbot) - [ ] [pmiaowu starred fr33d3m0n/skill-threat-modeling](https://github.com/fr33d3m0n/skill-threat-modeling) - [ ] [panjf2000 starred clawdbot/clawdbot](https://github.com/clawdbot/clawdbot) - [ ] [DVKunion starred caddyserver/caddy](https://github.com/caddyserver/caddy) - SecWiki News - [ ] [SecWiki News 2026-01-26 Review](http://www.sec-wiki.com/?2026-01-26) - Der Flounder - [ ] [Deploying Apple software update deferrals using Blueprints in Jamf Pro](https://derflounder.wordpress.com/2026/01/26/deploying-apple-software-update-deferrals-using-blueprints-in-jamf-pro/) - 安全客-有思想的安全新媒体 - [ ] [CVE-2026-23594:HPE Alletra和Nimble中存在高严重性漏洞可被利用获取管理员权限](https://www.anquanke.com/post/id/314515) - [ ] [OpenAI发力TOB市场,瞄准企业客户与高价值商业场景](https://www.anquanke.com/post/id/314513) - [ ] [“SymPy”仿冒品:域名抢注式攻击将数学库沦为加密货币挖矿工具](https://www.anquanke.com/post/id/314518) - [ ] [破坏与野外利用:LA-Studio Element Kit中发现严重后门](https://www.anquanke.com/post/id/314510) - [ ] [黑客利用“rn”拼写欺诈手段,在新型钓鱼攻击中仿冒微软与万豪](https://www.anquanke.com/post/id/314543) - [ ] [Mac 用户警惕:“MacSync”恶意软件诱导你“亲手”入侵自己的设备](https://www.anquanke.com/post/id/314522) - [ ] [CVE-2026-22822:External Secrets Operator严重漏洞破坏命名空间隔离机制](https://www.anquanke.com/post/id/314529) - [ ] [Google推出「个人智能」AI模式,打造专属个性化搜索体验](https://www.anquanke.com/post/id/314541) - [ ] [Microsoft 365全球宕机事件:2026年1月22日多国业务停摆](https://www.anquanke.com/post/id/314535) - [ ] [GNU InetUtils telnetd严重漏洞可让攻击者绕过登录获取root权限](https://www.anquanke.com/post/id/314536) - Recent Commits to cve:main - [ ] [Update Mon Jan 26 11:13:10 UTC 2026](https://github.com/trickest/cve/commit/b31ca4ea349d893a54434decd8c1b49dc8b20d52) - CXSECURITY Database RSS Feed - CXSecurity.com - [ ] [LangChain Core - Serialization Injection to Jinja2 SSTI/RCE](https://cxsecurity.com/issue/WLB-2026010017) - [ ] [LayerSlider 7.9.5 – Unauthenticated SQL Injection](https://cxsecurity.com/issue/WLB-2026010016) - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com - [ ] [具身智能的三大安全挑战:认知、网络与伦理的治理思考](https://www.4hou.com/posts/pnxX) - [ ] [具身智能的 “阿喀琉斯之踵”,我们如何与脆弱的钢铁之躯共存?](https://www.4hou.com/posts/5MNZ) - [ ] [GhostPoster攻势再起:17款恶意浏览器扩展伪装潜伏 累计下载量超84万](https://www.4hou.com/posts/VW4O) - [ ] [CSTIS:关于防范MuddyWater组织网络攻击的风险提示](https://www.4hou.com/posts/8gpW) - Microsoft Security Blog - [ ] [Security strategies for safeguarding governmental data](https://www.microsoft.com/en-us/security/blog/2026/01/26/security-strategies-for-safeguarding-governmental-data/) - 美团技术团队 - [ ] [美团 EvoCUA 刷新开源 SOTA,会用电脑还会持续进化的智能体!](https://tech.meituan.com/2026/01/26/evocua.html) - 奇安信攻防社区 - [ ] [当AI被“反向操控”:图像模型反演攻击全流程揭秘](https://forum.butian.net/share/4733) - ElcomSoft blog - [ ] [The History and Evolution of USB Charging Standards](https://blog.elcomsoft.com/2026/01/the-history-and-evolution-of-usb-charging-standards/) - Cerbero Blog - [ ] [Memory Analysis Package 0.8](https://blog.cerbero.io/memory-analysis-package-0-8/) - Horizon3.ai - [ ] [Defending with AD Tripwires: GOAD Walkthrough](https://horizon3.ai/attack-research/defending-with-ad-tripwires-goad-walkthrough/) - [ ] [CVE-2026-24061](https://horizon3.ai/attack-research/vulnerabilities/cve-2026-24061/) - LevelBlue SpiderLabs Blog - [ ] [The Hard Lessons Learned by Analyzing Education Sector Cyberattacks](https://levelblue.com/blogs/spiderlabs-blog/the-hard-lessons-learned-by-analyzing-education-sector-cyberattacks/) - Bug Bounty in InfoSec Write-ups on Medium - [ ] [Prompt Injection in Agentic AI](https://infosecwriteups.com/prompt-injection-in-agentic-ai-66b93b52fe48?source=rss----7b722bfd1b8d--bug_bounty) - [ ] [Bug Bounty Isn’t About Speed — It’s About Seeing What Others Ignore](https://infosecwriteups.com/bug-bounty-isnt-about-speed-it-s-about-seeing-what-others-ignore-1b99396cdd6c?source=rss----7b722bfd1b8d--bug_bounty) - [ ] [[CVE-2021–28379] Abusing file uploads to get an SSH backdoor](https://infosecwriteups.com/cve-2021-28379-abusing-file-uploads-to-get-an-ssh-backdoor-77fdcef4d971?source=rss----7b722bfd1b8d--bug_bounty) - [ ] [HTML Injection to Data Exfiltration: Weaponizing CSS](https://infosecwriteups.com/html-injection-to-data-exfiltration-weaponizing-css-88ec1639a0cd?source=rss----7b722bfd1b8d--bug_bounty) - Binary Ninja - [ ] [Binary Ninja Enterprise 2.0 Released](https://binary.ninja/2026/01/26/enterprise-2.0.html) - Inside Stormshield - [ ] [Zoom métier – découvrez Maximilien, développeur Rust](https://stories.stormshield.com/zoom-metier-decouvrez-maximilien-developpeur-rust/) - Malwarebytes - [ ] [Get paid to scroll TikTok? The data trade behind Freecash ads](https://www.malwarebytes.com/blog/news/2026/01/get-paid-to-scroll-tiktok-the-data-trade-behind-freecash-ads) - [ ] [One privacy change I made for 2026 (Lock and Code S07E02)](https://www.malwarebytes.com/blog/podcast/2026/01/one-privacy-change-i-made-for-2026-lock-and-code-s07e02) - [ ] [A week in security (January 19 – January 25)](https://www.malwarebytes.com/blog/news/2026/01/a-week-in-security-january-19-january-25) - Reverse Engineering - [ ] [/r/ReverseEngineering's Weekly Questions Thread](https://www.reddit.com/r/ReverseEngineering/comments/1qna0ya/rreverseengineerings_weekly_questions_thread/) - [ ] [Roadmap and Resources for Hardware Reverse Engineering](https://www.reddit.com/r/ReverseEngineering/comments/1qnk3mt/roadmap_and_resources_for_hardware_reverse/) - [ ] [Certificate Transparency as Communication Channel](https://www.reddit.com/r/ReverseEngineering/comments/1qnitg5/certificate_transparency_as_communication_channel/) - [ ] [static_asm: compile-time C++20 x86/x64 assembler](https://www.reddit.com/r/ReverseEngineering/comments/1qnos65/static_asm_compiletime_c20_x86x64_assembler/) - [ ] [R2web: Access radare2 from anywhere, anytime. Now r2become more easier to be accessible than before, no local installation required use it anytime, anywhere from any device](https://www.reddit.com/r/ReverseEngineering/comments/1qn5f32/r2web_access_radare2_from_anywhere_anytime_now/) - daniel.haxx.se - [ ] [Improving curl -J](https://daniel.haxx.se/blog/2026/01/27/improving-curl-j/) - [ ] [The end of the curl bug-bounty](https://daniel.haxx.se/blog/2026/01/26/the-end-of-the-curl-bug-bounty/) - 绿盟科技技术博客 - [ ] [从现网到靶场:2025云上AI安全事件深度复盘](https://blog.nsfocus.net/%e4%bb%8e%e7%8e%b0%e7%bd%91%e5%88%b0%e9%9d%b6%e5%9c%ba%ef%bc%9a2025%e4%ba%91%e4%b8%8aai%e5%ae%89%e5%85%a8%e4%ba%8b%e4%bb%b6%e6%b7%b1%e5%ba%a6%e5%a4%8d%e7%9b%98/) - [ ] [AI在军事应用的七种模式](https://blog.nsfocus.net/ai%e5%9c%a8%e5%86%9b%e4%ba%8b%e5%ba%94%e7%94%a8%e7%9a%84%e4%b8%83%e7%a7%8d%e6%a8%a1%e5%bc%8f/) - HackerNews - [ ] [OSIRIS 勒索软件浮出水面?其利用 BYOVD 技术摧毁安全工具](https://hackernews.cc/archives/62394) - [ ] [爱尔兰拟立法允许执法部门使用间谍软件](https://hackernews.cc/archives/62396) - [ ] [耐克调查潜在安全事件,黑客威胁泄露数据](https://hackernews.cc/archives/62398) - [ ] [“沙虫”黑客组织袭击波兰能源系统未遂](https://hackernews.cc/archives/62393) - [ ] [Fortinet 证实已修复设备仍遭受 FortiCloud 单点登录功能攻击](https://hackernews.cc/archives/62397) - Security Blog | Praetorian - [ ] [Corrupting the Hive Mind: Persistence Through Forgotten Windows Internals](https://www.praetorian.com/blog/corrupting-the-hive-mind-persistence-through-forgotten-windows-internals/) - 奇客Solidot–传递最新科技情报 - [ ] [Google AI Overviews 回答健康问题时引用的信息源更多来自 YouTube](https://www.solidot.org/story?sid=83403) - [ ] [RMS 认为版权是非正义的](https://www.solidot.org/story?sid=83402) - [ ] [中国公司开发了逾 1500 个大模型](https://www.solidot.org/story?sid=83401) - [ ] [科学家识别定义“你”的脑电波](https://www.solidot.org/story?sid=83400) - [ ] [OnePlus 一月固件更新引入了硬件级防回滚机制](https://www.solidot.org/story?sid=83399) - [ ] [Windows 11 一月更新可能导致部分 PC 无法启动](https://www.solidot.org/story?sid=83398) - [ ] [RMS 称大模型是伪智能](https://www.solidot.org/story?sid=83397) - [ ] [脸部的伤疤为什么不容易留痕?](https://www.solidot.org/story?sid=83396) - [ ] [Spotify 诉讼导致安娜的档案主域名被封](https://www.solidot.org/story?sid=83395) - [ ] [伊朗正建立一个分级制的互联网](https://www.solidot.org/story?sid=83394) - 黑海洋Wiki | Web开发工具包 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台 - [ ] [EDA巨头:存储芯片紧缺或持续到明年](https://blog.upx8.com/EDA%E5%B7%A8%E5%A4%B4-%E5%AD%98%E5%82%A8%E8%8A%AF%E7%89%87%E7%B4%A7%E7%BC%BA%E6%88%96%E6%8C%81%E7%BB%AD%E5%88%B0%E6%98%8E%E5%B9%B4) - [ ] [微软发布新一代AI加速器Maia 200](https://blog.upx8.com/%E5%BE%AE%E8%BD%AF%E5%8F%91%E5%B8%83%E6%96%B0%E4%B8%80%E4%BB%A3AI%E5%8A%A0%E9%80%9F%E5%99%A8Maia-200) - [ ] [苹果推出新AirTag 连接范围更广、更易查找](https://blog.upx8.com/%E8%8B%B9%E6%9E%9C%E6%8E%A8%E5%87%BA%E6%96%B0AirTag-%E8%BF%9E%E6%8E%A5%E8%8C%83%E5%9B%B4%E6%9B%B4%E5%B9%BF-%E6%9B%B4%E6%98%93%E6%9F%A5%E6%89%BE) - [ ] [豆包手机助手回应安全隐私问题:内容不存储不训练](https://blog.upx8.com/%E8%B1%86%E5%8C%85%E6%89%8B%E6%9C%BA%E5%8A%A9%E6%89%8B%E5%9B%9E%E5%BA%94%E5%AE%89%E5%85%A8%E9%9A%90%E7%A7%81%E9%97%AE%E9%A2%98-%E5%86%85%E5%AE%B9%E4%B8%8D%E5%AD%98%E5%82%A8%E4%B8%8D%E8%AE%AD%E7%BB%83) - 安全分析与研究 - [ ] [伪装成Chrome安装程序银狐黑产最新攻击样本与威胁情报](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247495448&idx=1&sn=74a76db0bca29e15df98141354acc643) - 黑鸟 - [ ] [这款手机能当安卓机、Linux 工作站、Windows PC 用?](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451184993&idx=1&sn=c4daad8fca2bd4ef53c6111a242cafbc) - 威努特安全网络 - [ ] [光网铺路·云脑赋能·安全护航 三步构建智慧校园](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651139762&idx=1&sn=cb5df2dbfeb4b6e3cb4ad2573539f1a7) - 安全客 - [ ] [刷新认知!AI协作24小时共创全新编程语言,已开源](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649789645&idx=1&sn=2f03e4c73edb0311c9d0c51237788490) - 代码卫士 - [ ] [2026 Pwn2Own 东京汽车大赛落下帷幕,Master of Pwn 诞生](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247524969&idx=1&sn=fbd3e630ba31d2f0118b90ad0779d309) - [ ] [CISA:四款企业软件中的漏洞已遭利用](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247524969&idx=2&sn=f5c3f208265141f2ef4d2fca7dd25c76) - 安全内参 - [ ] [高端运动品牌7200万用户个人信息疑似泄露,官方称正在调查](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515502&idx=1&sn=4b5d5f5cfe9926b4bdf48a2072dd333b) - [ ] [美国空军网络副司令建议将网络能力深度融入联合作战](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515502&idx=2&sn=d6c97e9d4db62466d1d15844dac005a8) - 青山青吖 - [ ] [写在黄金5000点 | 黄金](https://mp.weixin.qq.com/s?__biz=MzI5NzAzMDg0NA==&mid=2650698676&idx=1&sn=061411461b3f266fbd1f8eceb391ca0c) - 绿盟科技研究通讯 - [ ] [从现网到靶场:2025云上AI安全事件深度复盘](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247499436&idx=1&sn=cb7fccf330ab355cff89c2f95e34834a) - 二道情报贩子 - [ ] [.ai域名狂潮:人口1.5万的安圭拉,靠AI赚得盆满钵满](https://mp.weixin.qq.com/s?__biz=MzU5NTA3MTk5Ng==&mid=2247490023&idx=1&sn=95a3c7763fa79d6af7a5aaeed87c29bf) - RapidDNS - [ ] [RapidDNS Pro 上线:解锁百万级数据导出,与终身会员计划](https://mp.weixin.qq.com/s?__biz=Mzg4NDU0ODMxOQ==&mid=2247485837&idx=1&sn=cb9ce645ea15185ae8a380f306fc10ab) - 安全研究GoSSIP - [ ] [G.O.S.S.I.P 阅读推荐 2026-01-26 以“包”之名](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247501335&idx=1&sn=68ec7561cf0ea4342c43b4b4bed1711e) - 信息安全国家工程研究中心 - [ ] [强化网络数据安全 | 上海市网信办发布2025年执法典型案例](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247502784&idx=1&sn=64150a802158f4377f48eb2b84ae5a9f) - 丁爸 情报分析师的工具箱 - [ ] [【资料】美国2026国防战略](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651154049&idx=1&sn=68c6dc063632ba9cb2234fa66e042806) - 安全圈 - [ ] [【安全圈】这些密码真别用了!60亿条泄露数据揭示:123456仍居榜首](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652073860&idx=1&sn=f951c01f5be15e41b398b6c2495d7191) - [ ] [【安全圈】警惕!黑客如何绕过验证窃取凭证](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652073860&idx=2&sn=2b75fa73ab4760fe2dddbc0ef1443722) - [ ] [【安全圈】打脸?特斯拉车载信息娱乐系统在 Pwn2Own 大赛被黑客快速攻破](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652073860&idx=3&sn=2c48f48d2bdd19b0aaa3b99d7a830389) - 网安杂谈 - [ ] [网安杂谈知识记录本2026.1.26腊八节快乐](https://mp.weixin.qq.com/s?__biz=MzAwMTMzMDUwNg==&mid=2650889941&idx=1&sn=a4cef45d856447f444f1e7fe305c6ce5) - 看雪学苑 - [ ] [Meta低调修复Instagram高危权限漏洞,安全社区质疑其响应透明度](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458608579&idx=1&sn=b2ea4f72fed798e5537bb1f1dd511cad) - [ ] [Hitcontraining_magicheap](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458608579&idx=2&sn=52da49f3c30cc6f3a4adc6af17a7f41d) - [ ] [【非虫新课】阶段二:安卓软件开发与逆向分析(工具篇)](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458608579&idx=3&sn=f733360a743a906ac9dd71026de76c3c) - 中国信息安全 - [ ] [中国信息安全测评中心主任彭涛:策马奔腾续写网络安全事业发展新篇章](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664258048&idx=1&sn=7808962ece4e737f5e5fa131ce95d99c) - [ ] [《中国信息安全》杂志2026年第1期目录](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664258048&idx=2&sn=3c14948569fb2dc80017851f60fe947d) - 补天平台 - [ ] [2025补天平台【专属SRC积分挑战赛】最终获奖名单发布!](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247510124&idx=1&sn=ff249d65ccf781b148605da1ea551440) - 网络空间安全科学学报 - [ ] [学术前沿 | 西安交通大学蔺琛皓教授团队:跨场景下基于人机交互行为的儿童识别技术](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247507127&idx=1&sn=d55207799904521186b2a6bdbbbdf8d3) - XCTF联赛 - [ ] [LilacCTF 2026落幕,Project Sekai战队实力夺冠!](https://mp.weixin.qq.com/s?__biz=MjM5NDU3MjExNw==&mid=2247516157&idx=1&sn=af5a41e54a4eebe987a20eef2e8893c3) - 安全牛 - [ ] [你的内网资产正在“裸奔”?CISA最新发布暴露面收敛指南](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651140285&idx=1&sn=3a0d33dd0b0a4464b4c19e0cacac6e71) - [ ] [多层防护 VS 全链路管控 :国内外反勒索厂商技术路径解析](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651140285&idx=2&sn=da0c751db4067a8b7cef40f8518b12b7) - [ ] [《AI赋能的智能化审计新范式研究》正式启动](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651140285&idx=3&sn=77da6a35111e90810ca21997351834b2) - 电子物证 - [ ] [【虚假视频的技术识别与制作源头追溯】](https://mp.weixin.qq.com/s?__biz=MzAwNDcwMDgzMA==&mid=2651048910&idx=1&sn=74116d1c924455bce247a62247610993) - [ ] [唐云阳:电子数据完整性的功能扩张及其反思 |《环球法律评论》2025年第6期](https://mp.weixin.qq.com/s?__biz=MzAwNDcwMDgzMA==&mid=2651048910&idx=2&sn=2d42fbb6baf20422d7dfafc99ad45a0a) - 嘶吼专业版 - [ ] [GhostPoster攻势再起:17款恶意浏览器扩展伪装潜伏 累计下载量超84万](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247586486&idx=1&sn=0c6acc0a18b27f29a4f2811d748163ca) - [ ] [CSTIS:关于防范MuddyWater组织网络攻击的风险提示](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247586486&idx=2&sn=b4eb0ca30b18cebeb3fd9cec91647e92) - 极客公园 - [ ] [老字号、新势力集体转身背后:一场始于拼多多的「养生革命」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653097802&idx=1&sn=e94230e5b8d3c69ae16c57ce39ffa7ca) - [ ] [腾讯的社交实验:当 AI 混进人类「群聊」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653097797&idx=1&sn=ff096b76437423b763dd2435a029926f) - [ ] [iPhone Air 再降 2000 元,创苹果史上最高降价纪录;黄仁勋现身上海、北京;腾讯元宝春节分 10 亿元现金 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653097772&idx=1&sn=da6d43c7302e4436999d825a8e16c1c0) - 火绒安全 - [ ] [粥香满庭户 网安有火绒](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247530161&idx=1&sn=4e16f3c15fc341c3e4ee05c944d0631e) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247530161&idx=2&sn=f838c0169119c810a74f2d31c2d10788) - 微步在线 - [ ] [年底了,该上才艺了!](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650185402&idx=1&sn=d849cac07798ad64950fa6cb53529fcf) - 慢雾科技 - [ ] [慢雾科技(SlowMist) 成立八周年啦!](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247504200&idx=1&sn=6ea8c3ccf4aed2fb445905039d700a89) - 数世咨询 - [ ] [为什么“自动更新”是防火墙上最被低估的安全能力?](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247541577&idx=1&sn=eded96af6b94a0498c740bcaa720d03d) - 斗象智能安全 - [ ] [警惕“合法身份”作案!狙击制造业内网数据窃密案件](https://mp.weixin.qq.com/s?__biz=MzIwMjcyNzA5Mw==&mid=2247495283&idx=1&sn=9fd0f952abbd5b82208739a749b73798) - 京东安全应急响应中心 - [ ] [极客无疆——2025京麒白帽大会暨JSRC年终盛典圆满落幕!](https://mp.weixin.qq.com/s?__biz=MjM5OTk2MTMxOQ==&mid=2727850444&idx=1&sn=733224c84ccf4b94074611866171b1b7) - 威胁猎人Threat Hunter - [ ] [【黑产大数据】2025年数据泄露风险态势报告](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247502541&idx=1&sn=4be5074b3c2ec5b16a5d6a17306ea835) - 迪哥讲事 - [ ] [某次演练过程中的攻防实战](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247498966&idx=1&sn=0a29895b3a061f2eff9963ae953033c4) - OnionSec - [ ] [想思考一下“误报”](https://mp.weixin.qq.com/s?__biz=MzUyMTUwMzI3Ng==&mid=2247485728&idx=1&sn=15fff33382460dd92d5983002d83b8ab) - 360数字安全 - [ ] [360大模型领域最新成果亮相国际AI顶会AAAI 2026](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247584662&idx=1&sn=5f01ff3553d49ec791727d3df740816d) - 情报分析师 - [ ] [韩国国情院如何调查朝鲜,揭秘五大谍报手段](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650566510&idx=1&sn=d47ea6578f26f6da730abde4f65465f3) - [ ] [【深度研判】美国“和平委员会”与国际多边体制演变对我国际安全挑战分析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650566510&idx=2&sn=f1220b91d5f7980480212f0a4b61a6e1) - Over Security - Cybersecurity news aggregator - [ ] [Google agrees to pay $68 million to settle voice recording lawsuit](https://therecord.media/google-settles-millions-privacy-recording) - [ ] [Here’s the tech powering ICE’s deportation crackdown](https://techcrunch.com/2026/01/26/heres-the-tech-powering-ices-deportation-crackdown/) - [ ] [New ClickFix attacks abuse Windows App-V scripts to push malware](https://www.bleepingcomputer.com/news/security/new-clickfix-attacks-abuse-windows-app-v-scripts-to-push-malware/) - [ ] [Supreme Court to hear Facebook pixel tracking case](https://therecord.media/supreme-court-case-facebook-tracking) - [ ] [Microsoft patches actively exploited Office zero-day vulnerability](https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-actively-exploited-office-zero-day-vulnerability/) - [ ] [Digital Networks Act (Dna): i punti chiave su cyber security e protezione degli utenti](https://www.cybersecurity360.it/legal/digital-networks-act-dna-i-punti-chiave-su-cyber-security-e-protezione-degli-utenti/) - [ ] [Cloudflare misconfiguration behind recent BGP route leak](https://www.bleepingcomputer.com/news/security/cloudflare-misconfiguration-behind-recent-bgp-route-leak/) - [ ] [EU launches investigation into X over Grok-generated sexual images](https://www.bleepingcomputer.com/news/artificial-intelligence/eu-launches-investigation-into-x-over-grok-generated-sexual-images/) - [ ] [Judge awards British critic of Saudis $4.1 million, finds the regime hacked his devices](https://therecord.media/london-judge-sides-with-saudi-critic-spyware-case) - [ ] [Data Act, c’è un aggiornamento delle FAQ: cosa cambia per aziende e utenti](https://www.cybersecurity360.it/news/data-act-ce-un-aggiornamento-delle-faq-cosa-cambia-per-aziende-e-utenti/) - [ ] [Stanley — A $6,000 Russian Malware Toolkit with Chrome Web Store Guarantee](https://www.varonis.com/blog/stanley-malware-kit) - [ ] [Russian state hackers likely behind wiper malware attack on Poland’s power grid](https://therecord.media/russia-eset-sandworm-poland-hack) - [ ] [Nearly 800,000 Telnet servers exposed to remote attacks](https://www.bleepingcomputer.com/news/security/nearly-800-000-telnet-servers-exposed-to-remote-attacks/) - [ ] [6 Okta security settings you might have overlooked](https://www.bleepingcomputer.com/news/security/6-okta-security-settings-you-might-have-overlooked/) - [ ] [Romania probes two suspects over alleged hitman-for-hire website](https://therecord.media/romania-assassins-for-hire-website-investigation) - [ ] [C’è Sandworm dietro l’attacco contro il settore energetico polacco](https://www.securityinfo.it/2026/01/26/ce-sandworm-dietro-lattacco-contro-il-settore-energetico-polacco/) - [ ] [Attacco cyber russo alla Polonia: la guerra è in UE e nessuno si sorprende](https://www.cybersecurity360.it/cybersecurity-nazionale/attacco-cyber-russo-alla-polonia-la-guerra-e-in-ue-e-nessuno-si-sorprende/) - [ ] [Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies](https://www.bleepingcomputer.com/news/security/hackers-can-bypass-npms-shai-hulud-defenses-via-git-dependencies/) - [ ] [EU launches formal investigation into X and Grok over sexual images](https://therecord.media/grok-sexually-explicit-images-eu-formal-investigation) - [ ] [CISA says critical VMware RCE flaw now actively exploited](https://www.bleepingcomputer.com/news/security/cisa-says-critical-vmware-rce-flaw-now-actively-exploited/) - [ ] [Fix Staff Shortage & Burnout in Your SOC with Better Threat Intelligence](https://any.run/cybersecurity-blog/soc-staff-shortage-burnout/) - [ ] [L’eclissi della cifratura: AI, quantum e la sfida satellitare cinese nel 2026](https://www.cybersecurity360.it/cybersecurity-nazionale/leclissi-della-cifratura-ai-quantum-e-la-sfida-satellitare-cinese-nel-2026/) - [ ] [ChatGPT Temporary chat feature is getting a much-needed upgrade](https://www.bleepingcomputer.com/news/artificial-intelligence/chatgpt-temporary-chat-feature-is-getting-a-much-needed-upgrade/) - 安全行者老霍 - [ ] [ChatGPT新漏洞可让攻击者窃取谷歌邮箱、微软邮箱及代码托管平台数据](https://mp.weixin.qq.com/s?__biz=Mzg3NjU4MDI4NQ==&mid=2247485828&idx=1&sn=e96ec9b2bd3cb95f89618868e299f99f) - Securityinfo.it - [ ] [C’è Sandworm dietro l’attacco contro il settore energetico polacco](https://www.securityinfo.it/2026/01/26/ce-sandworm-dietro-lattacco-contro-il-settore-energetico-polacco/?utm_source=rss&utm_medium=rss&utm_campaign=ce-sandworm-dietro-lattacco-contro-il-settore-energetico-polacco) - 安全419 - [ ] [这些顶级网络安全认证能助你2026年涨薪](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247552211&idx=1&sn=25fec7bc34fbfc6ebef3b20b7b0d1912) - SANS Internet Storm Center, InfoCON: green - [ ] [ISC Stormcast For Monday, January 26th, 2026 https://isc.sans.edu/podcastdetail/9780, (Mon, Jan 26th)](https://isc.sans.edu/diary/rss/32656) - [ ] [Scanning Webserver with /$(pwd)/ as a Starting Path, (Sun, Jan 25th)](https://isc.sans.edu/diary/rss/32654) - 网络安全回收站 - [ ] [闲置主机 + 白嫖Claude:零成本打造7x24小时的AI牛马](https://mp.weixin.qq.com/s?__biz=Mzg2MTc1NDAxMA==&mid=2247485114&idx=1&sn=718c34d633b6d2db01c5e5ebe6ccee59) - CNVD漏洞平台 - [ ] [CNVD漏洞周报2026年第3期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247496669&idx=1&sn=bb28f432589cb86f9ac1f9a1e500eacc) - [ ] [上周关注度较高的产品安全漏洞20260119-20260125)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247496669&idx=2&sn=3bdde749cf6d4cef12694e441706e279) - Schneier on Security - [ ] [Ireland Proposes Giving Police New Digital Surveillance Powers](https://www.schneier.com/blog/archives/2026/01/ireland-proposes-giving-police-new-digital-surveillance-powers.html) - ICT Security Magazine - [ ] [Neurodiritti e metaverso: sfide e opportunità per la tutela dei diritti nell’era digitale](https://www.ictsecuritymagazine.com/articoli/neurodiritti/) - [ ] [Shadow IT in sanità: WhatsApp, USB e la resistenza culturale che mette a rischio i dati sanitari](https://www.ictsecuritymagazine.com/articoli/shadow-it/) - The Hacker News - [ ] [Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware](https://thehackernews.com/2026/01/indian-users-targeted-in-tax-phishing.html) - [ ] [Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code](https://thehackernews.com/2026/01/malicious-vs-code-ai-extensions-with-15.html) - [ ] [⚡ Weekly Recap: Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More](https://thehackernews.com/2026/01/weekly-recap-firewall-flaws-ai-built.html) - [ ] [Winning Against AI-Based Attacks Requires a Combined Defensive Approach](https://thehackernews.com/2026/01/winning-against-ai-based-attacks.html) - [ ] [Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers](https://thehackernews.com/2026/01/konni-hackers-deploy-ai-generated.html) - Trend Micro Research, News and Perspectives - [ ] [PeckBirdy: A Versatile Script Framework for LOLBins Exploitation Used by China-aligned Threat Groups](https://www.trendmicro.com/en_us/research/26/a/peckbirdy-script-framework.html) - The Register - Security - [ ] [Canva among ~100 targets of ShinyHunters Okta identity-theft campaign](https://go.theregister.com/feed/www.theregister.com/2026/01/26/shinyhunters_okta_sso_campaign/) - [ ] [EU looking into Elon Musk's X after Grok produces deepfake sex images](https://go.theregister.com/feed/www.theregister.com/2026/01/26/ec_open_new_investigation_into/) - [ ] [Data thieves borrow Nike's 'Just Do It' mantra, claim they ran off with 1.4TB](https://go.theregister.com/feed/www.theregister.com/2026/01/26/data_thieves_claim_nike_data_haul/) - [ ] [Moscow likely behind wiper attack on Poland’s power grid, experts say](https://go.theregister.com/feed/www.theregister.com/2026/01/26/moscow_likely_behind_wiper_attack/) - [ ] [Oracle AI sailed the world on Royal Navy flagship via cloud-at-the-edge kit](https://go.theregister.com/feed/www.theregister.com/2026/01/26/royal_navy_oracle_ai/) - [ ] [UK digital ID goes in-house, government swears it isn't an ID card](https://go.theregister.com/feed/www.theregister.com/2026/01/26/digital_id_costs/) - NetSPI - [ ] [Why Your Security Program Needs Domain Monitoring](https://www.netspi.com/blog/executive-blog/attack-surface-management/why-your-security-program-needs-domain-monitoring/) - TG Soft Software House - News - [ ] [<strong>Vir.IT eXplorer PRO</strong> si riconferma prodotto certificato da <strong>VB100 </strong>superando con il <strong>grado A</strong> il test <strong>VB100 2026-01</strong> su Win 11 PRO...](http://www.tgsoft.it/italy/news_archivio.asp?id=1710) - [ ] [<strong>Vir.IT eXplorer PRO</strong><strong> </strong>supera con il massimo risultato, l'ultimo <strong>test</strong> effettuato a<strong> Dicembre 2025</strong> da <strong>AppEsteem </strong>per i <strong>prodotti AV DeceptorFighters</strong>](http://www.tgsoft.it/italy/news_archivio.asp?id=1709) - Security Affairs - [ ] [Emergency Microsoft update fixes in-the-wild Office zero-day](https://securityaffairs.com/187349/hacking/emergency-microsoft-update-fixes-in-the-wild-office-zero-day.html) - [ ] [ShinyHunters claims 2 Million Crunchbase records; company confirms breach](https://securityaffairs.com/187340/data-breach/shinyhunters-claims-2-million-crunchbase-records-company-confirms-breach.html) - [ ] [Energy sector targeted in multi-stage phishing and BEC campaign using SharePoint](https://securityaffairs.com/187332/cyber-crime/energy-sector-targeted-in-multi-stage-phishing-and-bec-campaign-using-sharepoint.html) - [ ] [North Korea–linked KONNI uses AI to build stealthy malware tooling](https://securityaffairs.com/187317/apt/north-korea-linked-konni-uses-ai-to-build-stealthy-malware-tooling.html) - [ ] [Russia-linked Sandworm APT implicated in major cyber attack on Poland’s power grid](https://securityaffairs.com/187309/breaking-news/russia-linked-sandworm-apt-implicated-in-major-cyber-attack-on-polands-power-grid.html) - TorrentFreak - [ ] [Aylo Wins $90 Million Default Judgment Against Porn Piracy Network](https://torrentfreak.com/aylo-wins-90-million-default-judgment-against-porn-piracy-network/) - Your Open Hacker Community - [ ] [Bypass WPA2](https://www.reddit.com/r/HowToHack/comments/1qnsgxa/bypass_wpa2/) - [ ] [Alternatives to Burpsuite for android apps?](https://www.reddit.com/r/HowToHack/comments/1qn40ch/alternatives_to_burpsuite_for_android_apps/) - Information Security - [ ] [AI is no longer a “future” cyber risk. It’s already the fastest-growing one.](https://www.reddit.com/r/Information_Security/comments/1qnkbud/ai_is_no_longer_a_future_cyber_risk_its_already/) - Deep Web - [ ] [Is tor.li legit?](https://www.reddit.com/r/deepweb/comments/1qngqst/is_torli_legit/) - netsecstudents: Subreddit for students studying Network Security and its related subjects - [ ] [Looking for feedback on a student project about honeypots & attack analysis](https://www.reddit.com/r/netsecstudents/comments/1qnlzqr/looking_for_feedback_on_a_student_project_about/) - [ ] [Passed CEH 🎉 Scored 106/125 – My Exam Experience](https://www.reddit.com/r/netsecstudents/comments/1qnvtht/passed_ceh_scored_106125_my_exam_experience/) - [ ] [Final year project request: Wi-Fi security / vulnerability scanner (ready project or repo)](https://www.reddit.com/r/netsecstudents/comments/1qnhpzz/final_year_project_request_wifi_security/) - [ ] [Final year project suggestions](https://www.reddit.com/r/netsecstudents/comments/1qnu1vm/final_year_project_suggestions/) - [ ] [Best laptop for 1500 for networking and cybersecurity student](https://www.reddit.com/r/netsecstudents/comments/1qnr8tf/best_laptop_for_1500_for_networking_and/) - Blackhat Library: Hacking techniques and research - [ ] [Hacking-Cheatsheets](https://www.reddit.com/r/blackhat/comments/1qncdlm/hackingcheatsheets/) - [ ] [ClawdBot: The New Primary Target for Infostealers in the AI Era](https://www.reddit.com/r/blackhat/comments/1qnn90n/clawdbot_the_new_primary_target_for_infostealers/) - Technical Information Security Content & Discussion - [ ] [/r/netsec's Q1 2026 Information Security Hiring Thread](https://www.reddit.com/r/netsec/comments/1qn22ig/rnetsecs_q1_2026_information_security_hiring/) - [ ] [Bypassing Windows Administrator Protection](https://www.reddit.com/r/netsec/comments/1qnnddx/bypassing_windows_administrator_protection/) - [ ] [After reporting vulnerabilities found in MDT, Microsoft chose to retire the service rather than fix the issues... Admins should follow the defensive recommendations to mitigate the issues if they choose to continue using the software or can’t migrate to a different solution.](https://www.reddit.com/r/netsec/comments/1qng5ag/after_reporting_vulnerabilities_found_in_mdt/) - [ ] [Kubernetes Remote Code Execution Via Nodes/Proxy GET Permission](https://www.reddit.com/r/netsec/comments/1qns6o2/kubernetes_remote_code_execution_via_nodesproxy/) - [ ] ["Open sesame": Critical vulnerabilities in dormakaba physical access control system enable unlocking arbitrary doors](https://www.reddit.com/r/netsec/comments/1qncvtn/open_sesame_critical_vulnerabilities_in_dormakaba/) - [ ] [AI Finds Vulnerability Chain Leading to Account Takeover and Leaked Bookings](https://www.reddit.com/r/netsec/comments/1qngdlq/ai_finds_vulnerability_chain_leading_to_account/) - Computer Forensics - [ ] [Speech Enhancement for Noisy Outdoor CCTV Audio](https://www.reddit.com/r/computerforensics/comments/1qnssoz/speech_enhancement_for_noisy_outdoor_cctv_audio/) - [ ] [BAM, Prefetch, Amcache, and Shimcache in identifying stealth software](https://www.reddit.com/r/computerforensics/comments/1qnnaev/bam_prefetch_amcache_and_shimcache_in_identifying/) - [ ] [Experience](https://www.reddit.com/r/computerforensics/comments/1qn49k7/experience/) - Krebs on Security - [ ] [Who Operates the Badbox 2.0 Botnet?](https://krebsonsecurity.com/2026/01/who-operates-the-badbox-2-0-botnet/) - Project Zero - [ ] [Bypassing Windows Administrator Protection](https://projectzero.google/2026/26/windows-administrator-protection.html)
每日安全资讯(2026-01-27)