# 每日安全资讯(2026-03-28) - Doonsec's feed - [ ] [「猎影」正式官宣:让每一个白帽都能轻松挖洞,效率提升10倍的渗透测试平台](https://mp.weixin.qq.com/s/8eHAx8n--NVakqBl1POvkw) - [ ] [WebRTC型支付盗刷脚本技术分析](https://mp.weixin.qq.com/s/PPfGdU2Coc2ABE9tytCbPQ) - [ ] [一次外挂程序的分析-Bypass](https://mp.weixin.qq.com/s/GhUwp_kkpsoPRDGmkTiFCg) - [ ] [CyberStrikeAI 上新:Burp Suite 插件来了(后附群二维码)](https://mp.weixin.qq.com/s/d8d0QsGtGcG3ZNQqgmmLig) - [ ] [Anthropic 意外泄露了他们的下一个怪物:Claude Mythos](https://mp.weixin.qq.com/s/iK2vbfOktcR3_DCp3qNLXg) - [ ] [基于AI模型的自然语言编程](https://mp.weixin.qq.com/s/PhrBBU7YMr9DpBzhaum9vw) - [ ] [AI时代,为什么说Skills是未来?](https://mp.weixin.qq.com/s/hV6l-m0uyL1YrNjGIpGmzA) - [ ] [FireKylin:一款开源安全应急响应系统痕迹采集工具](https://mp.weixin.qq.com/s/NYeNiB8LQdxF5K6uz8UmIw) - [ ] [HiClaw 本周进展周报](https://mp.weixin.qq.com/s/SzMl1YDnUQTSD2akDf4GZA) - [ ] [全国50城巡装加速!360安全龙虾巡装宁波站圆满收官](https://mp.weixin.qq.com/s/XLfAr_nAmoTyO_RHyvfLFA) - [ ] [暗网付费帖子解锁(第九期)](https://mp.weixin.qq.com/s/blyYn-MB-s4nAJiSNSLcDA) - [ ] [实测首发!国内某AI存在欺骗性愉悦越狱](https://mp.weixin.qq.com/s/7GU-L_NdQO9i6KZmSsDJBA) - [ ] [字节反腐:65人被开、7人或入狱](https://mp.weixin.qq.com/s/j-wW4zlE1SDJ1N135B33FA) - [ ] [WuRen-MVP——ai渗透测试系统(可结合kali)](https://mp.weixin.qq.com/s/p7KeCa4_JxUF1rl0CjPPQA) - [ ] [superSearchPlus:浏览器即开即用的资产收集利器插件](https://mp.weixin.qq.com/s/6qTSF6hoPslupsBL1icbXQ) - [ ] [Burp插件:全自动API接口挖掘与测试利器](https://mp.weixin.qq.com/s/sO1OD9FKHFRSNbJtSIKoBQ) - [ ] [热点追踪:Handala黑客组织入侵FBI局长Kash Patel个人邮箱事件简析](https://mp.weixin.qq.com/s/w82kmf-74-wfneHCtRw8ig) - [ ] [第一届 Polaris CTF 招新赛官方章程修订版](https://mp.weixin.qq.com/s/dL7_Cl-mWxbl4X13NUCpZQ) - [ ] [开源情报(OSINT):车辆调查的工具与技术](https://mp.weixin.qq.com/s/XDDiz83Yf79d9w2rzq4ssA) - [ ] [Python 入门第三课:让程序\"开口说话\":90% 新手都忽略的输入输出技巧](https://mp.weixin.qq.com/s/3SmDQEia--aZIh6y_YBG3A) - [ ] [作为开发人员,你更喜欢哪种数据库?](https://mp.weixin.qq.com/s/dBB3UqlVR9v6mRZk7EJ3-w) - [ ] [听说,薅到羊毛的朋友都笑了,你怎么还不来?](https://mp.weixin.qq.com/s/2O2TBj6sTxwBnKuwFw0E4Q) - [ ] [持证+提效双收获!4月《AI系统应用》专项职业能力认定火热开班](https://mp.weixin.qq.com/s/DE2oFY8iXHNC_cD_IeMeZw) - [ ] [记一次基于Fastjson反序列化内存马应急指导](https://mp.weixin.qq.com/s/X55BW34OuB1AKrbOQE_42A) - [ ] [大模型为什么会出现幻觉](https://mp.weixin.qq.com/s/SFi9PIUoAwRK02Eb-AfvDA) - [ ] [杭州百名巾帼风采榜揭晓,虎符网络顾春辉凭数字安全实力登榜,彰显 “她” 力量](https://mp.weixin.qq.com/s/QyLI7KfTUXoocqQJU3Giow) - [ ] [盗走近亿美金的黑客,我们击穿了 Tornado Cash —— 找到你了](https://mp.weixin.qq.com/s/7SMHKiW0RFmHDL0BcAD1qQ) - [ ] [ProductHunt 上值得一试的热门新工具](https://mp.weixin.qq.com/s/mU98IfMLCrs5M26jErgMhQ) - [ ] [Apifox 供应链投毒攻击全流程技术拆解](https://mp.weixin.qq.com/s/vdL5ktawRbWohqfQ2FHJ2A) - [ ] [麦肯锡观点:2026年全球竞争新赛道](https://mp.weixin.qq.com/s/KhNWWYFDWP3vCgh9_Uf3cQ) - [ ] [信息安全漏洞周报【第067期】](https://mp.weixin.qq.com/s/4gQuOELNxWHLo839uL37MQ) - [ ] [创信资讯丨《四川省医疗机构信息系统商用密码应用建设与评估团体标准》编制工作会顺利召开](https://mp.weixin.qq.com/s/QoZFpGc-Tc0mqmVbKgD9rg) - [ ] [奇安信集团与华勤技术达成战略合作](https://mp.weixin.qq.com/s/0l4cntFpcPPb2-0sx_jGBA) - [ ] [热搜刷屏!洗澡时人脸识别会被“看光”?奇安信洞鉴专家为您硬核揭秘!](https://mp.weixin.qq.com/s/53VoFxEF2cBdQX4TCPiQOA) - [ ] [拥抱AI·赋能未来——企业员工AI素养提升特训营全国招募正式启动](https://mp.weixin.qq.com/s/AvWF3nKPeGYONtEj0hgb7g) - [ ] [如何解决OpenClaw权限“Open”、数据“可捞”等安全大难题](https://mp.weixin.qq.com/s/CBKh1Ij2kvB__qyIfSqN0A) - [ ] [【GDPS 2026春·上海】OpenClaw安全合规工作坊](https://mp.weixin.qq.com/s/XZl4pcu1TxcNdw4THTxGMw) - [ ] [免费赠送 | 企业办公安全意识培训科普素材(第二十期)](https://mp.weixin.qq.com/s/n3NkZ_gc5THFMYjKv8NQSw) - [ ] [重庆农商行实施“人工智能+”行动,将打造一批AI智能体试点应用场景](https://mp.weixin.qq.com/s/SlBmB1yU91ftl4XVwFvL9A) - [ ] [AI快讯:工信部发8项人工智能行业标准,蚂蚁数科推百灵企业版金融大模型](https://mp.weixin.qq.com/s/Lhnyp7Z7L6r-t9RLthFoUQ) - [ ] [45万!金融不良资产管理的数字化转型及AI技术的创新应用课题研究服务项目](https://mp.weixin.qq.com/s/ZzvgiAgCydorxzvuMIxRnQ) - [ ] [锚定世界一流安全运营中心 中资网安人工智能工作专班成立](https://mp.weixin.qq.com/s/Fa-UvJsrbcaNtOYc16964w) - [ ] [热点速览 | 每周网安大事件(20260316-20260322)](https://mp.weixin.qq.com/s/S6mQftqXaHLY9CJI2LjF4w) - [ ] [比Burp轻便,比HackBar强大!Hx0鹰眼:一款免费的轻量级浏览器抓包与安全分析插件](https://mp.weixin.qq.com/s/ald2oGTnzOXf8JIuaSCqYw) - [ ] [THE CAR HACKER’S HANDBOOK 第三章与第四章解读](https://mp.weixin.qq.com/s/-rRPURbNyA_eg7eL8Jg98A) - [ ] [4月2日-参会指南| 第九届CSA大中华区大会·前沿人工智能安全峰会](https://mp.weixin.qq.com/s/uzk7nekdCxtd_IMKtDdJKw) - [ ] [新的 Windows 错误报告漏洞允许攻击者升级以获得系统访问权限](https://mp.weixin.qq.com/s/IyAA2ODg1nY1u8XQyEdtWA) - [ ] [Burpsuite-MCP,使用大模型挖漏洞做赛题,最详细教学来了](https://mp.weixin.qq.com/s/FYOdgoWKCIrGWMO4CZja_A) - [ ] [十九载深耕铸剑,绿盟科技携AI安全全景方案亮相2026 RSAC](https://mp.weixin.qq.com/s/KsXFhAbevU9iOojkxFgKQw) - [ ] [热潮不落幕,安全再出发!美国2026 RSA热点研讨暨第十八届信息安全高级论坛定档4月9日](https://mp.weixin.qq.com/s/b2N4K76qwNHK2s4sTwapww) - [ ] [KAT-Coder-Pro V2:玩转龙虾,吃透美学](https://mp.weixin.qq.com/s/VDDLe6-c4A_Bx3tFH7VS0Q) - [ ] [观点 | 爆火的“龙虾”OpenClaw,正在把你的隐私“生吞活剥”](https://mp.weixin.qq.com/s/msdlCjhNlVwC7F7kVJ8Tag) - [ ] [工信部丨关于做好2026年信息通信业安全生产和网络运行安全工作的通知](https://mp.weixin.qq.com/s/bFwDy5G0gr3FLUaCe30ysw) - [ ] [烽火狼烟丨暗网数据及攻击威胁情报分析周报(03/23-03/27)](https://mp.weixin.qq.com/s/YUaLOYUaL5q4eaJcKaq-lQ) - [ ] [网络安全信息与动态周报2026年第12期(3月16日-3月22日)](https://mp.weixin.qq.com/s/txjjpREM2lET0VDgzQHd5Q) - [ ] [小程序挖掘技巧&&某证书站案例分享](https://mp.weixin.qq.com/s/imt-XjvVbHnEcdsSAAme9g) - [ ] [OpenAI重金悬赏AI滥用漏洞,50%复现即算有效](https://mp.weixin.qq.com/s/Z0Szj4BBrPIeAHVh0ZucRw) - [ ] [Claude浏览器扩展漏洞允许通过任意网站实现零点击XSS提示注入](https://mp.weixin.qq.com/s/ujz2zjQP_hb6drRwCi6i5g) - [ ] [新型开源供应链攻击,虚假npm安装日志暗藏RAT木马](https://mp.weixin.qq.com/s/kAi3ueHFGINskU24SXMZEA) - [ ] [思科安全防火墙漏洞可导致攻击者以root权限远程执行代码](https://mp.weixin.qq.com/s/iINM32Qqy-AX0CDdTouFIw) - [ ] [从Trivy被劫持到LiteLLM投毒:一场横跨多项目的有组织供应链攻击](https://mp.weixin.qq.com/s/bG62FbTyIllXv_rNrHRJtQ) - [ ] [活动预告丨冰城虾友沙龙哈工大专场来啦](https://mp.weixin.qq.com/s/GOgIHemS1SxH7Jx2S7uf_w) - [ ] [威胁通缉令 · 方块K丨Akira(调整)](https://mp.weixin.qq.com/s/fsFp6N5Pgpchq1wmRSoBPg) - [ ] [手游逆向全流程复盘:从 IL2CPP Dump 到 TCP 握手协议还原](https://mp.weixin.qq.com/s/tgcuPXdNB431uZE0xht8Qw) - [ ] [新型“PXA”窃密木马来袭:专盯银行与加密货币,邮件是主要传播途径](https://mp.weixin.qq.com/s/4y79248cKezOl8w9_EmksQ) - [ ] [Linux pwn 探索篇](https://mp.weixin.qq.com/s/SGDL_gpxmJmdttKPQtTlmw) - [ ] [AI被人下蛊了!这6个漏洞比你想的恐怖100倍](https://mp.weixin.qq.com/s/x316x2uD8v0ql8Vn2yvjug) - [ ] [【公益译文】2026年国际AI安全报告(二)](https://mp.weixin.qq.com/s/5p0UlsNstxL3-UMYlu09Bg) - [ ] [深耕信创商密路 实干担当践初心 —— 优秀党员何瑞婷的个人事迹](https://mp.weixin.qq.com/s/xDf9h90njKR6bj1eGXXywA) - [ ] [当“龙虾”接管Shell:AI Agent 致命利用链剖析与防御体系构建指南](https://mp.weixin.qq.com/s/no47c4sXZ5TkTZ6dEWLFoA) - [ ] [【热点】从LiteLLM到Apifox:AI供应链投毒背后的工具链信任危机](https://mp.weixin.qq.com/s/tBcU3oNRdP8AJAelfMp2sg) - [ ] [360龙虾卫士沙箱:为OpenClaw打造专属安全运行舱](https://mp.weixin.qq.com/s/Lt3oKn2IkYjUMmNxi49ejQ) - [ ] [OpenAI 发布AI安全漏洞奖励计划](https://mp.weixin.qq.com/s/jJrwgDN6rC3q2beEG-LhpQ) - [ ] [美国 FCC 以国家安全为由,禁用外国生产的新路由器](https://mp.weixin.qq.com/s/v7ox6EisGwzRYzKzlN6qWg) - [ ] [20小时即被武器化!Langflow致命漏洞CVE-2026-33017](https://mp.weixin.qq.com/s/WaIPXsW3f201ppHlgvsaSA) - [ ] [环球财经丨低开趋稳的2025与渐进重塑的2026:中美经贸关系年度回顾与展望](https://mp.weixin.qq.com/s/tA7Bt6DtmFkjT1yMA_LxwA) - [ ] [美国情报界制定AI应用框架,强化敏感信息防护与情报分析效能](https://mp.weixin.qq.com/s/-0uP6LXLx9VmSbrHpqpOtg) - [ ] [2026年3月:AI供应链投毒的三声枪响](https://mp.weixin.qq.com/s/Fukn4IgCgJv9ZEIBb7kRuA) - [ ] [单文件过360核晶&Defender,深度解密 PE Fluctuation 内存波动加密技术](https://mp.weixin.qq.com/s/dUTEykB-mXqpcxn1UMOqDw) - [ ] [LiteLLM供应链投毒事件解析:攻击链、应急处置](https://mp.weixin.qq.com/s/1h_TPx0IUln0yYurWFBb-w) - [ ] [信息安全漏洞预警(2026年3月23日-3月27日)](https://mp.weixin.qq.com/s/jnk0D6FlxLlVohP2gQ9oDw) - [ ] [精准定位,从wifi缺口锁定目标主机](https://mp.weixin.qq.com/s/CN3oiDBRTlLpmU5parByxg) - [ ] [【免费领】全网收录最全:Web漏洞检测及修复方案手册](https://mp.weixin.qq.com/s/ESMm3b6D5ji3U3ABhFxHbQ) - [ ] [龙王 claw 自动化审计 0day 挑战直播来袭!](https://mp.weixin.qq.com/s/fhPtLqJLKbzQMhtR-K9yYg) - [ ] [骂消费者是“狗”?罗技道歉了,但网友不买账!](https://mp.weixin.qq.com/s/HKk-jqcwgm_3HdKNy2ynrw) - [ ] [一吨旧手机真能提炼200克黄金 背后的商机你看懂了吗](https://mp.weixin.qq.com/s/PZCufAD2L6ymGuDBYQJZqQ) - [ ] [全国中小学生安全教育日|网警护未来,清朗伴青春](https://mp.weixin.qq.com/s/-GNIBPqCV-XLLgawfhRl7Q) - [ ] [数据流通利用场景下的数据安全治理研究](https://mp.weixin.qq.com/s/q4nj9ElLEDX04L7WusMAlg) - [ ] [人脸认证时一定要穿衣服!人脸识别究竟识别了什么?专家详解](https://mp.weixin.qq.com/s/BuXTyHtSMM89JQsGAIPxhQ) - [ ] [2025年居民数字消费规模达25.3万亿元](https://mp.weixin.qq.com/s/utPKOS4mE3sbBFeLRxfBlA) - [ ] [每周勒索威胁摘要](https://mp.weixin.qq.com/s/jMmanWhdsm3NN5QjAzCqNw) - [ ] [向AI·茁壮生长:与C3开启万物智能的时代](https://mp.weixin.qq.com/s/ykenROOFrDSThmi_HPEARg) - [ ] [我买了台白菜价云服务器,黑客看了直摇头](https://mp.weixin.qq.com/s/ceupijOo4IPLeRJx0BZH6g) - [ ] [工信部征集大模型安全标准意见,AI安全规范加速](https://mp.weixin.qq.com/s/wqyLyA0aEw3LSN0XOPcbuQ) - [ ] [移动时代](https://mp.weixin.qq.com/s/sRpUDkrk4rMdy4l7FcaewQ) - [ ] [MemShellParty:一键生成 Java 内存马的攻防利器](https://mp.weixin.qq.com/s/6tLA6vBQmTPrqcuUEDKp4Q) - [ ] [工业领域数据保护与安全测评工信部重点实验室第一届学术委员会第三次会议成功召开](https://mp.weixin.qq.com/s/K2W3-fTInNB-ch0nfRmYVw) - [ ] [南京市建邺区委书记姜宸一行到访安博通](https://mp.weixin.qq.com/s/Hli9TO4gDfz7ku3u9oEKPQ) - [ ] [网络安全和Capybara](https://mp.weixin.qq.com/s/Y799n7jZdwtQAbn3VwLD3g) - [ ] [AI地狱笑话](https://mp.weixin.qq.com/s/cQrkV4pLS5dgfhIVKXd2aQ) - [ ] [校企携手护航网络安全未来 郑州科技学院学子走进信安世纪开展认知实习](https://mp.weixin.qq.com/s/PsNcnODzgtdFBm-Jv2_psg) - [ ] [等保标准扩展丨数据安全系列公安行标解析(二)](https://mp.weixin.qq.com/s/uG4nimHPWVscO2cDNeNmuA) - [ ] [火绒小问答——「企业版」终端未连接中心](https://mp.weixin.qq.com/s/-SUauBhqlgmXD2g6td2ENg) - [ ] [【火绒安全周报】Token有中文名了/马自达披露数据泄露事件](https://mp.weixin.qq.com/s/xHWPOUxSr9frZ4rmE5__gQ) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s/C5AQnKYesBC2NTt9VQi_Rw) - [ ] [PHP反序列化之字符逃逸](https://mp.weixin.qq.com/s/ZgJXp7wzO1ssB9PeEmtsPQ) - SecWiki News - [ ] [SecWiki News 2026-03-27 Review](http://www.sec-wiki.com/?2026-03-27) - 安全客-有思想的安全新媒体 - [ ] [科技云报到:“龙虾”入笼:为何金融行业不敢“养”?](https://www.anquanke.com/post/id/315234) - obaby 𝐢𝐧⃝ void - [ ] [简单的快乐](https://zhongxiaojie.cn/2026/03/714/) - No Headback - [ ] [AI 推广、工贼与囚徒困境](http://xargin.com/ai-tui-yan-gong-zei-yu-qiu-tu-kun-jing/) - Private Feed for M09Ic - [ ] [anthropics released v2.1.86 at anthropics/claude-code](https://github.com/anthropics/claude-code/releases/tag/v2.1.86) - [ ] [bolucat released 202603272003 at bolucat/Archive](https://github.com/bolucat/Archive/releases/tag/202603272003) - [ ] [wuhan005 starred frederica-security/nasdq_dca_strategy](https://github.com/frederica-security/nasdq_dca_strategy) - [ ] [Rvn0xsy starred ChoiSG/SharpSilentChrome](https://github.com/ChoiSG/SharpSilentChrome) - [ ] [PrefectHQ released 3.6.24 at PrefectHQ/prefect](https://github.com/PrefectHQ/prefect/releases/tag/3.6.24) - [ ] [esrrhs starred Tiny-C-Compiler/tinycc-mirror-repository](https://github.com/Tiny-C-Compiler/tinycc-mirror-repository) - [ ] [shmilylty starred zgsm-ai/costrict](https://github.com/zgsm-ai/costrict) - [ ] [Ridter forked Ridter/ctf-skills from ljagiello/ctf-skills](https://github.com/Ridter/ctf-skills) - [ ] [Ridter starred ljagiello/ctf-skills](https://github.com/ljagiello/ctf-skills) - [ ] [0xbug starred streamlit/agent-skills](https://github.com/streamlit/agent-skills) - [ ] [FunnyWolf starred elastic/agent-skills](https://github.com/elastic/agent-skills) - [ ] [Ridter starred traefik/traefik](https://github.com/traefik/traefik) - [ ] [mgeeky starred Bambu-Research-Group/RFID-Tag-Guide](https://github.com/Bambu-Research-Group/RFID-Tag-Guide) - [ ] [niudaii starred 3stoneBrother/code-audit](https://github.com/3stoneBrother/code-audit) - [ ] [PrefectHQ released 3.6.24.dev5 at PrefectHQ/prefect](https://github.com/PrefectHQ/prefect/releases/tag/3.6.24.dev5) - [ ] [gh0stkey starred openchamber/openchamber](https://github.com/openchamber/openchamber) - [ ] [Rvn0xsy starred liukunup/vibe-kanban-in-docker](https://github.com/liukunup/vibe-kanban-in-docker) - [ ] [Ridter starred mvanhorn/last30days-skill](https://github.com/mvanhorn/last30days-skill) - [ ] [niudaii starred ImCoriander/ZeroEye](https://github.com/ImCoriander/ZeroEye) - [ ] [gh0stkey starred superset-sh/superset](https://github.com/superset-sh/superset) - [ ] [zeroclaw-labs released v0.6.5 at zeroclaw-labs/zeroclaw](https://github.com/zeroclaw-labs/zeroclaw/releases/tag/v0.6.5) - [ ] [pydantic released v1.73.0 at pydantic/pydantic-ai](https://github.com/pydantic/pydantic-ai/releases/tag/v1.73.0) - [ ] [zema1 starred ryfineZ/codex-session-patcher](https://github.com/ryfineZ/codex-session-patcher) - [ ] [gh0stkey starred winfunc/opcode](https://github.com/winfunc/opcode) - [ ] [niudaii starred karpathy/autoresearch](https://github.com/karpathy/autoresearch) - [ ] [rabbitmask made this repository public](https://github.com/rabbitmask/libra-pro-docker) - Microsoft Security Blog - [ ] [How Microsoft Defender protects high-value assets in real-world attack scenarios](https://www.microsoft.com/en-us/security/blog/2026/03/27/microsoft-defender-protects-high-value-assets/) - Recent Commits to cve:main - [ ] [Update Fri Mar 27 11:11:10 UTC 2026](https://github.com/trickest/cve/commit/f012a1170aafab1deb25453b9a4e14c81edc0cfa) - ElcomSoft blog - [ ] [Arrested by AI](https://blog.elcomsoft.com/2026/03/arrested-by-an-algorithm/) - Objective-See's Blog - [ ] [ClickFix: Stopped at ⌘+V](https://objective-see.org/blog/blog_0x86.html) - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com - [ ] [无人机企业总工办公室查出窃听器](https://www.4hou.com/posts/gyBr) - [ ] [嘶吼安全动态|国家安全部提示:谨防深度伪造魔改陷阱 Forescout发布2026高风险连接设备报告](https://www.4hou.com/posts/jBGy) - Bug Bounty in InfoSec Write-ups on Medium - [ ] [Microsoft Authenticator’s Unclaimed Deep Link: A Full Account Takeover Story (CVE-2026–26123)](https://infosecwriteups.com/microsoft-authenticators-unclaimed-deep-link-a-full-account-takeover-story-cve-2026-26123-e0409a920a02?source=rss----7b722bfd1b8d--bug_bounty) - [ ] [Finding XSS Through HTML Injection — Without Fuzzing Tools](https://infosecwriteups.com/finding-xss-through-html-injection-without-fuzzing-tools-56e12143aff7?source=rss----7b722bfd1b8d--bug_bounty) - VMRay - [ ] [Strategic Decisions for CISOs: Part 2: Why Deployment Strategy Just Became Strategic](https://www.vmray.com/strategic-decisions-for-cisos-part-2-why-deployment-strategy-just-became-strategic/) - [ ] [Strategic Decisions for CISOs: Part 1: The Core Competence Missing in Email, EDR and Threat Intel](https://www.vmray.com/strategic-decisions-for-cisos-part-1-the-core-competence-missing-in-email-edr-and-threat-intel/) - [ ] [Malware & Phishing Threat Landscape Report – 2025/2](https://www.vmray.com/malware-phishing-threat-landscape-report-2025-2/) - NVISO Labs - [ ] [Why the pentesting playbook doesn’t fit: belief, assumptions, and non-determinism](https://blog.nviso.eu/2026/03/27/why-the-pentesting-playbook-doesnt-fit-belief-assumptions-and-non-determinism/) - SentinelOne - [ ] [The Good, the Bad and the Ugly in Cybersecurity – Week 13](https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-13-7/) - Intigriti - [ ] [Intigriti Bug Bytes #234 - March 2026 🚀](https://www.intigriti.com/researchers/blog/bug-bytes/intigriti-bug-bytes-234-march-2026) - Malwarebytes - [ ] [Criminals are renting virtual phones to bypass bank security](https://www.malwarebytes.com/blog/news/2026/03/criminals-are-renting-virtual-phones-to-bypass-bank-security) - [ ] [Bogus Avast website fakes virus scan, installs Venom Stealer instead](https://www.malwarebytes.com/blog/threat-intel/2026/03/bogus-avast-website-fakes-virus-scan-installs-venom-stealer-instead) - 绿盟科技技术博客 - [ ] [绿盟NF防火墙:筑牢OpenClaw安全防线,构筑AI时代安全基石](https://blog.nsfocus.net/%e7%bb%bf%e7%9b%9fnf%e9%98%b2%e7%81%ab%e5%a2%99%ef%bc%9a%e7%ad%91%e7%89%a2openclaw%e5%ae%89%e5%85%a8%e9%98%b2%e7%ba%bf%ef%bc%8c%e6%9e%84%e7%ad%91ai%e6%97%b6%e4%bb%a3%e5%ae%89%e5%85%a8%e5%9f%ba/) - [ ] [国际认可 | 深化威胁情报与AI融合创新,绿盟科技助力应对各类威胁挑战](https://blog.nsfocus.net/%e5%9b%bd%e9%99%85%e8%ae%a4%e5%8f%af-%e6%b7%b1%e5%8c%96%e5%a8%81%e8%83%81%e6%83%85%e6%8a%a5%e4%b8%8eai%e8%9e%8d%e5%90%88%e5%88%9b%e6%96%b0%ef%bc%8c%e7%bb%bf%e7%9b%9f%e7%a7%91%e6%8a%80%e5%8a%a9/) - [ ] [权威发布 | 绿盟科技参编工业和信息化蓝皮书,以实践书写工控安全新答卷](https://blog.nsfocus.net/%e6%9d%83%e5%a8%81%e5%8f%91%e5%b8%83-%e7%bb%bf%e7%9b%9f%e7%a7%91%e6%8a%80%e5%8f%82%e7%bc%96%e5%b7%a5%e4%b8%9a%e5%92%8c%e4%bf%a1%e6%81%af%e5%8c%96%e8%93%9d%e7%9a%ae%e4%b9%a6%ef%bc%8c%e4%bb%a5-2/) - [ ] [OpenClaw安全实战系列二:白名单也防不住?复盘CVE-2026-28363授权绕过全过程](https://blog.nsfocus.net/openclaw%e5%ae%89%e5%85%a8%e5%ae%9e%e6%88%98%e7%b3%bb%e5%88%97%e4%ba%8c%ef%bc%9a%e7%99%bd%e5%90%8d%e5%8d%95%e4%b9%9f%e9%98%b2%e4%b8%8d%e4%bd%8f%ef%bc%9f%e5%a4%8d%e7%9b%98cve-2026-28363%e6%8e%88/) - Offensive Security Blog: Latest Trends in Hacking | Praetorian - [ ] [Your API Has Authorization Bugs. Hadrian Finds Them.](https://www.praetorian.com/blog/hadrian-api-authorization-testing/) - [ ] [Reflecting on Your Tier Model: CVE-2025-33073 and the One-Hop Problem](https://www.praetorian.com/blog/cve-2025-33073-ntlm-reflection-one-hop/) - 奇客Solidot–传递最新科技情报 - [ ] [PS5 各型号普涨 100 美元以上](https://www.solidot.org/story?sid=83900) - [ ] [Spotify 寻求安娜的档案赔偿 3 亿美元](https://www.solidot.org/story?sid=83899) - [ ] [哈勃韦伯联合观测土星](https://www.solidot.org/story?sid=83898) - [ ] [法官裁决广告商抵制 X 完全合法](https://www.solidot.org/story?sid=83897) - [ ] [苹果向 FBI 提供用马甲邮箱发出匿名威胁的用户名字](https://www.solidot.org/story?sid=83896) - [ ] [Ubuntu 26.04 LTS Beta 释出](https://www.solidot.org/story?sid=83895) - [ ] [AI 如何削弱我们的判断力](https://www.solidot.org/story?sid=83894) - [ ] [Mozilla 和 Mila 联合推进开源主权 AI](https://www.solidot.org/story?sid=83893) - [ ] [Reddit 开始推出验证用户是否是人类的检查机制](https://www.solidot.org/story?sid=83892) - [ ] [维基百科禁止使用生成式 AI 撰写或改写文章](https://www.solidot.org/story?sid=83891) - [ ] [过度耕作如何削弱土壤](https://www.solidot.org/story?sid=83890) - [ ] [鲸鱼在分娩过程中展开合作](https://www.solidot.org/story?sid=83889) - rtl-sdr.com - [ ] [PhaseLatch: Using a 1970’s Microprocessor Chip with a Modern 20 MSPS ADC](https://www.rtl-sdr.com/phaselatch-using-a-1970s-microprocessor-chip-with-a-modern-20-msps-adc/) - [ ] [DeDECTive: A DECT 6.0 Cordless Phone Scanner and Voice Decoder for the HackRF](https://www.rtl-sdr.com/dedective-a-dect-6-0-cordless-phone-scanner-and-voice-decoder-for-the-hackrf/) - 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台 - [ ] [Webtoon正为其漫画平台增加AI本地化工具](https://blog.upx8.com/Webtoon%E6%AD%A3%E4%B8%BA%E5%85%B6%E6%BC%AB%E7%94%BB%E5%B9%B3%E5%8F%B0%E5%A2%9E%E5%8A%A0AI%E6%9C%AC%E5%9C%B0%E5%8C%96%E5%B7%A5%E5%85%B7) - [ ] [索尼因供应短缺暂时暂停存储卡销售](https://blog.upx8.com/%E7%B4%A2%E5%B0%BC%E5%9B%A0%E4%BE%9B%E5%BA%94%E7%9F%AD%E7%BC%BA%E6%9A%82%E6%97%B6%E6%9A%82%E5%81%9C%E5%AD%98%E5%82%A8%E5%8D%A1%E9%94%80%E5%94%AE) - [ ] [日政府明确最快明年开启飞行汽车商业运航](https://blog.upx8.com/%E6%97%A5%E6%94%BF%E5%BA%9C%E6%98%8E%E7%A1%AE%E6%9C%80%E5%BF%AB%E6%98%8E%E5%B9%B4%E5%BC%80%E5%90%AF%E9%A3%9E%E8%A1%8C%E6%B1%BD%E8%BD%A6%E5%95%86%E4%B8%9A%E8%BF%90%E8%88%AA) - [ ] [索尼将于四月把PS5价格上调100美元](https://blog.upx8.com/%E7%B4%A2%E5%B0%BC%E5%B0%86%E4%BA%8E%E5%9B%9B%E6%9C%88%E6%8A%8APS5%E4%BB%B7%E6%A0%BC%E4%B8%8A%E8%B0%83100%E7%BE%8E%E5%85%83) - [ ] [中国高校采购搭载受限AI芯片的超微服务器](https://blog.upx8.com/%E4%B8%AD%E5%9B%BD%E9%AB%98%E6%A0%A1%E9%87%87%E8%B4%AD%E6%90%AD%E8%BD%BD%E5%8F%97%E9%99%90AI%E8%8A%AF%E7%89%87%E7%9A%84%E8%B6%85%E5%BE%AE%E6%9C%8D%E5%8A%A1%E5%99%A8) - [ ] [Telegram 改善了中文搜索功能。现在搜索中文更为全面。能够正确处理中文分词,搜索到前后没有空格的关键字。TG的搜索亚洲文字的功能饱受诟病,以前仅能搜索到独](https://blog.upx8.com/Telegram-%E6%94%B9%E5%96%84%E4%BA%86%E4%B8%AD%E6%96%87%E6%90%9C%E7%B4%A2%E5%8A%9F%E8%83%BD-%E7%8E%B0%E5%9C%A8%E6%90%9C%E7%B4%A2%E4%B8%AD%E6%96%87%E6%9B%B4%E4%B8%BA%E5%85%A8%E9%9D%A2-%E8%83%BD%E5%A4%9F%E6%AD%A3%E7%A1%AE%E5%A4%84%E7%90%86%E4%B8%AD%E6%96%87%E5%88%86%E8%AF%8D-%E6%90%9C%E7%B4%A2%E5%88%B0%E5%89%8D%E5%90%8E%E6%B2%A1%E6%9C%89%E7%A9%BA%E6%A0%BC%E7%9A%84%E5%85%B3%E9%94%AE%E5%AD%97-TG%E7%9A%84%E6%90%9C%E7%B4%A2%E4%BA%9A%E6%B4%B2%E6%96%87%E5%AD%97%E7%9A%84%E5%8A%9F%E8%83%BD%E9%A5%B1%E5%8F%97%E8%AF%9F%E7%97%85-%E4%BB%A5%E5%89%8D%E4%BB%85%E8%83%BD%E6%90%9C%E7%B4%A2%E5%88%B0%E7%8B%AC) - [ ] [Telegram 改善了中文搜索功能。现在搜索中文更为全面。能够搜索到前后没有空格的关键字。TG的搜索亚洲文字的功能饱受诟病,以前仅能搜索到独立区块的文字,该问](https://blog.upx8.com/Telegram-%E6%94%B9%E5%96%84%E4%BA%86%E4%B8%AD%E6%96%87%E6%90%9C%E7%B4%A2%E5%8A%9F%E8%83%BD-%E7%8E%B0%E5%9C%A8%E6%90%9C%E7%B4%A2%E4%B8%AD%E6%96%87%E6%9B%B4%E4%B8%BA%E5%85%A8%E9%9D%A2-%E8%83%BD%E5%A4%9F%E6%90%9C%E7%B4%A2%E5%88%B0%E5%89%8D%E5%90%8E%E6%B2%A1%E6%9C%89%E7%A9%BA%E6%A0%BC%E7%9A%84%E5%85%B3%E9%94%AE%E5%AD%97-TG%E7%9A%84%E6%90%9C%E7%B4%A2%E4%BA%9A%E6%B4%B2%E6%96%87%E5%AD%97%E7%9A%84%E5%8A%9F%E8%83%BD%E9%A5%B1%E5%8F%97%E8%AF%9F%E7%97%85-%E4%BB%A5%E5%89%8D%E4%BB%85%E8%83%BD%E6%90%9C%E7%B4%A2%E5%88%B0%E7%8B%AC%E7%AB%8B%E5%8C%BA%E5%9D%97%E7%9A%84%E6%96%87%E5%AD%97-%E8%AF%A5%E9%97%AE) - [ ] [奥运会女子项目将仅限生理女性参赛](https://blog.upx8.com/%E5%A5%A5%E8%BF%90%E4%BC%9A%E5%A5%B3%E5%AD%90%E9%A1%B9%E7%9B%AE%E5%B0%86%E4%BB%85%E9%99%90%E7%94%9F%E7%90%86%E5%A5%B3%E6%80%A7%E5%8F%82%E8%B5%9B) - 黑鸟 - [ ] [WebRTC型支付盗刷脚本技术分析](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451185982&idx=1&sn=745f2104597e9c4dbaec7183b18580ef) - 安全分析与研究 - [ ] [白+黑技术与LOLBins——利用合法工具的艺术](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247496613&idx=1&sn=a62d229f9ed405bacd639764c4d481e1) - 威努特安全网络 - [ ] [加拿大发生PB级数据泄露、马自达遭网络攻击|一周特辑](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651141156&idx=1&sn=4f7b51bce0bcf6c7d089a25658ec6287) - 信安之路 - [ ] [新增 APP 小程序的资产管理](https://mp.weixin.qq.com/s?__biz=MzI5MDQ2NjExOQ==&mid=2247500510&idx=1&sn=48e82192088cf9e38b62b28e70b670bc) - 漕河泾小黑屋 - [ ] [谁来保护你的安全设备?](https://mp.weixin.qq.com/s?__biz=MzA4NzQwNzY3OQ==&mid=2247484045&idx=1&sn=aec48523131aeb406b2320a158324613) - 代码卫士 - [ ] [OpenAI 发布AI安全漏洞奖励计划](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247525564&idx=1&sn=87a38b04609d00236ed5984ced8a6243) - [ ] [美国 FCC 以国家安全为由,禁用外国生产的新路由器](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247525564&idx=2&sn=c9dedcf65ac28e4c20916a5920786fe0) - 虎符智库 - [ ] [RSAC 2026:AI SOC从“辅助驾驶”迈入“智能体驱动”时代](https://mp.weixin.qq.com/s?__biz=MzIwNjYwMTMyNQ==&mid=2247493748&idx=1&sn=c30c5bf335ffa7a7da57e8b4e30d6f38) - 安全内参 - [ ] [防范新型网络战!印度启动全国摄像头安全检查行动](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515743&idx=1&sn=e81396fe6b6630f1a92fefce706675f1) - [ ] [美国能源部网络安全机构发布2026至2030财年战略计划](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515743&idx=2&sn=53a993c57fe03b30ab50491020aaf0f2) - 奇安信 CERT - [ ] [今日(2026年3月27日)OpenClaw 最新安全动态总结](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247504877&idx=1&sn=539e230623820b039630ad714f14a78b) - 绿盟科技研究通讯 - [ ] [【公益译文】2026年国际AI安全报告(二)](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247499695&idx=1&sn=cdc1a4dcd4d8e3601611370214f999f9) - 奇安信病毒响应中心 - [ ] [每周勒索威胁摘要](https://mp.weixin.qq.com/s?__biz=MzI5Mzg5MDM3NQ==&mid=2247498589&idx=1&sn=dbd9d5843b5eabdc736f2545b83a18e2) - 先进攻防 - [ ] [AI数据项目翻车的真相:数据原子性和完整性到底有多重要?](https://mp.weixin.qq.com/s?__biz=MzI1MDA1MjcxMw==&mid=2649908868&idx=1&sn=25f1c444ceafee5ebca939f020d2daab) - 天御攻防实验室 - [ ] [使用VPN可能面临美国国家安全局的监视](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486847&idx=1&sn=5fa0a47023da9f92a4d633a71d626850) - 看雪学苑 - [ ] [手游逆向全流程复盘:从 IL2CPP Dump 到 TCP 握手协议还原](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458612683&idx=1&sn=a9bf902f18aadcaafe44d0ef6d6454b2) - [ ] [新型“PXA”窃密木马来袭:专盯银行与加密货币,邮件是主要传播途径](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458612683&idx=2&sn=f67d13c5b0fd10ec57440e1b5eac739b) - [ ] [Linux pwn 探索篇](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458612683&idx=3&sn=2ecb67b436846cedbce3f2136190e96a) - 中国信息安全 - [ ] [论坛·原创 | 构建网络空间命运共同体理念的核心要义与创新发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260716&idx=1&sn=0d130573837a801e3b9194eb8eb15ca2) - [ ] [专家解读 | 坚决打破“数据孤岛” 推动数据的“合理使用”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260716&idx=2&sn=466f67b58e9c54c3ce6b0cf4538dd6bb) - [ ] [专家观点 | 智能经济发展离不开法治护航](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260716&idx=3&sn=b36c2c6c6551d5d72f4729e719c2b29b) - [ ] [前沿 | OpenClaw迅速走红暴露出一系列亟待解决的隐患,多国启动安全治理与风险防控行动](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260716&idx=4&sn=da35242012be49e6904c609e5786f192) - [ ] [评论 | 推动电信网络诈骗治理现代化](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260716&idx=5&sn=9b1c3f123e1f0f7bdf0a098b58540722) - 安全圈 - [ ] [【安全圈】挥刀“斩”Sora!OpenAI在下什么棋](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075124&idx=1&sn=6d5a130aba3df2f86fefb31c0ab72ac3) - [ ] [【安全圈】这个APP突然崩了,官方紧急回应!有人急哭,网友:怀疑过手机都没怀疑你](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075124&idx=2&sn=ed5500dc041df4e01818975c6d1c4cf9) - [ ] [【安全圈】“好评回访” 竟是骗局!8 万条住宿信息遭泄露](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075124&idx=3&sn=6e5970144397a4ca9a54c04763231989) - 奇安信威胁情报中心 - [ ] [每周高级威胁情报解读(2026.03.20~03.26)](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247518151&idx=1&sn=60d84c3bf525ebf55298a09e7af99830) - 猎户攻防实验室 - [ ] [Apifox 供应链投毒安全事件预警与排查](https://mp.weixin.qq.com/s?__biz=MzI1NDg4MTIxMw==&mid=2247486727&idx=1&sn=c7fa3662d38425a18438e180cef12d26) - 安全牛 - [ ] [在智能体人工智能时代构建信任——微软RSAC 2026演讲解读:如何用信任解锁AI潜力](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651140899&idx=1&sn=10c6ebcdb21419717cc9f30373246b17) - [ ] [中央网信办召开全国网络举报工作会议;Google停止接受AI生成的漏洞报告,投资千万美元改善开源安全| 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651140899&idx=2&sn=c5ac08cbf0f6d9d718a2ba13ab43d1d8) - 默安科技 - [ ] [开放试用|“墨子”来了:给每个网安人配一支 AI 安全军团](https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247501794&idx=1&sn=2f5304ec49ed26950aebf01cef1f6f7a) - M01N Team - [ ] [AISS社区案例库开放:欢迎社区共建](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494891&idx=1&sn=fb48fbde89f2d1be8b5a6dd77d35a27a) - [ ] [每周蓝军技术推送(2026.3.21-2026.3.27)](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494891&idx=2&sn=9fea43e1c6cc95791e2f62f236fdb987) - 数世咨询 - [ ] [AI安全调查:用昨天的技术保护今天的智能](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247542257&idx=1&sn=69b3bc433f7814b493493c942eeef29c) - [ ] [2025邮箱安全报告解读|境外攻击激增、弱口令成命门,2026企业如何破局?](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247542257&idx=2&sn=a4a25808bdb4dedb7ab0565a8c2f215d) - [ ] [9600万次下载背后的隐雷:LiteLLM投毒事件与AI供应链的至暗时刻](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247542257&idx=3&sn=12cebd09c3f396928381dcf6b43d666b) - 嘶吼专业版 - [ ] [2025邮箱安全报告解读|境外攻击激增、弱口令成命门,2026企业如何破局?](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247587436&idx=1&sn=98fa4ae577b14969018eacbec38904a7) - [ ] [嘶吼安全动态|国家安全部提示:谨防深度伪造魔改陷阱 Forescout发布2026高风险连接设备报告](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247587436&idx=2&sn=639571beddbc06ac80640edf70c84bdf) - 极客公园 - [ ] [Avata 360,是大疆送给创作者的「新边界」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653102286&idx=1&sn=ebdbc8339dd556adfd3a2cdf11e3c25d) - [ ] [传月之暗面拟赴港IPO;全球首个「AI 失业补助」上线,每月1000 美元;大疆发全景无人机,2788元|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653102155&idx=1&sn=8547ca4f4211c8d1e185624c7f159efd) - 慢雾科技 - [ ] [慢雾:Web3 安全年框服务全面升级](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247504592&idx=1&sn=5b14e6284530b087155c3c9b13b86e3c) - 火绒安全 - [ ] [火绒小问答——「企业版」终端未连接中心](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247531731&idx=1&sn=e7471da981c5577d4eb97c25295b501a) - [ ] [【火绒安全周报】Token有中文名了/马自达披露数据泄露事件](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247531731&idx=2&sn=01b9189a5de29725cbec52112837dcec) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247531731&idx=3&sn=b04a7ea11f1df5abfd051d6ed7ad50b4) - 情报分析师 - [ ] [开源情报不是"上网搜索"那么简单,高手都在用的OSINT五步法到底怎么落地](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650567260&idx=1&sn=b567f7c30ec3b0949cd175cb304e2474) - [ ] [【深度研判】摩萨德波斯语平台化招募核情报模式外溢风险评估](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650567260&idx=2&sn=0bbdec22bd2f3741aeb947364ffdc2a3) - [ ] [五角大楼刚刚签了一份"永久保票"——让Palantir成为美军的AI大脑](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650567260&idx=3&sn=ae4e4980c9c91b3970788689ec1971a8) - [ ] [为什么很多人不是输在能力,而是输在没有预警——情报工作的真正价值,不是解释过去,而是提前发现危险](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650567260&idx=4&sn=a6844b50dc6012b365170d034a09c83f) - 吴鲁加 - [ ] [继续还是放弃](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485985&idx=1&sn=3c421da8274075bef394b4c2fe070054) - 360数字安全 - [ ] [【热点】从LiteLLM到Apifox:AI供应链投毒背后的工具链信任危机](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247585571&idx=1&sn=efb61f64d1cb3419d1fac41cfab251f2) - [ ] [360龙虾卫士沙箱:为OpenClaw打造专属安全运行舱](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247585571&idx=2&sn=e808e4328af2f25e912efd14ad44bc0e) - 迪哥讲事 - [ ] [提取接口利器](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247499230&idx=1&sn=d94799ec733370434bdfe83b6fafd433) - 安全行者老霍 - [ ] [无头架构中的安全性:当前端不再是控制点时](https://mp.weixin.qq.com/s?__biz=Mzg3NjU4MDI4NQ==&mid=2247486214&idx=1&sn=87ff6eb7c17c2deb763cda1682550769) - Arturo Di Corinto - [ ] [Sovranità tecnologica e autonomia strategica](https://dicorinto.it/formazione/sovranita-tecnologica-e-autonomia-strategica/) - 字节跳动技术团队 - [ ] [OpenSearchCon China 2026:字节跳动在 OpenSearch 上的技术实践与前沿探索](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247519046&idx=1&sn=45613e8c1ed787026f52292ded0e5acc) - 吾爱破解论坛 - [ ] [SourceInsight4.0 最新4.00.0150 2026版本 破解分析](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651144017&idx=1&sn=32caa5562058036a673f43eb55cc78c5) - 白泽安全实验室 - [ ] [疑似APT28组织利用Zimbra高危漏洞展开网络攻击活动](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492905&idx=1&sn=ec4bedfe53fc3dea90dde861bd6477a8) - ICT Security Magazine - [ ] [14° Cyber Crime Conference: Roma, 6 e 7 maggio 2026 – Anticipazione Programma](https://www.ictsecuritymagazine.com/notizie/cyber-crime-conference-2026/) - [ ] [Operazione Lockheed Martin: doppio attacco iraniano, fino a 375 TB di dati e un ultimatum di 48 ore agli ingegneri](https://www.ictsecuritymagazine.com/notizie/operazione-lockheed-martin-apt-iran/) - [ ] [Ransomware nel settore sanitario: analisi degli attacchi e strategie di difesa](https://www.ictsecuritymagazine.com/articoli/ransomware-nel-settore-sanitario/) - [ ] [Esprinet nel mirino di ALP-001: ransomware contro il colosso italiano della distribuzione IT](https://www.ictsecuritymagazine.com/notizie/esprinet-alp-001-ransomware/) - Over Security - Cybersecurity news aggregator - [ ] [Backdoored Telnyx PyPI package pushes malware hidden in WAV audio](https://www.bleepingcomputer.com/news/security/backdoored-telnyx-pypi-package-pushes-malware-hidden-in-wav-audio/) - [ ] [European Parliament rejects extension of CSAM scanning rules for tech platforms](https://therecord.media/eu-parliament-rejects-csam-scanning-extension) - [ ] [UK weighs new limits on political donations as reports warn of hard-to-trace foreign interference](https://therecord.media/uk-weighs-limits-political-donations-foreign-interference) - [ ] [FBI confirms theft of director’s personal emails by Iran-linked hacking group](https://therecord.media/fbi-confirms-theft-of-directors-personal-emails-iran-group) - [ ] [Google: crittografia post-quantum entro il 2029](https://www.securityinfo.it/2026/03/27/google-crittografia-post-quantum-entro-il-2029-e-novita-sullautenticazione/) - [ ] [Fake VS Code alerts on GitHub spread malware to developers](https://www.bleepingcomputer.com/news/security/fake-vs-code-alerts-on-github-spread-malware-to-developers/) - [ ] [European Commission investigating breach after Amazon cloud account hack](https://www.bleepingcomputer.com/news/security/european-commission-investigating-breach-after-amazon-cloud-account-hack/) - [ ] [Iranian hackers claim breach of FBI director Kash Patel’s personal email account](https://techcrunch.com/2026/03/27/iranian-hackers-claim-breach-of-fbi-director-kash-patels-personal-email-account/) - [ ] [Sintesi riepilogativa delle campagne malevole nella settimana del 21 – 27 marzo](https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-del-21-27-marzo/) - [ ] [Microsoft IIS fuori supporto: il rischio invisibile della mancata governance degli asset](https://www.cybersecurity360.it/nuove-minacce/microsoft-iis-fuori-supporto-il-rischio-invisibile-della-mancata-governance-degli-asset/) - [ ] [Dutch court threatens xAI with fines over Grok's nonconsensual nude images](https://therecord.media/dutch-court-threatens-xai-with-fines-grok-nudification) - [ ] [Pirateria, la Corte suprema USA riformula la responsabilità dei provider](https://www.cybersecurity360.it/legal/sentenza-cox-vs-sony-corte-suprema-usa-riformula-responsabilita-provider-internet/) - [ ] [Apple says no one using Lockdown Mode has been hacked with spyware](https://techcrunch.com/2026/03/27/apple-says-no-one-using-lockdown-mode-has-been-hacked-with-spyware/) - [ ] [Prevedere o indovinare i rischi?](https://www.cybersecurity360.it/cultura-cyber/prevedere-o-indovinare-i-rischi/) - [ ] [China’s APT41 and the Expanding Enterprise Attack Surface: What Security Teams Must Prepare For](https://cyble.com/blog/apt41-enterprise-attack-surface-cyber-risk/) - [ ] [Agentic GRC: Teams Get the Tech. The Mindset Shift Is What's Missing.](https://www.bleepingcomputer.com/news/security/agentic-grc-teams-get-the-tech-the-mindset-shift-is-whats-missing/) - [ ] [Latvia accuses Russia of of disinformation campaign targeting Baltic states](https://therecord.media/latvia-accuses-russia-of-disinformation-campaign-ukraine-war) - [ ] [European Commission investigating breach after Amazon cloud hack](https://www.bleepingcomputer.com/news/security/european-commission-investigating-breach-after-amazon-cloud-hack/) - [ ] [The Cyber Express Weekly Roundup: Cyberattacks, AI Risks, and Geopolitical Cyber Threats](https://thecyberexpress.com/the-cyber-express-weekly-roundup-march-27/) - [ ] [BreachForums Data Leaks: Technical Analysis and Timeline Attribution (2022–2026)](https://www.d3lab.net/breachforums-data-leaks-technical-analysis-and-timeline-attribution-2022-2026/) - [ ] [Congress Wants a GPS Tracker on Every Advanced AI Chip America Exports](https://thecyberexpress.com/advanced-ai-chip-chip-security-act/) - [ ] [Anti-piracy coalition takes down AnimePlay app with 5 million users](https://www.bleepingcomputer.com/news/security/anti-piracy-coalition-takes-down-animeplay-app-with-5-million-users/) - [ ] [Condanna di Meta e Google in California: anatomia di un processo che cambia le regole](https://www.cybersecurity360.it/legal/condanna-di-meta-e-google-in-california-anatomia-di-un-processo-che-cambia-le-regole/) - [ ] [Sovranità satellitare](https://www.guerredirete.it/sovranita-satellitare/) - [ ] [La cyber sicurezza del settore sanitario in Italia: cosa sapere e su cosa riflettere](https://www.cybersecurity360.it/news/cybersicurezza-settore-sanitario/) - [ ] [Ransomware a Esprinet, compromessi 1,2 TB di dati: cosa sappiamo](https://www.cybersecurity360.it/news/ransomware-a-esprinet-compromessi-12-tb-di-dati-cosa-sappiamo/) - [ ] [Windows 11 KB5079391 update rolls out Smart App Control improvements](https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5079391-update-rolls-out-smart-app-control-improvements/) - [ ] [Apple Introduces Age Checks for iPhone Users in the UK](https://thecyberexpress.com/apple-age-verification-uk-rollout/) - [ ] [Dutch Police discloses security breach after phishing attack](https://www.bleepingcomputer.com/news/security/dutch-police-discloses-security-breach-after-phishing-attack/) - [ ] [After Funding Jolt, EU Moves to Back the CVE Vulnerability System](https://thecyberexpress.com/bedrock-cyber-vulnerability/) - [ ] [ACN: a febbraio 2026 bisogna sommare il contesto geopolitico al combinato NIS2–Olimpiadi](https://www.cybersecurity360.it/news/operational-summary-acn-a-febbraio-2026/) - [ ] [The Energy Sector Isn’t Ready for Ransomware—and 2025 Proved It](https://thecyberexpress.com/energy-sector-ransomware-threats-2025/) - [ ] [Snapchat Faces EU Child Safety Probe Under Digital Services Act](https://thecyberexpress.com/dsa-child-protection-investigation/) - [ ] [BreachForums Verion 5 - 339,778 breached accounts](https://haveibeenpwned.com/Breach/BreachForumsV5) - 安全419 - [ ] [RSAC 2026创新沙盒十强全景解读:AI代理安全成绝对主角](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247552753&idx=1&sn=24ec9772a8141fb099864196727c325e) - 悬镜安全 - [ ] [以AI治理AI|问境AIST首家通过信通院大模型安全扫描产品能力评估!](https://mp.weixin.qq.com/s?__biz=MzA3NzE2ODk1Mg==&mid=2647798878&idx=1&sn=2237e4f477b401d7af7bdc6364cb452c) - Securityinfo.it - [ ] [Google: crittografia post-quantum entro il 2029](https://www.securityinfo.it/2026/03/27/google-crittografia-post-quantum-entro-il-2029-e-novita-sullautenticazione/?utm_source=rss&utm_medium=rss&utm_campaign=google-crittografia-post-quantum-entro-il-2029-e-novita-sullautenticazione) - SANS Internet Storm Center, InfoCON: green - [ ] [TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)](https://isc.sans.edu/diary/rss/32838) - [ ] [ISC Stormcast For Friday, March 27th, 2026 https://isc.sans.edu/podcastdetail/9868, (Fri, Mar 27th)](https://isc.sans.edu/diary/rss/32836) - Have I Been Pwned latest breaches - [ ] [BreachForums Version 5 - 339,778 breached accounts](https://haveibeenpwned.com/Breach/BreachForumsV5) - Javvad Malik - [ ] [Breach of Confidence – 27 March 2026](https://javvadmalik.com/2026/03/27/breach-of-confidence-27-march-2026/) - [ ] [When Your Best Friend Is a Bot Who Never Says No](https://javvadmalik.com/2026/03/27/when-your-best-friend-is-a-bot-who-never-says-no/) - Schneier on Security - [ ] [Friday Squid Blogging: Bioluminescent Bacteria in Squid](https://www.schneier.com/blog/archives/2026/03/friday-squid-blogging-bioluminescent-bacteria-in-squid.html) - Yak Project - [ ] [深度拆解 IRify 性能优化2.0:从能跑到稳快省的全路径重构](https://mp.weixin.qq.com/s?__biz=Mzk0MTM4NzIxMQ==&mid=2247529589&idx=1&sn=0d9226acdfca3aefbecf5f3421573c27) - D3Lab - [ ] [BreachForums Data Leaks: Technical Analysis and Timeline Attribution (2022–2026)](https://www.d3lab.net/breachforums-data-leaks-technical-analysis-and-timeline-attribution-2022-2026/) - bellingcat - [ ] [Two Waves of Bombing: New Videos Reveal Further Details About Iran Girls’ School Strike](https://www.bellingcat.com/news/2026/03/27/new-videos-reveal-more-details-about-iran-girls-school-strike/) - Future of Tech and Security: Strategy & Innovation with Raffy - [ ] [How AI Will Reshape the MSP Market](https://raffy.ch/blog/2026/03/27/how-ai-will-reshape-the-msp-market/) - The Hacker News - [ ] [Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits](https://thehackernews.com/2026/03/apple-sends-lock-screen-alerts-to.html) - [ ] [TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files](https://thehackernews.com/2026/03/teampcp-pushes-malicious-telnyx.html) - [ ] [Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks](https://thehackernews.com/2026/03/open-vsx-bug-let-malicious-vs-code.html) - [ ] [AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion](https://thehackernews.com/2026/03/aitm-phishing-targets-tiktok-business.html) - [ ] [We Are At War](https://thehackernews.com/2026/03/we-are-at-war.html) - [ ] [Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware](https://thehackernews.com/2026/03/bearlyfy-hits-70-russian-firms-with.html) - [ ] [LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks](https://thehackernews.com/2026/03/langchain-langgraph-flaws-expose-files.html) - The Register - Security - [ ] [AFC Ajax drops ball as flaws let hackers play admin with tickets and bans](https://go.theregister.com/feed/www.theregister.com/2026/03/27/afc_ajax_drops_ball_as/) - [ ] [Iran war drives urgent need to counter underwater attack drones](https://go.theregister.com/feed/www.theregister.com/2026/03/27/us_and_uk_forces_auv_tender/) - [ ] [Security boffins scoured the web and found hundreds of valid API keys](https://go.theregister.com/feed/www.theregister.com/2026/03/27/security_boffins_harvest_bumper_crop/) - TorrentFreak - [ ] [Sky Wins Irish Court Order to Unmask 300+ Pirate IPTV Users via Revolut Bank](https://torrentfreak.com/sky-wins-irish-court-order-to-unmask-300-pirate-iptv-users-via-revolut-bank/) - Security Affairs - [ ] [The European Commission confirmed a cyberattack affecting part of its cloud systems](https://securityaffairs.com/190067/data-breach/the-european-commission-confirmed-a-cyberattack-affecting-part-of-its-cloud-systems.html) - [ ] [New AITM phishing wave hijacks TikTok Business accounts](https://securityaffairs.com/190058/security/new-aitm-phishing-wave-hijacks-tiktok-business-accounts.html) - [ ] [CISA and BSI warn orgs of critical PTC Windchill and FlexPLM flaw](https://securityaffairs.com/190049/security/cisa-and-bsi-warn-orgs-of-critical-ptc-windchill-and-flexplm-flaw.html) - [ ] [U.S. CISA adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/190044/security/u-s-cisa-adds-an-aquasecurity-trivy-flaw-to-its-known-exploited-vulnerabilities-catalog.html) - [ ] [China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks](https://securityaffairs.com/190029/malware/china-linked-red-menshen-apt-deploys-stealthy-bpfdoor-implants-in-telecom-networks.html) - Deeplinks - [ ] [US Tech Companies Must be Accountable in US Courts for Facilitating Persecution and Torture Abroad, EFF Urges US Supreme Court](https://www.eff.org/press/releases/us-tech-companies-must-be-accountable-us-courts-facilitating-persecution-and-torture) - Daniel Miessler - [ ] [We Are Confusing Two Types of AGI](https://danielmiessler.com/blog/two-types-of-agi?utm_source=rss&utm_medium=feed&utm_campaign=website) - [ ] [AI Unmasked Our Work as Scaffolding](https://danielmiessler.com/blog/ai-unmasked-our-work-as-scaffolding?utm_source=rss&utm_medium=feed&utm_campaign=website) - 网安寻路人 - [ ] [跨境数据治理转向与中国应对(学术专论)](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247508185&idx=1&sn=c9040b913fcb9845d009673a83ec22f1)
每日安全资讯(2026-03-28)