# 每日安全资讯(2026-04-03) - Private Feed for M09Ic - [ ] [xpn starred gsd-build/get-shit-done](https://github.com/gsd-build/get-shit-done) - [ ] [anthropics released v2.1.91 at anthropics/claude-code](https://github.com/anthropics/claude-code/releases/tag/v2.1.91) - [ ] [github released v0.5.0 at github/spec-kit](https://github.com/github/spec-kit/releases/tag/v0.5.0) - [ ] [bolucat released 202604022104 at bolucat/Archive](https://github.com/bolucat/Archive/releases/tag/202604022104) - [ ] [github released v0.4.5 at github/spec-kit](https://github.com/github/spec-kit/releases/tag/v0.4.5) - [ ] [ZeddYu starred motiful/cc-gateway](https://github.com/motiful/cc-gateway) - [ ] [CHYbeta starred gadievron/raptor](https://github.com/gadievron/raptor) - [ ] [Rvn0xsy starred bytedance/deer-flow](https://github.com/bytedance/deer-flow) - [ ] [zema1 starred HKUDS/OpenHarness](https://github.com/HKUDS/OpenHarness) - [ ] [Ridter forked Ridter/claude-code_evil from Ta0ing/claude-code_evil](https://github.com/Ridter/claude-code_evil) - [ ] [Ridter starred Ta0ing/claude-code_evil](https://github.com/Ta0ing/claude-code_evil) - [ ] [Mel0day starred openai/codex-plugin-cc](https://github.com/openai/codex-plugin-cc) - [ ] [PrefectHQ released 3.6.25.dev6 at PrefectHQ/prefect](https://github.com/PrefectHQ/prefect/releases/tag/3.6.25.dev6) - Doonsec's feed - [ ] [【工具】CIA世界概况](https://mp.weixin.qq.com/s/VeP5Ey4VZ8JpDpsXByIDtA) - [ ] [cnmaps 版本更新:支持全球地图边界,内置 AI Skill](https://mp.weixin.qq.com/s/F7g4aMvxmlJoUzcXk-gM_A) - [ ] [OSCP百日备考03|Windows基础全拆解!AD域渗透+提权核心,考场90%的坑都在这](https://mp.weixin.qq.com/s/1D3df-ILs_Z-cMTihz-ATA) - [ ] [梯形比例模型](https://mp.weixin.qq.com/s/PmbBeH1PPdgkC5BYGiyjcA) - [ ] [[ 权限过载 ]基础设施紧急恢复百分之45](https://mp.weixin.qq.com/s/9ZV4p7x3rEBAngt9G7OU2Q) - [ ] [韩国人用Python重写Claude Code!一夜爆火10万星](https://mp.weixin.qq.com/s/2ZEfcTq4IUsWVW48hJ7L5Q) - [ ] [董宇辉伤了丈母娘的心](https://mp.weixin.qq.com/s/TIYRLfehAqDS6VKcnVMGZw) - [ ] [JSSS-Find V10 重磅升级|能力全面进化](https://mp.weixin.qq.com/s/RoURs6GkC7R52gv2rhOfeA) - [ ] [从PC到智能体:网络安全范式演进与未来判断](https://mp.weixin.qq.com/s/D6nYh4Ct3l3JDTs4Mw17kQ) - [ ] [无线开源情报工具 WireTapper](https://mp.weixin.qq.com/s/WVjxChB4YsC498DJUOBtgA) - [ ] [【红队必备】:渗透综合性安全检测工具无影](https://mp.weixin.qq.com/s/9Gjv3yXl3_xybhkZsnZmpA) - [ ] [某法院三级等保拓扑](https://mp.weixin.qq.com/s/2H_LKEa102NblWwMSk8UIQ) - [ ] [论文研读与思考|AdvTG 一种用于欺骗的对抗性流量生成框架](https://mp.weixin.qq.com/s/GSvwCZrMMO5-LeMIZY-xaA) - [ ] [OSINT:使用 Overpass Turbo 查找监控摄像头](https://mp.weixin.qq.com/s/7mOyIgF_1Fo0mI-QX_GTeQ) - [ ] [安全订阅制,为什么国内安全公司就是做不起来?](https://mp.weixin.qq.com/s/KWE20iTrrXSNUxvYFFWLRg) - [ ] [短信验证码防泄漏安全机制逆向分析](https://mp.weixin.qq.com/s/4pkcIsXh9AS09-3iSlELyA) - [ ] [MAJIC框架!90%+ 黑盒大模型越狱](https://mp.weixin.qq.com/s/dSblbhONCLxrPETHadDc6Q) - [ ] [【AI安全】MAJIC框架!90%+ 黑盒大模型越狱](https://mp.weixin.qq.com/s/q-kb0MfjlqCQVTBgsWqmiw) - [ ] [智能分流:Hx0鹰眼让Burp只抓你想抓的](https://mp.weixin.qq.com/s/P3TrGKCsLt_optRbtIwEUg) - [ ] [HackMyVm靶场之Flute](https://mp.weixin.qq.com/s/PY9ElttCgcgkZY4OpgKHwg) - [ ] [AntiDebug + 脚本实现自动测试Vue路由未授权](https://mp.weixin.qq.com/s/58OgKGQ6cYsqKetybJr82g) - [ ] [同事.skill 前任.skill 自己.skill](https://mp.weixin.qq.com/s/dQAKVOG1TLmQeB_UiVYP0Q) - [ ] [HackingTool——渗透测试工具箱集成185+ 款安全工具](https://mp.weixin.qq.com/s/RXN1jmNqE2f87HG56MGM_Q) - [ ] [运维人的4个薪资等级,你在哪一级?](https://mp.weixin.qq.com/s/TFrKeQDIP6YcsdkDaO0DjA) - [ ] [几个很夯的安全Skills](https://mp.weixin.qq.com/s/VB4QH6YdYP7cJhiRc7DMOA) - [ ] [SRC 实战技巧指南](https://mp.weixin.qq.com/s/dMfhyFnwnLbJSbsFxJvGkQ) - [ ] [ctftools-all-in-one AI](https://mp.weixin.qq.com/s/bFSP6F9lRCHod0y-Q_dY-g) - [ ] [中央网信办、工业和信息化部、公安部关于开展2026年个人信息保护系列专项行动的公告](https://mp.weixin.qq.com/s/oCc3sYXLnZheUNSiKFCTvQ) - [ ] [免杀skill(装机即用)](https://mp.weixin.qq.com/s/g3J5e0pnMVt3Y76QjrXHaA) - [ ] [第三届“长城杯”网数智安全大赛(防护赛)总决赛开赛通知](https://mp.weixin.qq.com/s/onqJ0iEj0qMPGOm8_T37uA) - [ ] [Rapid7深度分析:2025年暗网初始访问代理市场趋势、定价与论坛格局](https://mp.weixin.qq.com/s/bbhiQtMrkt8gkpPeOnlAiw) - [ ] [G.O.S.S.I.P 阅读推荐 2026-04-02 Thought is All You Need](https://mp.weixin.qq.com/s/rXANZUVT9xibpeUeJ3vFqA) - [ ] [快手广告系统全面迈入生成式推荐时代!GR4AD:从Token到Revenue的全链路重构](https://mp.weixin.qq.com/s/tOvzW_fAecVyAquxQoN4Nw) - [ ] [2026polarisctf-Broken Trust(SQLite注入 任意文件读取)](https://mp.weixin.qq.com/s/APPE6GbW9FPGrI_GskThZQ) - [ ] [三部委重磅开展个人信息保护专项行动!盛邦安全独家方案助力企业全面合规](https://mp.weixin.qq.com/s/fJy3sMvncSsWBEEBQE69_A) - [ ] [关于CTF_agent的开发心得](https://mp.weixin.qq.com/s/yXWDMk7DhiQ8XiYMLs1p_g) - [ ] [美团发布原生多模态 LongCat-Next:当视觉和语音成为AI的母语](https://mp.weixin.qq.com/s/NJZPb9mseXLXJMEzct5fUQ) - [ ] [LongCat-Flash-Prover:AI 攻克数学定理证明,不仅要“算得对”,更要“证得严”](https://mp.weixin.qq.com/s/hZUVVkUW0n8_KVV3924ifw) - [ ] [Qwen 3.6悄悄涨价2.5倍,阿里终于不装了?](https://mp.weixin.qq.com/s/h3wG0HAl7YWeA-EwS4g4aQ) - [ ] [第三届“长城杯”网数智安全大赛(防护赛)总决赛开赛通知](https://mp.weixin.qq.com/s/u-10Xp2XGv_Kqkjg3jzmcg) - [ ] [Claude Code 30分钟挖出Vim用了三十年的0Day,收到陌生文件先别急着打开](https://mp.weixin.qq.com/s/ho2ScK7cCBbPWGEAyhZmeQ) - [ ] [4月2日,一台核电机组发生非计划停堆,机组处于安全状态,三道安全屏障功能正常,无放射性物质对外释放](https://mp.weixin.qq.com/s/Lu2IUWwBkGCit82X2GGkQw) - [ ] [MCP也过时了?CLI 才是 AI Agent 的终极进化方向?](https://mp.weixin.qq.com/s/ML94qzZYRhTdwK9IHRiAqw) - [ ] [赛门铁克DLP代理漏洞允许攻击者提升权限](https://mp.weixin.qq.com/s/KIdRHmMcRrOMjBs4-_V6mQ) - [ ] [Cisco IMC 存在严重漏洞,攻击者可绕过身份验证](https://mp.weixin.qq.com/s/jjN4GtZjaxNhqnIf9f6WTg) - [ ] [交行已部署2500+AI智能体助手,将探索数字委员、数字专家应用](https://mp.weixin.qq.com/s/LhVV8oVEEvp5VEWdRl28PQ) - [ ] [AI快讯:Visa推6款AI工具改善信用卡争议处理,蚂蚁数科“专业虾”DTClaw开启内测](https://mp.weixin.qq.com/s/rghblktzf0a6sLx2VgiYyA) - [ ] [345万!贵州农商联合银行人工智能算力服务器采购项目](https://mp.weixin.qq.com/s/2jje5DSD8sekq8AK-rlTOw) - [ ] [告诉你一个最稳的挣钱方法,每天200元的收入,让我乐此不疲!(内附详细教程)](https://mp.weixin.qq.com/s/0L5XNpp9KiMCTFWmPXUMGQ) - [ ] [【供应链风险综合预警】Axios 与 LiteLLM 官方包遭严重劫持与投毒](https://mp.weixin.qq.com/s/t1c3gZVClGGgOapCZpymtQ) - [ ] [首家安全厂商!奇安信龙虾安全伴侣通过中国信通院OpenClaw类智能体安全防护产品能力评测](https://mp.weixin.qq.com/s/eWXRCwU4z46VIbuR_uolVg) - [ ] [聚焦 “十五五” 护航现代化产业体系安全建设 德胜门大讲堂火热报名](https://mp.weixin.qq.com/s/8ewpxIwIlwqWe9Zbo4SspA) - [ ] [中国互联网协会新标准即将落地,安全护栏已成刚需:大模型网关如何让政企安心用AI?](https://mp.weixin.qq.com/s/bmhpBnbadnUyWNbS73qZYg) - [ ] [Handala黑客组织声称攻陷以色列国防承包商PSK WIND公司网络](https://mp.weixin.qq.com/s/hp_hCFKiP7O-aSsX_dQQXg) - [ ] [[漏洞播报]你的电脑主板也在变的不安全,技嘉控制中心曝9.2分高危漏洞](https://mp.weixin.qq.com/s/7xvF8PsPGCEZMRPm4W8V-Q) - [ ] [记某edusrc从小程序xss到web未授权再到任意用户登录简单挖掘](https://mp.weixin.qq.com/s/XxTPtZbnEh8FTvyf-Jq9Zw) - [ ] [黑客和网警相比到底谁更厉害?](https://mp.weixin.qq.com/s/EyKrvG_p6RumSZoUrl2CdA) - [ ] [AI Native | 为什么老代码喂不动AI:代码仓库AI适配的关键改造路径](https://mp.weixin.qq.com/s/OqBIWUiFYoeBbQdO6mtexw) - [ ] [2026 年多部门深化 App 及重点领域个人信息违规收集问题专项治理](https://mp.weixin.qq.com/s/J_w-X18IZ6j1joyVxnn7Sw) - [ ] [现在学黑客技术,多久能学会?这才是真相!](https://mp.weixin.qq.com/s/S4H85UmOJvO5cppMTailEw) - [ ] [Vertex AI 漏洞暴露谷歌云数据和非公开制品](https://mp.weixin.qq.com/s/IbQPtCrjUILRzl88R0KjGg) - [ ] [libpng 官方参考库中的这两个严重漏洞已存在30年之久](https://mp.weixin.qq.com/s/4fycSuE1mqanf8MFqWlrEQ) - [ ] [每日安全动态推送(26/4/2)](https://mp.weixin.qq.com/s/grS-KOq--jix1QG2YSoayg) - [ ] [Chrome 0Day漏洞遭野外利用,谷歌紧急更新修复21项高危漏洞](https://mp.weixin.qq.com/s/srC7Md79V2wmLMBg4Dj4CA) - [ ] [Telegram零日漏洞可零点击接管设备,官方否认存在](https://mp.weixin.qq.com/s/_7UCIkcTUwXKUMKfXUSq5Q) - [ ] [AI Agent狂飙突进,数据安全断层成企业生死线](https://mp.weixin.qq.com/s/CkNQIBedz0Ey1Njzs1luaw) - [ ] [Nginx-UI备份漏洞可篡改加密配置,攻击者能注入恶意代码完全控制系统](https://mp.weixin.qq.com/s/7pfSd1RZkB6ZEpchDnCgPg) - [ ] [请升级:技嘉控制中心曝 9.2 分高危漏洞,黑客可远程接管电脑](https://mp.weixin.qq.com/s/DvqG__lhTNz8YWouGAwNUw) - [ ] [够你龙虾用半年了~ 白嫖【9000万】 Tokens !](https://mp.weixin.qq.com/s/1nLzgL9wRsJHTyVrv8_yUw) - [ ] [白嫖【1000】个专业Skills 每一个都是你的员工](https://mp.weixin.qq.com/s/fsBqu5SimNiRZGn523nvXQ) - [ ] [白嫖【15】个黑客专用AI工具 是个人都能玩会!](https://mp.weixin.qq.com/s/G2O6NX6wWEXU5n0kNVWr2Q) - [ ] [白嫖【10】款神级小工具,只要整不死 就往死里整](https://mp.weixin.qq.com/s/6JUE7WCuS2BKGaTS2ONUfA) - [ ] [白嫖【1500G】全网最全AI安全 黑客技术 1500G免费送!](https://mp.weixin.qq.com/s/Gm17A0Hn7ouYpGlPvR_8BQ) - [ ] [白嫖 各大影视平台会员 安卓可用](https://mp.weixin.qq.com/s/_Kh9QKgraFp_Tm6Tvay1Iw) - [ ] [涉*卜快跑文章撤稿声明](https://mp.weixin.qq.com/s/RV_65Rr_rjRncOUszGH4VQ) - [ ] [三部门发布2026年个人信息保护专项行动公告](https://mp.weixin.qq.com/s/dCM6Z1hldPXrdbX9_opsrw) - [ ] [EtherRAT 和 SYS_INFO 模块:以太坊上的 C2(EtherHiding)、目标选择、类似 CDN 的信标](https://mp.weixin.qq.com/s/hoFKXn_woInHHzUiQJemNw) - [ ] [信息安全——Secure Hardware Extensions (SHE) 之 数据存储](https://mp.weixin.qq.com/s/gz3Rm-AydN0hjOt7ZYaZog) - [ ] [CAN总线错误帧分析方法](https://mp.weixin.qq.com/s/hn8tvNT-i6KWeFUK4mMO_Q) - [ ] [专题 • 特别策划|全球人工智能治理:多元主体结构与互动机制](https://mp.weixin.qq.com/s/SxG8R80V5iz2EgvJIq3MXw) - [ ] [马民虎 黄道丽:AI智能体专门立法与现行法如何互补融合](https://mp.weixin.qq.com/s/zR--hOX0yivTWZClcjhmXg) - [ ] [勾结男团司机售卖艺人隐私,3人被采取刑事强制措施](https://mp.weixin.qq.com/s/tT-4tp0JLTe9E8hdLOgLFw) - [ ] [【高危漏洞预警】Vim代码执行漏洞CVE-2026-34982](https://mp.weixin.qq.com/s/gPB798-neMvv-AsO21JiIg) - [ ] [从无差别攻击到APT定向攻击:Apifox供应链投毒攻击链路完整剖析](https://mp.weixin.qq.com/s/JMusfk2N9XyMA-iJoEetLg) - [ ] [Vim 高危 RCE 漏洞预警:打开文件即执行任意命令(CVE-2026-34714)](https://mp.weixin.qq.com/s/7yWR6bqfoaM-gZs1fyCjAQ) - [ ] [FLUX-Web安全扫描工具v5.4 更新~](https://mp.weixin.qq.com/s/zRcjNCgt48JSAYKuTg5fyg) - [ ] [无缝适配国产OSxa0火绒安全再获兼容认证](https://mp.weixin.qq.com/s/tO1iBJaCG5U6RGycmg-PWQ) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s/reJniA4Xtw8tdi6rKihszA) - [ ] [技术拉满,荣誉加冕!顺丰SRC白帽技术沙龙 + 年度颁奖高能回顾](https://mp.weixin.qq.com/s/ZkMi7lcg_E98BIbsMdZabw) - [ ] [工业互联网标识解析体系助力物联网产业创新发展](https://mp.weixin.qq.com/s/-wcCCKagrRZHf5Gygg1eeA) - [ ] [海南世纪网安 “清明节” 放假及值守安排](https://mp.weixin.qq.com/s/ZNngyWxskfrCczVY_GfhAQ) - [ ] [ai小龙虾自动挖洞获取赏金](https://mp.weixin.qq.com/s/-43agoC4tiu-juQpv96Qww) - [ ] [今晚开始,查询XVI扩展漏洞情报免费了](https://mp.weixin.qq.com/s/RJRB2yeUHy3A2jfPCKjZZw) - [ ] [猎影渗透测试平台 - 公开测试上线-重点说清楚:这是测试版。](https://mp.weixin.qq.com/s/21QaeKdBnFe8U237e3GBag) - [ ] [武汉大学何德彪教授课题组两篇论文被PKC接收!](https://mp.weixin.qq.com/s/wflpIb5wn4LYJjLaD6z3qg) - [ ] [干货 | 携程 JDK25 升级踩坑记:一场由 G1GC “偷走”对象引发的数据静默损坏](https://mp.weixin.qq.com/s/V40usdvE3y9kVdkKM6MZ3g) - Recent Commits to cve:main - [ ] [Update Thu Apr 2 11:14:16 UTC 2026](https://github.com/trickest/cve/commit/c225c6827d199215abc5eebe9e048f616e3325d2) - SecWiki News - [ ] [SecWiki News 2026-04-02 Review](http://www.sec-wiki.com/?2026-04-02) - Microsoft Security Blog - [ ] [Threat actor abuse of AI accelerates from tool to cyberattack surface](https://www.microsoft.com/en-us/security/blog/2026/04/02/threat-actor-abuse-of-ai-accelerates-from-tool-to-cyberattack-surface/) - [ ] [Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments](https://www.microsoft.com/en-us/security/blog/2026/04/02/cookie-controlled-php-webshells-tradecraft-linux-hosting-environments/) - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com - [ ] [一大波危险的“龙虾”来袭,绿盟君助您安全养虾](https://www.4hou.com/posts/Arj9) - [ ] [OpenClaw近期生态安全事件解读:从RCE漏洞到Skill供应链投毒分析](https://www.4hou.com/posts/zAVq) - [ ] [爆火背后:OpenClaw 开源AI智能体应用攻击面与安全风险系统剖析](https://www.4hou.com/posts/yzQ6) - [ ] [代码钟馗启动AI漏洞雷达,OpenClaw隐秘漏洞浮出水面](https://www.4hou.com/posts/vwK8) - [ ] [嘶吼安全动态|国家市场监管总局推动网络食品安全“协同共治”,AI算法参与合规审核 加密平台Drift发生重大安全事故](https://www.4hou.com/posts/xyOl) - obaby 𝐢𝐧⃝ void - [ ] [下载微信公众号的视频](https://zhongxiaojie.cn/2026/04/778/) - 先知安全技术社区 - [ ] [2026 CISCN&长城杯半决赛 AWDP-PWN](https://xz.aliyun.com/news/91900) - Corelan | Exploit Development & Vulnerability Research - [ ] [Exploit Writing Tutorial Part 1 - The Video](https://www.corelan.be/index.php/2026/04/02/exploit-writing-tutorial-part-1-the-video/) - Google Online Security Blog - [ ] [Google Workspace’s continuous approach to mitigating indirect prompt injections](http://security.googleblog.com/2026/04/google-workspaces-continuous-approach.html) - Cerbero Blog - [ ] [PowerShell Beautifier 4.0 Package](https://blog.cerbero.io/powershell-beautifier-4-0-package/) - Didier Stevens - [ ] [Overview of Content Published in March](https://blog.didierstevens.com/2026/04/02/overview-of-content-published-in-march-11/) - Inside Stormshield - [ ] [Tech Talk : premier partenariat avec Epitech Lille](https://stories.stormshield.com/tech-talk-premier-partenariat-avec-epitech-lille/) - Bug Bounty in InfoSec Write-ups on Medium - [ ] [Beyond Recon: Using AI for Real Exploitation in Pentesting](https://infosecwriteups.com/beyond-recon-using-ai-for-real-exploitation-in-pentesting-2791416e4ebd?source=rss----7b722bfd1b8d--bug_bounty) - [ ] [“Bug Bounty Bootcamp #29: Boolean Blind SQL Injection Part 2 — Extracting Usernames and Passwords…](https://infosecwriteups.com/bug-bounty-bootcamp-29-boolean-blind-sql-injection-part-2-extracting-usernames-and-passwords-13447abeb6d6?source=rss----7b722bfd1b8d--bug_bounty) - [ ] [️♂️ The Complete Beginner’s Guide to Bug Bounty Reconnaissance: Live Hunting on PayPal](https://infosecwriteups.com/%EF%B8%8F-%EF%B8%8F-the-complete-beginners-guide-to-bug-bounty-reconnaissance-live-hunting-on-paypal-ddb2b0abecd3?source=rss----7b722bfd1b8d--bug_bounty) - Reverse Engineering - [ ] [How to build .NET obfuscator - Part I](https://www.reddit.com/r/ReverseEngineering/comments/1sarqiu/how_to_build_net_obfuscator_part_i/) - [ ] [Reverse engineering workshop in arabic](https://www.reddit.com/r/ReverseEngineering/comments/1sax0yw/reverse_engineering_workshop_in_arabic/) - [ ] [Tried to buy a pint, Finding a Trojan: My First Malware Analysis](https://www.reddit.com/r/ReverseEngineering/comments/1sahzib/tried_to_buy_a_pint_finding_a_trojan_my_first/) - Malwarebytes - [ ] [Apple expands “DarkSword” patches to iOS 18.7.7](https://www.malwarebytes.com/blog/news/2026/04/apple-expands-darksword-patches-to-ios-18-7-7) - [ ] [Malwarebytes Privacy VPN receives full third-party audit](https://www.malwarebytes.com/blog/product/2026/04/vpnsoftwareaudit) - SentinelOne - [ ] [Securing the Supply Chain: How SentinelOne®’s AI EDR Stops the Axios Attack Autonomously](https://www.sentinelone.com/blog/securing-the-supply-chain-how-sentinelones-ai-edr-stops-the-axios-attack-autonomously/) - [ ] [The Identity Paradox: The Hidden Risks in Your Valid Credentials](https://www.sentinelone.com/blog/the-identity-paradox-the-hidden-risks-in-your-valid-credentials/) - Offensive OSINT - [ ] [Offensive OSINT s06e01 - How not to trade with Openclaw](https://www.offensiveosint.io/offensive-osint-s06e01-how-not-to-trade-with-openclaw/) - 奇客Solidot–传递最新科技情报 - [ ] [亚马逊洽谈收购 Globalstar 以挑战 Starlink](https://www.solidot.org/story?sid=83949) - [ ] [实验室手套可能会释放塑料颗粒影响测量结果](https://www.solidot.org/story?sid=83948) - [ ] [Anthropic 以版权侵犯为由要求删除上万份 Claude Code 源代码副本](https://www.solidot.org/story?sid=83947) - [ ] [SpaceX 申请 IPO](https://www.solidot.org/story?sid=83946) - [ ] [比特币的签名算法比预计的更容易破解](https://www.solidot.org/story?sid=83945) - [ ] [USPTO 驳回去年授予任天堂的召唤物战斗专利](https://www.solidot.org/story?sid=83944) - [ ] [The Document Foundation 取消 Collabora 员工的会员资格](https://www.solidot.org/story?sid=83943) - [ ] [苹果下架了多款 Vibe Coding 应用](https://www.solidot.org/story?sid=83942) - [ ] [儿童死亡率过去三十年大幅下降,但仍然未达到目标](https://www.solidot.org/story?sid=83941) - [ ] [Steam 用户中使用 Linux 比例达到 5.33%](https://www.solidot.org/story?sid=83940) - [ ] [NASA 执行 Artemis II 载人绕月任务](https://www.solidot.org/story?sid=83939) - 绿盟科技技术博客 - [ ] [绿盟科技+曙光云:聚焦“可信安全服务+资产管控”,互补赋能政企数字化安全](https://blog.nsfocus.net/%e7%bb%bf%e7%9b%9f%e7%a7%91%e6%8a%80%e6%9b%99%e5%85%89%e4%ba%91%ef%bc%9a%e8%81%9a%e7%84%a6%e5%8f%af%e4%bf%a1%e5%ae%89%e5%85%a8%e6%9c%8d%e5%8a%a1%e8%b5%84%e4%ba%a7%e7%ae%a1%e6%8e%a7/) - [ ] [“政策解码·赋能共赢”沙龙(第一期)聚力创新·AI赋未来在京举行](https://blog.nsfocus.net/%e6%94%bf%e7%ad%96%e8%a7%a3%e7%a0%81%c2%b7%e8%b5%8b%e8%83%bd%e5%85%b1%e8%b5%a2%e6%b2%99%e9%be%99%ef%bc%88%e7%ac%ac%e4%b8%80%e6%9c%9f%ef%bc%89%e8%81%9a%e5%8a%9b%e5%88%9b%e6%96%b0/) - 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台 - [ ] [英伟达H100租赁费用近半年飙升近40%](https://blog.upx8.com/%E8%8B%B1%E4%BC%9F%E8%BE%BEH100%E7%A7%9F%E8%B5%81%E8%B4%B9%E7%94%A8%E8%BF%91%E5%8D%8A%E5%B9%B4%E9%A3%99%E5%8D%87%E8%BF%9140) - 腾讯玄武实验室 - [ ] [每日安全动态推送(26/4/2)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651960416&idx=1&sn=8e5f2fdb8985cd0de8dd4d8552ab4b22) - 黑鸟 - [ ] [无线开源情报工具 WireTapper](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451186146&idx=1&sn=62afe99959588ea3ccee9b298b59b1af) - 奇安信 CERT - [ ] [今日(2026年4月2日)OpenClaw 最新安全动态总结](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247504958&idx=1&sn=d0c44ae0f1856b40612415b4df032e00) - 安全分析与研究 - [ ] [ETW与AMSI对抗——致盲EDR的关键技术](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247496628&idx=1&sn=dc58c1ca254f6f7e484fdd6be815367b) - 威努特安全网络 - [ ] [威努特应用交付系统:筑牢算力调度枢纽](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651141182&idx=1&sn=4b608bc6ad93d9dafdf46d1ac9b66443) - 代码卫士 - [ ] [Vertex AI 漏洞暴露谷歌云数据和非公开制品](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247525630&idx=1&sn=c92b1cfa77120afb058a49b0490a079b) - [ ] [libpng 官方参考库中的这两个严重漏洞已存在30年之久](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247525630&idx=2&sn=5b4bcf1e200cad3b1abc1fb6e2e578d6) - 看雪学苑 - [ ] [开源x86-64CPU仿真库Cpueaxh:终结基于回调与HOOK的检测对决](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458612967&idx=1&sn=742d0e4b098d793b6a9a68a288e21b0b) - [ ] [今晚21:00开播!Y700三代免解锁BL内核刷机三绿方案](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458612967&idx=2&sn=8c8f11bc195916986a73b3f8ceddc9c6) - [ ] [超100个假域名、潜伏两年多:黑客在电商结账页面偷换支付窗口,盗刷银行卡](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458612967&idx=3&sn=b58fc21d0e538544e7fc532dc740cf76) - 安全内参 - [ ] [知名医疗软件厂商被黑,海量患者数据遭非法访问超8小时](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515759&idx=1&sn=2cf165def6aadee6b75a586f834f1979) - [ ] [美国防部网络防御司令部明确美军网络防御四大转型方向](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515759&idx=2&sn=16e3491dbffd8b353d4ebc2444b1a6c3) - 绿盟科技研究通讯 - [ ] [可信数据空间(八)可信数据空间与大模型](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247499743&idx=1&sn=9960419df31327a6da7771532963a6b5) - 先进攻防 - [ ] [深度剖析大模型驱动的开源软件供应链安全审计系统](https://mp.weixin.qq.com/s?__biz=MzI1MDA1MjcxMw==&mid=2649908885&idx=1&sn=b1b9205861365df29ba7153992a748fb) - 安全研究GoSSIP - [ ] [G.O.S.S.I.P 阅读推荐 2026-04-02 Thought is All You Need](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247501543&idx=1&sn=0b80a708dd73926a889ca1c68b083b83) - 情报小蜜蜂 - [ ] [一文看懂中国石油家底与真正风险](https://mp.weixin.qq.com/s?__biz=MzU0NjY5ODQ3Mw==&mid=2247485960&idx=1&sn=42e5c00536a8143b668717dc170e311d) - 安全学术圈 - [ ] [康考迪亚大学 | OCR-APT:基于子图异常检测与大语言模型的审计日志APT攻击事件重构](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247495175&idx=1&sn=bb079ef94385e793ef1adfcde60c5539) - 信息安全国家工程研究中心 - [ ] [等保标准 | 数据安全系列公安行标解析(三)](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247503374&idx=1&sn=4e73d371bd935ab69b6303a5a6a96138) - 中国信息安全 - [ ] [专题·具身智能安全 | 以“共享智造”构建具身智能产业生态安全体系,推动可靠规模化落地](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260968&idx=1&sn=66747a3d0d38f2b7b87b5d6854155c28) - [ ] [公告 | 三部门联合开展2026年个人信息保护系列专项行动](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260968&idx=2&sn=0bb77ff87125236399cdf25e35ad5f3b) - [ ] [国安部提示:警惕智能穿戴设备泄露国家机密](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260968&idx=3&sn=570dffa41eebe96e09fe10dc864fe525) - [ ] [专家解读 | 数据委托处理的产权配置 “有约定按约定、无约定归委托方”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260968&idx=4&sn=501a396a61c07b210367e8ac76411857) - [ ] [评论 | 为低空产业系好“安全带”](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664260968&idx=5&sn=e5e6570573554934a6b3ab97f42f3c7b) - 微步在线 - [ ] [高萌预警!“银狐”的疯狂星期四是咋过的?](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650185814&idx=1&sn=073eb981d5223178331a107c6e5d3016) - 天黑说嘿话 - [ ] [让AI帮你挖洞,用MCP让Burp Suite更聪明](https://mp.weixin.qq.com/s?__biz=MzI5NTQ5MTAzMA==&mid=2247486034&idx=1&sn=3fd6470af16e6865194698f7c2b92ecf) - 安全圈 - [ ] [【安全圈】“王者荣耀崩了”上热搜,官方回应](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075308&idx=1&sn=f99656bddf3a82d1e7b05dd4f50a1166) - [ ] [【安全圈】智能手表引发的泄露事件,军事机密泄露](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075308&idx=2&sn=f3467501e28478e34cc56f4019091763) - [ ] [【安全圈】俄罗斯联邦关键基础设施集中控制计划泄露](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075308&idx=3&sn=428458064ef06d22587384bcd4fe82cc) - 网络空间安全科学学报 - [ ] [关于召开2026网络空间安全学术大会的通知](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247507336&idx=1&sn=0ac7488ec32679476321c9386cd42dc1) - [ ] [中国电子学会关于征集“2026网络空间安全学术大会”产学研创新成果墙报的通知](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247507336&idx=2&sn=d4545f2e0f6f94b6ea622a02a2a693c8) - 默安科技 - [ ] [【供应链风险综合预警】Axios 与 LiteLLM 官方包遭严重劫持与投毒](https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247501810&idx=1&sn=2e24afcaf6059c37f7bb4da2570e1669) - 极客公园 - [ ] [一年砸下 634 亿搞研发,比亚迪财报里藏着怎样的战略决心?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653102675&idx=1&sn=af730b73365078f01eabaee76cfe79cf) - [ ] [日均 120 万亿 Token,火山引擎两年前的赌注开始兑现](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653102659&idx=1&sn=f877e83f2320d42596aa90d2f64af69f) - [ ] [从知识库到 Agent 原生 OS,汪源想为 Agent 造一个操作系统](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653102659&idx=2&sn=438399891c433ccb167caebf77ef5302) - [ ] [甲骨文全球裁员 3 万人,多为 AI 可替代职位;雷军将在今晚直播拆车;OpenAI 股票被曝转售市场滞销 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653102606&idx=1&sn=c05e3c49834e8f7f2e21107dd3446dbe) - 字节跳动安全中心 - [ ] [顶配赏金|抖音电商反爬专测上线!新增众包情报收录!](https://mp.weixin.qq.com/s?__biz=MzUzMzcyMDYzMw==&mid=2247496121&idx=1&sn=4de6b4f70fadb243927656c92d9b3aae) - 嘶吼专业版 - [ ] [代码钟馗启动AI漏洞雷达,OpenClaw隐秘漏洞浮出水面](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247587521&idx=1&sn=14494dcb432adab394c111df7172d184) - [ ] [嘶吼安全动态|国家市场监管总局推动网络食品安全“协同共治”,AI算法参与合规审核 加密平台Drift发生重大安全事故](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247587521&idx=2&sn=87fd8e2092baf0946c6bc8e0a5666a49) - 数世咨询 - [ ] [日本将从2026年10月1日起允许“进攻性网络行动”](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247542449&idx=1&sn=eb5c4bd21d7c2f946f52ca3f62241504) - 补天平台 - [ ] [欢迎「追觅科技」入驻补天专属SRC!](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247510625&idx=1&sn=6ed5d15e5f22aa66fd8cc776f692af01) - 火绒安全 - [ ] [无缝适配国产OS 火绒安全再获兼容认证](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247531862&idx=1&sn=81a2bcac53c40c73c1b2315294ff7d80) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247531862&idx=2&sn=4f41d356b4ca1454ca2431c4a27eea48) - 慢雾科技 - [ ] [慢雾:如何评估加密反洗钱工具的有效性](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247504616&idx=1&sn=95677483334baedb3127bdc0911fa2f8) - 斗象智能安全 - [ ] [今晚开始,查询XVI扩展漏洞情报免费了](https://mp.weixin.qq.com/s?__biz=MzIwMjcyNzA5Mw==&mid=2247495359&idx=1&sn=3b8689b390d9732455daa904ba659532) - 情报分析师 - [ ] [一场军演里,到底能看出什么门道?别只看新闻里的导弹起飞,真正有价值的是地图上那个位置](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650567414&idx=1&sn=f2f037d3e95ecd3a5f5e8c346f5e10e2) - [ ] [日本自卫队员冲闯我驻日大使馆事件深度情报分析报告](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650567414&idx=2&sn=8af453e8815595b3387563e533c59024) - [ ] [【热点研判】2026年"肩并肩"军演战略评估/朝鲜测试可打击美国本土的新型固体发动机/巴基斯坦外长称美伊数日内或谈判](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650567414&idx=3&sn=723ce03489c4ab1434d2f8a39bcd09c7) - [ ] [为什么今天的情报机关越来越少亲自下场?因为廉价代理人更好用](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650567414&idx=4&sn=72fefba23f66e1c557b116dd04641b77) - 迪哥讲事 - [ ] [html注入导致的高危](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247499255&idx=1&sn=c9e57b5d0211701f479e338a3a7b162f) - TrustedSec - [ ] [Reduce Repetition and Free up Time With Mobile File Extractor](https://trustedsec.com/blog/reduce-repetition-and-free-up-time-with-mobile-file-extractor) - 美团技术团队 - [ ] [美团发布原生多模态 LongCat-Next:当视觉和语音成为AI的母语](https://mp.weixin.qq.com/s?__biz=MjM5NjQ5MTI5OA==&mid=2651782437&idx=1&sn=42cd63e1238b0c841a4ef137049d018b) - [ ] [LongCat-Flash-Prover:AI 攻克数学定理证明,不仅要“算得对”,更要“证得严”](https://mp.weixin.qq.com/s?__biz=MjM5NjQ5MTI5OA==&mid=2651782437&idx=2&sn=d2cdd9b2ca84834eb5746bbcfdce139d) - 深信服千里目安全技术中心 - [ ] [【漏洞通告】Google Chrome Dawn 释放后重用漏洞(CVE-2026-5281)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247525235&idx=1&sn=563a4d108e95fcc2e7dc4594454957e2) - [ ] [网络安全信息与动态周报2026年第13期(3月23日-3月29日)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247525235&idx=2&sn=8efdc8cb39f6634158bf521eddc280b3) - 安全行者老霍 - [ ] [从首份Gartner《守护智能体市场指南》中获得的5大启示](https://mp.weixin.qq.com/s?__biz=Mzg3NjU4MDI4NQ==&mid=2247486323&idx=1&sn=a4e09e6065823be5fa9bb2b089ba2731) - Securityinfo.it - [ ] [Proxy residenziali: quando la reputazione degli IP smette di funzionare](https://www.securityinfo.it/2026/04/02/proxy-residenziali-quando-la-reputazione-degli-ip-smette-di-funzionare/?utm_source=rss&utm_medium=rss&utm_campaign=proxy-residenziali-quando-la-reputazione-degli-ip-smette-di-funzionare) - bellingcat - [ ] [The War You’re Not Allowed to See: How the UAE Rewrites the Story of Iranian Strikes](https://www.bellingcat.com/news/2026/04/02/war-uae-iran-infuencer-dubai-conflict-drone-successful-strike-intercept-fire/) - ICT Security Magazine - [ ] [Sanità digitale e cybersecurity: il dato clinico come infrastruttura critica](https://www.ictsecuritymagazine.com/articoli/sanita-digitale-dati/) - [ ] [EU Data Act e sicurezza IoT: cosa cambia per le imprese italiane](https://www.ictsecuritymagazine.com/notizie/eu-data-act/) - Schneier on Security - [ ] [US Bans All Foreign-Made Consumer Routers](https://www.schneier.com/blog/archives/2026/04/us-bans-all-foreign-made-consumer-routers.html) - [ ] [Possible US Government iPhone Hacking Tool Leaked](https://www.schneier.com/blog/archives/2026/04/possible-us-government-iphone-hacking-tool-leaked.html) - 安全419 - [ ] [八大低成本策略:不花大钱也能大幅提升安全防护](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247552805&idx=1&sn=bf07e1c26ab7ee8c0d1fff4ea52be274) - Over Security - Cybersecurity news aggregator - [ ] [Vulnerability & Patch Roundup — March 2026](https://blog.sucuri.net/2026/04/vulnerability-patch-roundup-march-2026.html) - [ ] [Claude Code leak used to push infostealer malware on GitHub](https://www.bleepingcomputer.com/news/security/claude-code-leak-used-to-push-infostealer-malware-on-github/) - [ ] [Nova Ransomware: between propaganda, threats, and contradictions – what emerges from direct interaction with the group](https://www.suspectfile.com/interview-katana-nova-nova-ransomware-raas-ransomware/) - [ ] [Drift loses $280 million as hackers seize Security Council powers](https://www.bleepingcomputer.com/news/security/drift-loses-280-million-as-hackers-seize-security-council-powers/) - [ ] [The democratisation of business email compromise fraud](https://blog.talosintelligence.com/the-democratisation-of-business-email-compromise-fraud/) - [ ] [The Language of Emojis in Threat Intelligence: How Adversaries Signal, Obfuscate, and Coordinate Online](https://flashpoint.io/blog/the-language-of-emojis-in-threat-intelligence/) - [ ] [Drift crypto platform confirms $280 million stolen in hack as researchers point finger at North Korea](https://therecord.media/drift-crypto-confirms-280-million-stolen-north-korea) - [ ] [French Senate passes bill that would ban children under 15 from social media](https://therecord.media/french-senate-passes-bill-child-ban-social-media) - [ ] [Proxy residenziali: quando la reputazione degli IP smette di funzionare](https://www.securityinfo.it/2026/04/02/proxy-residenziali-quando-la-reputazione-degli-ip-smette-di-funzionare/) - [ ] [Claude, 500mila righe di codice esposte per errore: i rischi per la supply chain software](https://www.cybersecurity360.it/news/data-leak-claude-code-anthropic-cosa-implica-per-la-cyber-sicurezza/) - [ ] [ICE says it bought Paragon’s spyware to use in drug trafficking cases](https://techcrunch.com/2026/04/02/ice-says-it-bought-paragons-spyware-to-use-in-drug-trafficking-cases/) - [ ] [Residential proxies evaded IP reputation checks in 78% of 4B sessions](https://www.bleepingcomputer.com/news/security/residential-proxies-evaded-ip-reputation-checks-in-78-percent-of-4b-sessions/) - [ ] [Internet in Russia al rallentatore: fra restrizioni e aggiramenti, ecco il futuro della rete dello zar](https://www.cybersecurity360.it/news/internet-in-russia-al-rallentatore-fra-restrizioni-e-aggiramenti-ecco-il-futuro-della-rete-dello-zar/) - [ ] [Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime](https://www.bleepingcomputer.com/news/security/adversaries-exploit-vacant-homes-to-intercept-mail-in-hybrid-cybercrime/) - [ ] [New Progress ShareFile flaws can be chained in pre-auth RCE attacks](https://www.bleepingcomputer.com/news/security/new-progress-sharefile-flaws-can-be-chained-in-pre-auth-rce-attacks/) - [ ] [Medtech giant Stryker fully operational after data-wiping attack](https://www.bleepingcomputer.com/news/security/medtech-giant-stryker-fully-operational-after-data-wiping-attack/) - [ ] [PanoptiCON2026 - Fuoco invisibile: la difesa inizia da ciò che sai vedere](https://www.certego.net/blog/panopticon2026-fuoco-invisibile-la-difesa-inizia-da-cio-che-sai-vedere-save-the-date-4-giugno/) - [ ] [[Video] The TTP Ep 21: When Attackers Become Trusted Users](https://blog.talosintelligence.com/video-the-ttp-ep-21-when-attackers-become-trusted-users/) - [ ] [App-server Codex di OpenAI: configurazione insicura espone a esecuzione di comandi remoti](https://www.cybersecurity360.it/news/app-server-codex-di-openai-configurazione-insicura-espone-a-esecuzione-di-comandi-remoti/) - [ ] [Mongoose: Preauth RCE and mTLS Bypass on Millions of Devices](https://www.evilsocket.net/2026/04/02/Mongoose-Preauth-Remote-Code-Execution-and-mTLS-Bypass/) - [ ] [The Malware Gap: Why Fraud & Security Controls Still Miss Mobile Malware](https://www.threatfabric.com/blogs/the-malware-gap-why-fraud-security-controls-still-miss-mobile-malware) - [ ] [Critical Cisco IMC auth bypass gives attackers Admin access](https://www.bleepingcomputer.com/news/security/critical-cisco-imc-auth-bypass-gives-attackers-admin-access/) - [ ] [From Reactive to Proactive: 5 Steps to SOC Maturity with Threat Intelligence](https://any.run/cybersecurity-blog/soc-maturity-with-threat-intelligence/) - [ ] [An overview of ransomware threats in Japan in 2025 and early detection insights from Qilin cases](https://blog.talosintelligence.com/an-overview-of-ransomware-threats-in-japan-in-2025-and-early-detection-insights-from-qilin-cases/) - [ ] [Inside the Talos 2025 Year in Review: A discussion on what the data means for defenders](https://blog.talosintelligence.com/inside-the-talos-2025-year-in-review-a-discussion-on-what-the-data-means-for-defenders/) - [ ] [Qilin EDR killer infection chain](https://blog.talosintelligence.com/qilin-edr-killer/) - [ ] [UAT-10608: Inside a large-scale automated credential harvesting operation targeting web applications](https://blog.talosintelligence.com/uat-10608-inside-a-large-scale-automated-credential-harvesting-operation-targeting-web-applications/) - [ ] [Phishing e attacchi AiTM: come le email compromesse diventano trampolini per spam massivo](https://www.cybersecurity360.it/nuove-minacce/schema-attacco-aitm-adversary-in-the-middle-truffa-phishing-takeover-due-varianti/) - [ ] [The Week in Vulnerabilities: AI Frameworks, VMware, and Critical ICS Exposure](https://cyble.com/blog/cyble-weekly-vulnerabilities-report-apr-01/) - [ ] [Microsoft links Classic Outlook issue to email delivery problems](https://www.bleepingcomputer.com/news/microsoft/microsoft-links-classic-outlook-bug-to-email-delivery-issues/) - [ ] [Vietnam-Linked PXA Stealer Campaign Exploits LinkedIn to Target Professionals Globally](https://thecyberexpress.com/pxa-stealer-vietnam-linked-actors-linkedin/) - [ ] [FBI Warns of AVrecon Malware Targeting Network Devices Across 163 Countries](https://thecyberexpress.com/fbi-warns-of-avrecon-malware/) - [ ] [FBI Warns of Data Security Risks in Foreign-Developed Mobile Apps](https://thecyberexpress.com/data-security-risks-in-foreign-mobile-apps/) - [ ] [Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks](https://www.bleepingcomputer.com/news/security/over-14-000-f5-big-ip-apm-instances-still-exposed-to-rce-attacks/) - [ ] [Claude e Firefox, l’AI accelera la ricerca di vulnerabilità e diventa parte del DevSecOps](https://www.cybersecurity360.it/nuove-minacce/claude-e-firefox-lai-accelera-la-ricerca-di-vulnerabilita-e-diventa-parte-del-devsecops/) - [ ] [Hasbro Discloses Cyberattack After Unauthorized Network Access Detected](https://thecyberexpress.com/hasbro-cyberattack/) - [ ] [Intesa Sanpaolo Missed Unauthorized Access for 2 Years, Regulator Reveals](https://thecyberexpress.com/intesa-sanpaolo-data-breach-missed-for-2-years/) - [ ] [Vertex AI e il rischio dei “double agent” AI](https://www.securityinfo.it/2026/04/01/vertex-ai-e-il-rischio-dei-double-agent-ai/) - [ ] [WhatsApp warns users of fake app used to distribute spyware](https://therecord.media/whatsapp-warns-users-of-fake-app-used-for-spyware) - 云鼎实验室 - [ ] [从无差别攻击到APT定向攻击:Apifox供应链投毒攻击链路完整剖析](https://mp.weixin.qq.com/s?__biz=MzU3ODAyMjg4OQ==&mid=2247497418&idx=1&sn=6dfa5ccd6a5dcaa1e48f9e525b37187c) - SANS Internet Storm Center, InfoCON: green - [ ] [Attempts to Exploit Exposed "Vite" Installs (CVE-2025-30208), (Thu, Apr 2nd)](https://isc.sans.edu/diary/rss/32860) - [ ] [ISC Stormcast For Thursday, April 2nd, 2026 https://isc.sans.edu/podcastdetail/9876, (Thu, Apr 2nd)](https://isc.sans.edu/diary/rss/32858) - Desync InfoSec - [ ] [Rapid7深度分析:2025年暗网初始访问代理市场趋势、定价与论坛格局](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247489698&idx=1&sn=de4390b4361fc519fba77404d79e9cb2) - TG Soft Software House - News - [ ] [Auguri di <strong>Buona Pasqua</strong> dallo staff di <strong>TG Soft Cyber Security Specialist</strong>](http://www.tgsoft.it/italy/news_archivio.asp?id=1726) - [ ] [<strong>Vir.IT eXplorer PRO</strong><strong> </strong>supera con il massimo risultato, l'ultimo <strong>test</strong> effettuato a<strong> febbraio 2026</strong> da <strong>AppEsteem </strong>per i <strong>prodotti AV DeceptorFighters</strong>](http://www.tgsoft.it/italy/news_archivio.asp?id=1725) - Security Affairs - [ ] [Hasbro hit by cyberattack, investigates possible data breach](https://securityaffairs.com/190306/security/hasbro-hit-by-cyberattack-investigates-possible-data-breach.html) - [ ] [Cisco fixed critical and high-severity flaws](https://securityaffairs.com/190295/security/cisco-fixed-critical-and-high-severity-flaws.html) - [ ] [Threat actor UAC-0255 impersonate CERT-UA to spread AGEWHEEZE malware via phishing](https://securityaffairs.com/190287/hacking/threat-actor-uac-0255-impersonate-cert-ua-to-spread-agewheeze-malware-via-phishing.html) - [ ] [Italian spyware vendor creates Fake WhatsApp app, targeting 200 users](https://securityaffairs.com/190276/malware/italian-spyware-vendor-creates-fake-whatsapp-app-targeting-200-users.html) - The Register - Security - [ ] [They thought they were downloading Claude Code source. They got a nasty dose of malware instead](https://go.theregister.com/feed/www.theregister.com/2026/04/02/trojanized_claude_code_leak_github/) - [ ] [The company's biggest security hole lived in the breakroom](https://go.theregister.com/feed/www.theregister.com/2026/04/02/pwned/) - [ ] [AI recruiting biz Mercor says it was 'one of thousands' hit in LiteLLM supply-chain attack](https://go.theregister.com/feed/www.theregister.com/2026/04/02/mercor_supply_chain_attack/) - Deep Web - [ ] [Binance Drops ‘Red Flags’ for Manipulation After Letting It Happen for Years](https://www.reddit.com/r/deepweb/comments/1sanckg/binance_drops_red_flags_for_manipulation_after/) - [ ] [From the Earth to the Moon by Jules Verne - Full Audiobook | Classic Science Fiction Adventure](https://www.reddit.com/r/deepweb/comments/1saazz0/from_the_earth_to_the_moon_by_jules_verne_full/) - [ ] [Most impressive](https://www.reddit.com/r/deepweb/comments/1sa31a6/most_impressive/) - Blackhat Library: Hacking techniques and research - [ ] [Mongoose: Preauth RCE and mTLS Bypass on Millions of Devices](https://www.reddit.com/r/blackhat/comments/1saihyi/mongoose_preauth_rce_and_mtls_bypass_on_millions/) - Technical Information Security Content & Discussion - [ ] [Cisco source code stolen by ShinyHunters via Trivy supply-chain attack. AWS keys breached, 300+ repos cloned and more](https://www.reddit.com/r/netsec/comments/1sa8nld/cisco_source_code_stolen_by_shinyhunters_via/) - [ ] [SHA Pinning Is Not Enough](https://www.reddit.com/r/netsec/comments/1sans8y/sha_pinning_is_not_enough/) - [ ] [Mongoose: Preauth RCE and mTLS Bypass on Millions of Devices](https://www.reddit.com/r/netsec/comments/1sahl4e/mongoose_preauth_rce_and_mtls_bypass_on_millions/) - [ ] [The [LinkedIn browsergate] Attack: How it works](https://www.reddit.com/r/netsec/comments/1sak51u/the_linkedin_browsergate_attack_how_it_works/) - [ ] [Your terminal is lying to you: escape sequence attacks from the 90s that still work.](https://www.reddit.com/r/netsec/comments/1saibe9/your_terminal_is_lying_to_you_escape_sequence/) - [ ] [You’re Not Supposed To ShareFile With Everyone (Progress ShareFile Pre-Auth RCE Chain CVE-2026-2699 & CVE-2026-2701) - watchTowr Labs](https://www.reddit.com/r/netsec/comments/1saebwi/youre_not_supposed_to_sharefile_with_everyone/) - [ ] [Detailed analysis of a sophisticated firefox extension malware found in the wild using browser-xpi-malware-scanner.py](https://www.reddit.com/r/netsec/comments/1saxedk/detailed_analysis_of_a_sophisticated_firefox/) - [ ] [red team sandbox with real detection](https://www.reddit.com/r/netsec/comments/1sam980/red_team_sandbox_with_real_detection/) - The Hacker News - [ ] [Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials](https://thehackernews.com/2026/04/hackers-exploit-cve-2025-55182-to.html) - [ ] [Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise](https://thehackernews.com/2026/04/cisco-patches-98-cvss-imc-and-ssm-flaws.html) - [ ] [ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories](https://thehackernews.com/2026/04/threatsday-bulletin-pre-auth-chains.html) - [ ] [Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners](https://thehackernews.com/2026/04/researchers-uncover-mining-operation.html) - [ ] [The State of Trusted Open Source Report](https://thehackernews.com/2026/04/the-state-of-trusted-open-source-report.html) - [ ] [WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action](https://thehackernews.com/2026/04/whatsapp-alerts-200-users-after-fake.html) - [ ] [Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit](https://thehackernews.com/2026/04/apple-expands-ios-1877-update-to-more.html) - TorrentFreak - [ ] [X Asks Court to Dismiss Music Piracy Lawsuit After Supreme Court’s Cox Ruling](https://torrentfreak.com/x-asks-court-to-dismiss-music-piracy-lawsuit-after-supreme-courts-cox-ruling/) - netsecstudents: Subreddit for students studying Network Security and its related subjects - [ ] [Just Because It’s on Product Hunt Doesn’t Mean It’s Safe...](https://www.reddit.com/r/netsecstudents/comments/1sauw48/just_because_its_on_product_hunt_doesnt_mean_its/) - Future of Tech and Security: Strategy & Innovation with Raffy - [ ] [If AI Becomes the User, What Happens to the SIEM?](https://raffy.ch/blog/2026/04/02/if-ai-becomes-the-user-what-happens-to-the-siem/) - Your Open Hacker Community - [ ] [Trying to recover a deleted blog post – any way to find it or contact the owner?](https://www.reddit.com/r/HowToHack/comments/1sank8d/trying_to_recover_a_deleted_blog_post_any_way_to/) - Information Security - [ ] [Has anyone actually landed a cybersecurity job after training programs? What made the difference for you?](https://www.reddit.com/r/Information_Security/comments/1sagv58/has_anyone_actually_landed_a_cybersecurity_job/) - [ ] [How do you handle phishing simulations in your organisations? I’m looking for input for a project.](https://www.reddit.com/r/Information_Security/comments/1sagno8/how_do_you_handle_phishing_simulations_in_your/) - [ ] [A Quiet "Storm": Infostealer Hijacks Sessions, Decrypts Server-Side](https://www.reddit.com/r/Information_Security/comments/1sac1l8/a_quiet_storm_infostealer_hijacks_sessions/) - Computer Forensics - [ ] [Event Logs](https://www.reddit.com/r/computerforensics/comments/1sansz7/event_logs/) - [ ] [EC council](https://www.reddit.com/r/computerforensics/comments/1sa44gj/ec_council/) - Deeplinks - [ ] [Weakening Speech Protections Will Punish All of Us—Not Just Meta](https://www.eff.org/deeplinks/2026/04/dont-weaken-speech-protections-just-punish-meta) - [ ] [A Baseless Copyright Claim Against a Web Host—and Why It Failed](https://www.eff.org/deeplinks/2026/03/baseless-copyright-claim-against-web-host-and-why-it-failed) - [ ] [Print Blocking Won't Work - Permission to Print Part 2](https://www.eff.org/deeplinks/2026/04/print-blocking-wont-work-permission-print-part-2) - [ ] [Print Blocking is Anti-Consumer - Permission to Print Part 1](https://www.eff.org/deeplinks/2026/04/print-blocking-anti-consumer-permission-print-part-1) - [ ] [Google and Amazon: Acknowledged Risks, and Ignored Responsibilities](https://www.eff.org/deeplinks/2026/04/google-and-amazon-acknowledged-risks-and-ignored-responsibilities) - [ ] [EFF’s Submission to the UN OHCHR on Protection of Human Rights Defenders in the Digital Age](https://www.eff.org/deeplinks/2026/04/effs-submission-un-ohchr-protection-human-rights-defenders-digital-age) - [ ] [Speaking Freely: Jacob Mchangama](https://www.eff.org/deeplinks/2026/03/speaking-freely-jacob-mchangama) - Security Weekly Podcast Network (Audio) - [ ] [What Is A Router? (And all things AI) - PSW #920](http://sites.libsyn.com/18678/what-is-a-router-and-all-things-ai-psw-920) - 吾爱破解论坛 - [ ] [【2026春节】初十Windows高级题目WriteUp&提示词分享](https://mp.weixin.qq.com/s?__biz=MjM5Mjc3MDM2Mw==&mid=2651144186&idx=1&sn=8004d5e7d9193728b4c8a781fb7fbc14) - 网安寻路人 - [ ] [《智能体数据处理安全要求》立项申请汇报](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247508303&idx=1&sn=79c0e2a9cb9bb3871e7f7fa0e40b4d02)
每日安全资讯(2026-04-03)