# 每日安全资讯(2026-05-17) - SecWiki News - [ ] [SecWiki News 2026-05-16 Review](http://www.sec-wiki.com/?2026-05-16) - Private Feed for M09Ic - [ ] [kpcyrd contributed to kpcyrd/acme-redirect](https://github.com/kpcyrd/acme-redirect/pull/50) - [ ] [bolucat released 202605162114 at bolucat/Archive](https://github.com/bolucat/Archive/releases/tag/202605162114) - [ ] [IC3-CR3AM starred asesidaa/EXVS2-POC](https://github.com/asesidaa/EXVS2-POC) - [ ] [Mr-xn starred exploitbench/exploitbench](https://github.com/exploitbench/exploitbench) - [ ] [esrrhs contributed to esrrhs/fakelua](https://github.com/esrrhs/fakelua/pull/98) - [ ] [Mr-xn starred markdown-viewer/skills](https://github.com/markdown-viewer/skills) - [ ] [mgeeky starred Nightmare-Eclipse/MiniPlasma](https://github.com/Nightmare-Eclipse/MiniPlasma) - [ ] [safedv starred Nightmare-Eclipse/MiniPlasma](https://github.com/Nightmare-Eclipse/MiniPlasma) - [ ] [CHYbeta starred exploitbench/exploitbench](https://github.com/exploitbench/exploitbench) - [ ] [Mr-xn starred opendatalab/MinerU](https://github.com/opendatalab/MinerU) - [ ] [PrefectHQ released 3.7.1 at PrefectHQ/prefect](https://github.com/PrefectHQ/prefect/releases/tag/3.7.1) - [ ] [CHYbeta starred yetone/native-feel-skill](https://github.com/yetone/native-feel-skill) - [ ] [su18 starred woodpecker-appstore/ghost-bits-encoder](https://github.com/woodpecker-appstore/ghost-bits-encoder) - Doonsec's feed - [ ] [“分片失忆”——Dirty Frag补丁如何催生了Fragnesia漏洞](https://mp.weixin.qq.com/s/KO2L3ZRv43BXQMT0E5PSOQ) - [ ] [安天AVL SDK反病毒引擎升级通告(20260516)](https://mp.weixin.qq.com/s/8LVpyAhPjwAyMt_MzC6sxw) - [ ] [M4 MacBook Air外接RTX 5090实现3A游戏与AI加速](https://mp.weixin.qq.com/s/IPbP1jZsomv5B5tpoS99Rg) - [ ] [为什么网络安全公司裁员还会继续?](https://mp.weixin.qq.com/s/vEebqYTlSyDp0TSSYMP7Kw) - [ ] [原创-人要破茧成蝶,要成才的几大要素](https://mp.weixin.qq.com/s/LH4ucTQn6pQ5KIaQtNt-rw) - [ ] [川普刚走!普京下周来](https://mp.weixin.qq.com/s/IyPKIJ1HZfXBsTKd1w7lnQ) - [ ] [哪里可以找到能够注册的XP SP3 ISO镜像文件,真心想要一个能在2026年正常上网而不会让电脑感染病毒的版本](https://mp.weixin.qq.com/s/B9NCzcCQCEY4QAsiNiDwuQ) - [ ] [邮件钓鱼免杀完全指南(2026 实战版)· 二、OSINT 信息收集四步法](https://mp.weixin.qq.com/s/P6xV5_yhvX9UDM4wBL1i7w) - [ ] [多智能体协作的自主渗透测试框架Abyss,像专家一样思考](https://mp.weixin.qq.com/s/TnAgDNoFvytZJcragivbAQ) - [ ] [红石V8发布,AI接入,全方面汇聚资产管理](https://mp.weixin.qq.com/s/a4yD9XLqCC5ZOppvwV_CfQ) - [ ] [关于AI“智能体”定义的若干问题](https://mp.weixin.qq.com/s/JisEjeEwIcKtRtvbyOIN4Q) - [ ] [弈界 2-MoonBit 开发实践](https://mp.weixin.qq.com/s/2taFAb1prWrJhFudGDj6Ow) - [ ] [安全警报 | 公益组织数据安全拉响警报!黑客组织声称攻破中国狮子联会管理平台](https://mp.weixin.qq.com/s/5_YqmWPzFYnLOYK1OtCmhw) - [ ] [零·重新校准[ 黑Ke逆向工程Ai自动化 ] 初始|0.篇](https://mp.weixin.qq.com/s/AQbOvcGYv5O3A9Knf3Ad1g) - [ ] [星球笔记/Disco[r]d/ 今日摘要](https://mp.weixin.qq.com/s/PskeZq7ePbBvextZZTHHXw) - [ ] [冰蝎 v4.1 被曝 0‑click 高危漏洞,一连接就被反制,可窃取凭据...!](https://mp.weixin.qq.com/s/6LP7Izufmkq20Es7gNFoPw) - [ ] [活该你能挖到洞](https://mp.weixin.qq.com/s/_maHUal20Gfbq6R5t1lC7Q) - [ ] [字节员工吐槽:用了AI写代码,反而更累了](https://mp.weixin.qq.com/s/j2b4OIKlWsGGBLXvaWOF5w) - [ ] [AI For Security,你真的用明白AI了吗?](https://mp.weixin.qq.com/s/_a6qpyxTgcDhNTg5oRquzw) - [ ] [特朗普访华,十大细节不同寻常!](https://mp.weixin.qq.com/s/PjssapvDKnO-BujKDvwgIA) - [ ] [免费AI声音克隆神器 Voicebox,本地部署,无隐私风险,支持23种不同语言](https://mp.weixin.qq.com/s/aBX46ulFlPg6Hpjy6xuj4w) - [ ] [2026年人工智能技术赋能网络安全应用测试公告](https://mp.weixin.qq.com/s/pq3cH4HBU2emt4QkCMJRmg) - [ ] [记录一次对校内系统的安全测试](https://mp.weixin.qq.com/s/dF64jY2-z_z6jQKAlP1_5g) - [ ] [我用 165 块钱的硬件,搓了一个「无感」健康监测站](https://mp.weixin.qq.com/s/YjZC_Wk3wsvfiONj3zm7bA) - [ ] [Pwn2Own Berlin 2026第三天:百万美元奖金池即将突破](https://mp.weixin.qq.com/s/qsa887R8D7ppJvKRzYI4JQ) - [ ] [Pwn2Own柏林2026次日战报:DEVCORE狂揽$405,000领跑,Exchange漏洞引爆全场](https://mp.weixin.qq.com/s/pW6ihfvEMa8QBRjymahIqQ) - [ ] [【域攻防】noPac域内提权](https://mp.weixin.qq.com/s/gBS86kfrhbzwlpyC9s8LsA) - [ ] [网安自学其实很简单,按步骤快速上手](https://mp.weixin.qq.com/s/KfvyKtZMvy9pFmfdAlTUHA) - [ ] [JDownloader 网站遭黑客攻击,Windows 和 Linux 用户面临恶意安装程序的威胁](https://mp.weixin.qq.com/s/wPfdL_WOy2q524P4fkF-vg) - [ ] [长沙银行加速AI大模型应用,设立大模型创新实验室](https://mp.weixin.qq.com/s/vY2VYfMnFR9jSUYyrGk5cA) - [ ] [年度渗透测试报告:AI的漏洞比传统软件严重得多](https://mp.weixin.qq.com/s/MPco5sdyXA2nG0qBAaU59w) - [ ] [安恒信息成为国家具身智能应用中试基地共建合伙人,范渊获聘产业委员会委员](https://mp.weixin.qq.com/s/rj174G2PVgmhPOHDC7m80A) - [ ] [弱口令到Root Shell 配置正确的重要性](https://mp.weixin.qq.com/s/jQ9GGUXsCKJLS2zmIeJ_Uw) - [ ] [暗网线报 | 台湾对外贸协数据泄露:千余条员工信息遭曝光,全球办事处架构一览无余](https://mp.weixin.qq.com/s/UKwMR3YaTscZlHe7EmjcfA) - [ ] [在看 | 周报:中行福建省分行因多项违规被罚;谷歌确认黑客利用AI生成零日漏洞发动攻击](https://mp.weixin.qq.com/s/7GhGSC5ybgr9PUyvnlnCsg) - [ ] [在看 | 厂商:本周热门网络安全产业动态](https://mp.weixin.qq.com/s/fhxHVGropKGk-CSZgKkblA) - [ ] [零基础自学网安必藏!3 个免费干货平台,新手也能快速入门](https://mp.weixin.qq.com/s/eMUycDiDgaBOGf3E6R6BDw) - [ ] [蝰蛇实验室 | 2026年5月下比赛汇总](https://mp.weixin.qq.com/s/Jc6C2aC6IPkx2_TM2ClLxg) - [ ] [[工具发布]多态shellcode生成0/62检测率](https://mp.weixin.qq.com/s/xkbXxSpvZ-1h5E-0jbZiyA) - [ ] [黑客利用OrBit Rootkit窃取Linux系统SSH与Sudo凭证](https://mp.weixin.qq.com/s/90KTh-M2nElYmocKULWtoA) - [ ] [VMware Fusion漏洞可致攻击者获取root权限](https://mp.weixin.qq.com/s/Mej9s5_vLeu62bG2Fq4dQQ) - [ ] [OpenClaw 曝出四大漏洞,可导致数据窃取、权限提升与持久化攻击](https://mp.weixin.qq.com/s/Wxqixof2NyhiaNhlVHEa5g) - [ ] [首日狂揽 52.3 万刀!Pwn2Own 柏林拿下 Edge/Win11/LiteLLM](https://mp.weixin.qq.com/s/biQV_1QEgFtHaAshFUr72w) - [ ] [AI中转站的黑与白;OpenAI推出Daybreak全新网络安全计划 | FreeBuf周报](https://mp.weixin.qq.com/s/PqMrSw6ojglAild1qOxvxg) - [ ] [从0到1构建一个Hook工具之PLT Hook篇](https://mp.weixin.qq.com/s/WQ-ofhO88sWULwZb1bhFKA) - [ ] [赠开学礼包!2026看雪·安卓高级研修班(2w/3w计划-夏季班)招生中](https://mp.weixin.qq.com/s/2crdeQqrGJ6_XZ6nEehivg) - [ ] [这是PoE的](https://mp.weixin.qq.com/s/Ot9yqxffj4C49H0STabRig) - [ ] [让 AI 开发项目越来越聪明:入口文件的艺术](https://mp.weixin.qq.com/s/483GE8EpgYDK7JbQ92RODw) - [ ] [暗网线报 | 香港“华威神召会”遭勒索威胁,164GB数据待公开,美国背景教会网络受关注](https://mp.weixin.qq.com/s/RUKRyD-v4dxhtnb1VjMZDg) - [ ] [记一次对某211大学敏感信息泄露](https://mp.weixin.qq.com/s/Bh_Di66OwgaszjI26b8mZA) - [ ] [[工具推荐]新一代webshell管理工具默连(morelian)](https://mp.weixin.qq.com/s/AGKETOvMnzHOf0SLKzCyaA) - [ ] [告别SMS-Activate!接码平台HeroSMS注册接码指南](https://mp.weixin.qq.com/s/znxipaPEu1BVbhFsB768Cg) - [ ] [DeskRAT SideCopy APT 的基础架构](https://mp.weixin.qq.com/s/_UW9ML7X5sSSJUI78sUSSg) - [ ] [伪装成 Google Gemini CLI 的新型 Windows 恶意软件攻击活动分析](https://mp.weixin.qq.com/s/WJF0n601BGOonfD1vTxcTg) - [ ] [【0day】Windows 提权漏洞喜加一](https://mp.weixin.qq.com/s/7ndZ8YzLCEd08ixveIGzbw) - [ ] [聚焦教育密码合规建设,破解密评落地难题](https://mp.weixin.qq.com/s/4pDKcF7Y-TubIQjQ2TfiUQ) - [ ] [开花](https://mp.weixin.qq.com/s/qXwi42V52Ud66xx5EX3YpA) - [ ] [密评工具箱大横评:分组密码算法工作模式,ECB加密解密差点全军覆没](https://mp.weixin.qq.com/s/U37VZgNgbBdZMCKiOKnQ3A) - [ ] [攻防技战术动态一周更新 - 20260511](https://mp.weixin.qq.com/s/SZrsmyvV2mGq1oPvZnveqw) - [ ] [什么是K8s?](https://mp.weixin.qq.com/s/Nb4vJhTrfE7K-EBF4HMPUQ) - [ ] [QEMU曝虚拟机逃逸漏洞,可直接控制底层物理机](https://mp.weixin.qq.com/s/8fRMQKdKux7iyAziVvdEcg) - [ ] [\"苕皮哥3.0\"](https://mp.weixin.qq.com/s/CUIJ83l464Dz0V_ch9PuAA) - [ ] [一个 U 盘,5 分钟绕过 Win11 BitLocker!微软暂未修复](https://mp.weixin.qq.com/s/W4tzMKYhgYb07y04sAd2sg) - [ ] [我就看不起蓝初这些货](https://mp.weixin.qq.com/s/bVKbTA1_Dhevd7Ye_TiulQ) - [ ] [AI安全——实战敏感词汇绕过手法](https://mp.weixin.qq.com/s/0WJFPZuwoNB9CsA-bOG7-g) - [ ] [攻防侧供应链源码储备浅析 —— 从第三方资产、文档泄露到核心资产测绘,撕开供应链防御的口子](https://mp.weixin.qq.com/s/Lc22qMdSJYnNNZQIdlDqPA) - [ ] [从菜鸟到高手:50分钟拿下RFID门禁系统](https://mp.weixin.qq.com/s/EQh8rnqW0iC6H6NmxAqQvQ) - [ ] [【取证比赛篇】电子取证平台又更新了:团队赛、海量赛题、知识库、训练分析一次说清](https://mp.weixin.qq.com/s/Iz9l-TTUaHE87XxUuY0Uxw) - [ ] [AI 没有攻破苹果,但攻防时钟被拨快了](https://mp.weixin.qq.com/s/6JhUlFedb2SmVKnnWQ2EAQ) - [ ] [环球财经丨百年回眸——航天强国兴衰密码](https://mp.weixin.qq.com/s/HLxLx3qbuuWYM8cVg_77wQ) - [ ] [我买了HPE StoreEasy 1450,因为DL120无法使用SAS,所以更换成了支持3.5英寸HDD的型号](https://mp.weixin.qq.com/s/IFm03xsLQ1SXmytpnZGrGQ) - [ ] [今日(2026年5月16日)热点网络安全漏洞动态](https://mp.weixin.qq.com/s/Oifip77LM0bJP4nINQKhZA) - [ ] [我把OpenAI和Anthopic的文章读了个遍,“如何用好AI”这件事,官方早就给了答案](https://mp.weixin.qq.com/s/UAnwYRmz9s005Cu6pd4_6g) - [ ] [造假摆拍“盲人在盲道行走被电动自行车撞击”,网警通报3起典型案例](https://mp.weixin.qq.com/s/hI10a3dMZi5wQu2vQHMDSQ) - [ ] [PentAGI 2.0](https://mp.weixin.qq.com/s/Um55TgUe6ZLf5yvaihcF4w) - [ ] [造假摆拍!“盲人在盲道被电动车撞”等虚假视频被通报](https://mp.weixin.qq.com/s/dwjjHn2P6Vgt3PNp_VYihw) - [ ] [网络工程师三条路:运营商、大厂、集成商,怎么选才不后悔](https://mp.weixin.qq.com/s/orPlTpq2zAGh1xhblh7rww) - [ ] [新手挖漏洞神器:50 个高危端口完整版清单](https://mp.weixin.qq.com/s/WdL2QmyngffrLS_jfcZYnA) - [ ] [工业网络安全周报-2026年第19期](https://mp.weixin.qq.com/s/4W3pO1IiAtMKGVDmFj2yqg) - [ ] [工业网络安全周报-2026年第16期](https://mp.weixin.qq.com/s/l-eAj5ysi2qa4qi-l6crpw) - [ ] [江苏省“AI+”行动方案:推广模型驱动的金融智能体服务](https://mp.weixin.qq.com/s/uGHEx1xhs3f8sUJoMvcpkQ) - [ ] [DigiForensics 电子取证学习与训练平台正式开放!一站式解决你的所有学习痛点](https://mp.weixin.qq.com/s/ygkynimmqnWLCngcbwXYBA) - [ ] [无尽夏](https://mp.weixin.qq.com/s/jzc9u6wPkBVm8eEBOhssjA) - [ ] [我们如何为邮件安全构建高速威胁狩猎](https://mp.weixin.qq.com/s/R1OnZnMtMUTGCICYiYw8Ng) - [ ] [傻鸟自动物流车逆行走错道](https://mp.weixin.qq.com/s/M-Ll5GEhlBRdmT53gRQYIw) - [ ] [美国科技人才政策体系特点及启示](https://mp.weixin.qq.com/s/87ycsHTB6ywTtcZOggcU4A) - [ ] [兰德观点:中美AI“斗而不破、竞中求合”](https://mp.weixin.qq.com/s/YV1g3RdKSvUPDDhSYIKyTA) - [ ] [农村屋顶的仙人掌](https://mp.weixin.qq.com/s/9mComdsKbW3pJUjRxcJ3wA) - [ ] [19热爱·正当燃 | 我们的19周年庆,全是滚烫的美好篇章](https://mp.weixin.qq.com/s/JPWf79wsGBVmt3zDQIASrw) - [ ] [电子取证平台又更新了:团队赛、海量赛题、知识库、训练分析一次说清](https://mp.weixin.qq.com/s/TtSpsC5dB6_dRX1iz6ai-A) - [ ] [0160.罚款 900 美元 IDOR:未经授权通过直接 API 访问表单附件](https://mp.weixin.qq.com/s/AtqGYtDbbb4K0R-KpMuBuA) - [ ] [SRC 每日漏洞复现学习系列(第 2 篇)垂直越权漏洞+漏洞报告模板](https://mp.weixin.qq.com/s/qfELG3imPQpmkD8Cy6waMw) - [ ] [20000元/月,招网络安全工程师](https://mp.weixin.qq.com/s/qWiJzgOSMtdAS6pGvItvDA) - [ ] [给大家演示一下AI远控训练营到底做什么产品](https://mp.weixin.qq.com/s/Zd9O77C6sZBsDdNcyLTkIQ) - [ ] [前段时间肺感染调养了几个月,现在开始游泳](https://mp.weixin.qq.com/s/r4g7h_xpdFHzSVeCqb4kmg) - [ ] [2026白帽赏金挑战赛!快手SRC邀你来挖](https://mp.weixin.qq.com/s/oEa4p9Xet__EsnQD6oVuYA) - [ ] [产业政策新词——\"模数共振\"](https://mp.weixin.qq.com/s/VQ_Rn8d9NUPMykezux3ygg) - [ ] [赛欧思一周资讯分类汇总(2026-05-11 ~ 2026-05-16)](https://mp.weixin.qq.com/s/L-vJLaRnt53liEwRwiDAVQ) - [ ] [最贵的\"断片\":大学生嗑草改密码,11年后Claude顺手捞回35万美元](https://mp.weixin.qq.com/s/zWwh7MWkzuEZ0lZICpKugQ) - [ ] [18年潜伏Nginx RCE漏洞曝光 CVE-2026-42945](https://mp.weixin.qq.com/s/7XsBXsQAp7lHba8ycOgprQ) - [ ] [Next.js曝出高危SSRF漏洞 CVE-2026-44578](https://mp.weixin.qq.com/s/mw1m6iKZY1AL1rN31D1QXw) - [ ] [node-ipc再遭投毒:npm供应链攻击第二波](https://mp.weixin.qq.com/s/KFYKO0mFl4uapqCo-G2LWg) - [ ] [富士康多家工厂遭勒索攻击,8TB超千万份客户敏感文件疑被窃取](https://mp.weixin.qq.com/s/96-hlF23nQEH5L2feQLsjg) - [ ] [AI 驱动的红队免杀知识库 | Webshell 免杀、WAF/RASP/EDR 绕过、流量伪装等实战Tips](https://mp.weixin.qq.com/s/40xun7CtUT31EISAr98TMw) - [ ] [正式上线!tool.geek.cab 域名备案通过,网络工具箱全面升级!](https://mp.weixin.qq.com/s/CSpwRc7tjOoZYTZ4xxyGpQ) - [ ] [暗网快讯【20260516】117期](https://mp.weixin.qq.com/s/f5KRrzUToOXz-07L57CmYA) - [ ] [网安早报【20260516】117期](https://mp.weixin.qq.com/s/ddh8dLjxrd2TpVQzVHLBlA) - [ ] [关键Exchange Server 0day漏洞在野外攻击中被积极利用](https://mp.weixin.qq.com/s/9pUyo4DPM4zPlpSml9Hx-w) - [ ] [黑客利用 OrBit Rootkit 从 Linux 系统中窃取 SSH 和 sudo 凭据](https://mp.weixin.qq.com/s/GdhhQwftXQQh9YjWWDX1cQ) - [ ] [俄黑客组织Turla 将 Kazuar 后门转变为模块化 P2P 木马网络以实现持久访问](https://mp.weixin.qq.com/s/h671x3uIGVMoVIozCWrsoQ) - [ ] [并发举报竞争条件漏洞](https://mp.weixin.qq.com/s/CHHYlBXin8QlXJ0rwN_vGQ) - [ ] [红队神器|Vue 站点未授权漏洞一键挖掘 -v2.0](https://mp.weixin.qq.com/s/8gGSgPpLkQ1xtlXvINSzDw) - [ ] [如何让自己的博客爆闪别人](https://mp.weixin.qq.com/s/CwLNyXWNTM1ccSq0QBURgg) - [ ] [人这一生,终究要学会与孤独相爱](https://mp.weixin.qq.com/s/iNyvnfKNeAi6Aq7mFVLG5w) - [ ] [做了两个 Claude Code 插件,把一些重复劳动省了](https://mp.weixin.qq.com/s/vm9Db6zpD6xhjTcfGxGoxQ) - [ ] [65元,打造私人 AI 助理!国产开源 PicoClaw 把 Claude/DeepSeek/豆包 塞进树莓派,管控 IoT 智能家居设备](https://mp.weixin.qq.com/s/3JAVZDW_zXCO-tBs4l8B4Q) - [ ] [暗网付费帖子解锁(第十六期)](https://mp.weixin.qq.com/s/eBUu07ofkIT7mQS5jEWE2A) - [ ] [原型链污染的赏金密码:从 fetch 到 defineProperty 的绕过艺术](https://mp.weixin.qq.com/s/QyfvPvc2mxhUeuXyHVeZ7Q) - [ ] [Turla 将 Kazuar 后门转化为模块化 P2P 僵尸网络,实现持久访问](https://mp.weixin.qq.com/s/YRDbjx_EU3fBNIA8LF4fxA) - [ ] [未来3年,网络安全没有中间地带](https://mp.weixin.qq.com/s/v9B5315qT45N-5Yi9dSqjA) - Recent Commits to cve:main - [ ] [Update Sat May 16 11:38:46 UTC 2026](https://github.com/trickest/cve/commit/227e48b3bc9c766c465cbbaa8e4617c46030aeb9) - ZeddYu’s Blog - [ ] [Revisiting HTTP Request Smuggling in 2026: Seven Years After Kettle, Where Are the Parsing Differentials Now?](https://blog.zeddyu.info/2026/05/16/Revisiting-HTTP-Smuggling-2026/) - Blog - Atredis Partners - [ ] [Bad News for the Average Pentester](https://www.atredis.com/blog/2026/5/15/bad-news-for-the-average-pentester) - daniel.haxx.se - [ ] [named globs with curl](https://daniel.haxx.se/blog/2026/05/16/named-globs-with-curl/) - 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台 - [ ] [告别一个时代 盖茨基金会出清最后微软持股](https://blog.upx8.com/%E5%91%8A%E5%88%AB%E4%B8%80%E4%B8%AA%E6%97%B6%E4%BB%A3-%E7%9B%96%E8%8C%A8%E5%9F%BA%E9%87%91%E4%BC%9A%E5%87%BA%E6%B8%85%E6%9C%80%E5%90%8E%E5%BE%AE%E8%BD%AF%E6%8C%81%E8%82%A1) - [ ] [马耳他用户可免费获得ChatGPT Plus一年](https://blog.upx8.com/%E9%A9%AC%E8%80%B3%E4%BB%96%E7%94%A8%E6%88%B7%E5%8F%AF%E5%85%8D%E8%B4%B9%E8%8E%B7%E5%BE%97ChatGPT-Plus%E4%B8%80%E5%B9%B4) - [ ] [涉影响学生心理健康 YouTube与学区达成和解](https://blog.upx8.com/%E6%B6%89%E5%BD%B1%E5%93%8D%E5%AD%A6%E7%94%9F%E5%BF%83%E7%90%86%E5%81%A5%E5%BA%B7-YouTube%E4%B8%8E%E5%AD%A6%E5%8C%BA%E8%BE%BE%E6%88%90%E5%92%8C%E8%A7%A3) - [ ] [Hermes + Qwen3.6:本地最强 Agent 组合!零成本、无限 Token](https://blog.upx8.com/Hermes-Qwen3-6-Agent-Token) - [ ] [教你用Ollama本地部署Claude Code:私有化免API](https://blog.upx8.com/Ollama-Claude-Code-API) - [ ] [“无审查”AI 视频模型来了!Sulphur 2 本地部署实测:8G 显存也能跑!](https://blog.upx8.com/AI-Sulphur-2-8G) - [ ] [QEMU曝虚拟机逃逸漏洞,可直接控制底层物理机](https://blog.upx8.com/QEMU%E6%9B%9D%E8%99%9A%E6%8B%9F%E6%9C%BA%E9%80%83%E9%80%B8%E6%BC%8F%E6%B4%9E-%E5%8F%AF%E7%9B%B4%E6%8E%A5%E6%8E%A7%E5%88%B6%E5%BA%95%E5%B1%82%E7%89%A9%E7%90%86%E6%9C%BA) - [ ] [ArXiv将封禁上传充满AI泔水论文的研究人员](https://blog.upx8.com/ArXiv%E5%B0%86%E5%B0%81%E7%A6%81%E4%B8%8A%E4%BC%A0%E5%85%85%E6%BB%A1AI%E6%B3%94%E6%B0%B4%E8%AE%BA%E6%96%87%E7%9A%84%E7%A0%94%E7%A9%B6%E4%BA%BA%E5%91%98) - [ ] [X同意打击英国境内的非法仇恨和恐怖内容](https://blog.upx8.com/X%E5%90%8C%E6%84%8F%E6%89%93%E5%87%BB%E8%8B%B1%E5%9B%BD%E5%A2%83%E5%86%85%E7%9A%84%E9%9D%9E%E6%B3%95%E4%BB%87%E6%81%A8%E5%92%8C%E6%81%90%E6%80%96%E5%86%85%E5%AE%B9) - 奇客Solidot–传递最新科技情报 - [ ] [烂尾楼带来了巨大的资源和社会经济成本](https://www.solidot.org/story?sid=84315) - [ ] [美国议员提议永久禁止中国的联网汽车](https://www.solidot.org/story?sid=84314) - [ ] [美国人宁愿在家附近造核电而不是造 AI 数据中心](https://www.solidot.org/story?sid=84313) - [ ] [微软加速 CPU 改进开始菜单的响应](https://www.solidot.org/story?sid=84312) - 体验盒子 - [ ] [1Panel Docker 环境下 PHP 报 “Primary script unknown” 404 错误排查实录](https://www.uedbox.com/post/119799/) - 黑鸟 - [ ] [M4 MacBook Air外接RTX 5090实现3A游戏与AI加速](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451186737&idx=1&sn=64c7f24d2aa43d6302626f2803fe0411) - 奇安信 CERT - [ ] [今日(2026年5月16日)热点网络安全漏洞动态](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247505856&idx=1&sn=eb8d3df614c46d54e0a827b6befd0823) - 丁爸 情报分析师的工具箱 - [ ] [【生物战】汉坦等人畜共患疾病有无可能是基因编辑技术的产物?](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651155662&idx=1&sn=d0151002a41d5b5b2b74deb28daf6b43) - 看雪学苑 - [ ] [从0到1构建一个Hook工具之PLT Hook篇](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458615202&idx=1&sn=355b26ceef06ae59406282bfce822ca6) - [ ] [赠开学礼包!2026看雪·安卓高级研修班(2w/3w计划-夏季班)招生中](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458615202&idx=2&sn=5c80b9f8f8e820562225aaa39105a622) - 安全圈 - [ ] [【安全圈】Linux内核漏洞"ssh-keysign-pwn"允许攻击者窃取SSH密钥与影子密码文件](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652076524&idx=1&sn=85724f6aa9c493a3823cc2988e73c7ec) - [ ] [【安全圈】微软 Edge 148 浏览器将增强安全,密码不再明文进入内存](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652076524&idx=2&sn=4bce93113ae71c271aa59e2f723b5d8f) - [ ] [【安全圈】微软Exchange Server高危漏洞正遭攻击者积极利用](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652076524&idx=3&sn=8adfa54adbe431abba673a75db6ad228) - 极客公园 - [ ] [蛰伏四年后,45.98 万的全新一代理想 L9 能再造爆款吗?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653106687&idx=1&sn=31482115835d4d67659b8a6440775c5e) - [ ] [ChatGPT 能替你管钱了,你敢把银行账户交给它吗?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653106672&idx=1&sn=7be62c464077e265ca4cbc033d6effdd) - [ ] [OpenAI 推出 ChatGPT 个人理财功能;SpaceX 最快将于 6 月 12 日挂牌上市;巴菲特慈善午餐回归,神秘买家 900 万美元拍下 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653106657&idx=1&sn=52e06b8568b05258555304d12c873daa) - 国家互联网应急中心CNCERT - [ ] [2026年人工智能技术赋能网络安全应用测试公告](https://mp.weixin.qq.com/s?__biz=MzIwNDk0MDgxMw==&mid=2247501596&idx=1&sn=18223c6068ee1e4745dcccf2b54786ec) - OnionSec - [ ] [专职逆向岗位面试的复盘与体会](https://mp.weixin.qq.com/s?__biz=MzUyMTUwMzI3Ng==&mid=2247485763&idx=1&sn=5fedf2ee5d59e638c4609b5dd761bae1) - Over Security - [ ] [Microsoft rejects critical Azure vulnerability report, no CVE issued](https://www.bleepingcomputer.com/news/security/microsoft-rejects-critical-azure-vulnerability-report-no-cve-issued/) - [ ] [The Metric to Anchor Your Agentic SOC Evaluation On](https://binarydefense.com/resources/blog/the-metric-to-anchor-your-agentic-soc-evaluation-on) - [ ] [Microsoft May 2026 Patch Tuesday Fixes 120 Vulnerabilities, No Zero-Day Exploits Reported](https://thecyberexpress.com/microsoft-may-2026-patch-tuesday/) - [ ] [EU Faces Criticism Over Surveillance Technology Exports to Rights Violators](https://thecyberexpress.com/eu-surveillance-technology-face-scrutiny/) - [ ] [Before You Give AI Access to Your Code, Read This NCSC Warning](https://thecyberexpress.com/ai-vulnerability-management-create-risks-ncsc/) - [ ] [Foxconn Confirms Cyberattack as Nitrogen Ransomware Claims 8TB Data Theft](https://thecyberexpress.com/foxconn-cyberattack/) - [ ] [AI Cyberattacks Are Escalating Across the Americas. This Webinar Explains Why](https://thecyberexpress.com/americas-cyber-threat-landscape-cyble-webinar/) - [ ] [Exim BDAT Vulnerability Exposes Email Servers to Remote Attacks](https://thecyberexpress.com/exim-bdat-vulnerability-cve-2026-45185/) - [ ] [OpenAI Confirms Limited Impact From TanStack npm Supply Chain Attack, Urges macOS App Updates](https://thecyberexpress.com/tanstack-npm-supply-chain-attack/) - [ ] [Malicious node-ipc npm Packages Trigger New Supply Chain Security Alarm](https://thecyberexpress.com/node-ipc-npm-package-credential-stealer/) - [ ] [Fragnesia Linux Kernel Flaw Enables Root Privilege Escalation](https://thecyberexpress.com/fragnesia-linux-kernel-xfrm-esp/) - [ ] [The Cyber Express Weekly Roundup: AI Threat Escalation, Ransomware Disruption, Supply Chain Attacks, and Expanding Cybersecurity Risks](https://thecyberexpress.com/cybersecurity-weekly-roundup/) - [ ] [Interview #9 MedusaLocker](https://deepdarkcti.com/interview-9-medusalocker/) - [ ] [Interview #10 diencracked (BreachForums owner)](https://deepdarkcti.com/interview-10-diencracked-breachforums-owner/) - [ ] [Carnival - 7,531,359 breached accounts](https://haveibeenpwned.com/Breach/Carnival) - [ ] [Udemy - 1,401,259 breached accounts](https://haveibeenpwned.com/Breach/Udemy) - [ ] [ADT - 5,488,888 breached accounts](https://haveibeenpwned.com/Breach/ADT) - [ ] [Pitney Bowes - 8,243,989 breached accounts](https://haveibeenpwned.com/Breach/PitneyBowes) - [ ] [Aman - 215,563 breached accounts](https://haveibeenpwned.com/Breach/Aman) - [ ] [ZenBusiness - 5,118,184 breached accounts](https://haveibeenpwned.com/Breach/ZenBusiness) - [ ] [Marcus & Millichap - 1,837,078 breached accounts](https://haveibeenpwned.com/Breach/MarcusMillichap) - [ ] [Reborn Gaming - 126 breached accounts](https://haveibeenpwned.com/Breach/RebornGaming) - [ ] [Vimeo - 119,167 breached accounts](https://haveibeenpwned.com/Breach/Vimeo) - [ ] [LegionProxy - 10,144 breached accounts](https://haveibeenpwned.com/Breach/LegionProxy) - [ ] [Woflow - 447,593 breached accounts](https://haveibeenpwned.com/Breach/Woflow) - [ ] [Zara - 197,376 breached accounts](https://haveibeenpwned.com/Breach/Zara) - [ ] [Cushman & Wakefield - 310,431 breached accounts](https://haveibeenpwned.com/Breach/CushmanWakefield) - [ ] [Canada Life - 237,810 breached accounts](https://haveibeenpwned.com/Breach/CanadaLife) - [ ] [Abrigo - 711,099 breached accounts](https://haveibeenpwned.com/Breach/Abrigo) - [ ] [18-year-old NGINX vulnerability allows DoS, potential RCE](https://www.bleepingcomputer.com/news/security/18-year-old-nginx-vulnerability-allows-dos-potential-rce/) - [ ] [Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026](https://www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/) - [ ] [OpenAI confirms security breach in TanStack supply chain attack](https://www.bleepingcomputer.com/news/security/openai-confirms-security-breach-in-tanstack-supply-chain-attack/) - [ ] [Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks](https://www.bleepingcomputer.com/news/security/cisco-warns-of-new-critical-sd-wan-flaw-exploited-in-zero-day-attacks/) - [ ] [Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin](https://www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-flaw-in-burst-statistics-wordpress-plugin/) - [ ] [TeamPCP hackers advertise Mistral AI code repos for sale](https://www.bleepingcomputer.com/news/security/teampcp-hackers-advertise-mistral-ai-code-repos-for-sale/) - [ ] [Microsoft warns of Exchange zero-day flaw exploited in attacks](https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-of-exchange-zero-day-flaw-exploited-in-attacks/) - [ ] [Microsoft to automatically roll back faulty Windows drivers](https://www.bleepingcomputer.com/news/microsoft/microsoft-to-automatically-roll-back-faulty-windows-drivers/) - LastKnight.com Feed - [ ] [Il Monet che non era un Monet, il branco, la rabbia e l’epistemia](https://mgpf.it/2026/05/16/il-monet-che-non-era-un-monet.html) - Schneier on Security - [ ] [Friday Squid Blogging: Bigfin Squid](https://www.schneier.com/blog/archives/2026/05/friday-squid-blogging-bigfin-squid.html) - LockBoxx - [ ] [The New York Times Watched Us Run Cyber Ops for Two Days](http://blog.lockboxx.org/2026/05/the-new-york-times-watched-us-run-cyber.html) - 安全产品人的赛博空间 - [ ] [做了两个 Claude Code 插件,把一些重复劳动省了](https://mp.weixin.qq.com/s?__biz=Mzg5NTUzODkxMw==&mid=2247484420&idx=1&sn=bf9db144a80e7a1237fe3424bae40a1d) - The Hacker News - [ ] [Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming](https://thehackernews.com/2026/05/funnel-builder-flaw-under-active.html) - Security Affairs - [ ] [U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/192240/hacking/u-s-cisa-adds-a-flaw-in-microsoft-exchange-server-to-its-known-exploited-vulnerabilities-catalog.html) - [ ] [Russian APT Turla builds long-term access tool with Kazuar Botnet evolution](https://securityaffairs.com/192231/apt/russian-apt-turla-builds-long-term-access-tool-with-kazuar-botnet-evolution.html) - [ ] [OpenAI hit by supply chain attack linked to malicious TanStack packages](https://securityaffairs.com/192222/hacking/openai-hit-by-supply-chain-attack-linked-to-malicious-tanstack-packages.html)
每日安全资讯(2026-05-17)