# 每日安全资讯(2026-04-16) - Microsoft Security Blog - [ ] [Incident response for AI: Same fire, different fuel](https://www.microsoft.com/en-us/security/blog/2026/04/15/incident-response-for-ai-same-fire-different-fuel/) - Private Feed for M09Ic - [ ] [mgeeky starred incursi0n/BlueSAM](https://github.com/incursi0n/BlueSAM) - [ ] [anthropics released v2.1.110 at anthropics/claude-code](https://github.com/anthropics/claude-code/releases/tag/v2.1.110) - [ ] [github released v0.7.1 at github/spec-kit](https://github.com/github/spec-kit/releases/tag/v0.7.1) - [ ] [bolucat released 202604152126 at bolucat/Archive](https://github.com/bolucat/Archive/releases/tag/202604152126) - [ ] [safedv starred adanto/EtwTiViewer](https://github.com/adanto/EtwTiViewer) - [ ] [Mr-xn forked Mr-xn/mdserver-web from midoks/mdserver-web](https://github.com/Mr-xn/mdserver-web) - [ ] [modelcontextprotocol released v1.6.0 at modelcontextprotocol/registry](https://github.com/modelcontextprotocol/registry/releases/tag/v1.6.0) - [ ] [su18 starred yzddmr6/repo-analyzer](https://github.com/yzddmr6/repo-analyzer) - [ ] [CHYbeta starred livecvebench/CVE-Factory](https://github.com/livecvebench/CVE-Factory) - [ ] [Mel0day starred shareAI-lab/learn-claude-code](https://github.com/shareAI-lab/learn-claude-code) - [ ] [PrefectHQ released 3.6.27.dev3 at PrefectHQ/prefect](https://github.com/PrefectHQ/prefect/releases/tag/3.6.27.dev3) - [ ] [gh0stkey starred iOfficeAI/OfficeCLI](https://github.com/iOfficeAI/OfficeCLI) - [ ] [CHYbeta starred yzddmr6/repo-analyzer](https://github.com/yzddmr6/repo-analyzer) - [ ] [anthropics released v2.1.109 at anthropics/claude-code](https://github.com/anthropics/claude-code/releases/tag/v2.1.109) - [ ] [Mel0day starred fazgal0/free-sms-receivers](https://github.com/fazgal0/free-sms-receivers) - [ ] [pydantic released v1.82.0 at pydantic/pydantic-ai](https://github.com/pydantic/pydantic-ai/releases/tag/v1.82.0) - [ ] [CHYbeta starred weareaisle/nano-analyzer](https://github.com/weareaisle/nano-analyzer) - Tenable Blog - [ ] [Unlocking foundational visibility for cyber-physical systems with OT vulnerability management](https://www.tenable.com/blog/ot-vulnerability-management-cyber-physical-systems-cybersecurity) - 先知安全技术社区 - [ ] [基于ptrace与/proc/mem的Linux无文件进程注入:攻击实现与内存取证检测](https://xz.aliyun.com/news/91971) - [ ] [致远V7.0SP3历史漏洞分析](https://xz.aliyun.com/news/91970) - paper - Last paper - [ ] [合法终端管理软件遭滥用:疑似银狐攻击事件分析与溯源](https://paper.seebug.org/3478/) - SecWiki News - [ ] [SecWiki News 2026-04-15 Review](http://www.sec-wiki.com/?2026-04-15) - Recent Commits to cve:main - [ ] [Update Wed Apr 15 11:29:36 UTC 2026](https://github.com/trickest/cve/commit/106a1859daeeab41be579fea3cd729c568160310) - Der Flounder - [ ] [DUNS number no longer required to sign up for Apple Business in the United States](https://derflounder.wordpress.com/2026/04/15/duns-number-no-longer-required-to-sign-up-for-apple-business-in-the-united-states/) - Doonsec's feed - [ ] [分享的图片、视频、链接](https://mp.weixin.qq.com/s/Z700qKpkzwNZgf1E2Qk0hw) - [ ] [4.15国家安全日](https://mp.weixin.qq.com/s/r8UYxJLDsjltnyqeuN2kEQ) - [ ] [Predator间谍软件iOS内核利用引擎深度解析](https://mp.weixin.qq.com/s/AKJbKulNMQPcSDX_EU7Lvw) - [ ] [以赛促学赋能网安新人成长-西安工业大学网络空间安全协会2025-2026学年第二学期技术沙龙圆满举办四期](https://mp.weixin.qq.com/s/wWPwYCgS6J4_msNUzvDUAg) - [ ] [4・15 网警专属海报继续更新!一起守护国家安全](https://mp.weixin.qq.com/s/mJN6aQVXuJgdanrK35euqw) - [ ] [关键信息基础设施安全保护条例](https://mp.weixin.qq.com/s/dVfVDlVA4kUFkmOKTmogsw) - [ ] [实名验证风暴来袭:Claude 要求身份证原件和实时自拍,国内使用雪上加霜?](https://mp.weixin.qq.com/s/G80BpMyNwcZpOFf2vzL6FQ) - [ ] [AI 赋能安全测试-基于 Trae + IMA 协同的智能自动化安全测试实践](https://mp.weixin.qq.com/s/qVT5gHV0TeUIU2tficubqA) - [ ] [G.O.S.S.I.P 阅读推荐 2026-04-15 大模型安全对齐新思路:让“该不该答”听“安不安全”的话](https://mp.weixin.qq.com/s/tou4oDRl7aV2GuWX6QreFg) - [ ] [微软副总裁亲自出马,把 Mac 的功能「搬」到 Windows!](https://mp.weixin.qq.com/s/0an7pAKYeTxknjgE-Sn-Qg) - [ ] [重温“4.19”重要讲话十周年系列(3):践行总体国家安全观](https://mp.weixin.qq.com/s/Nnqw31a_KGmhWso-utZ0bQ) - [ ] [(11)5.1 领导作用和承诺 — 企业信息安全负责人必读系列丛书书稿《ISO/IEC 42001: 2023人工智能管理体系标准的谬误辨析与实施详解》](https://mp.weixin.qq.com/s/jsN53oRfTWD1vNwiPvOymA) - [ ] [IATF 16949: 2016 标准详解与实施(59)8.2.3.1.3 组织制造可行性](https://mp.weixin.qq.com/s/YnhFKNDKEND-Kl9MpIDCYw) - [ ] [IATF 16949: 2016 标准详解与实施(58)8.2.3.1.2 顾客指定的特殊特性](https://mp.weixin.qq.com/s/iiw_38_g0bAttil0I30aAw) - [ ] [IATF 16949: 2016 标准详解与实施(57)8.2.3.1.1 产品和服务要求的评审 — 补充](https://mp.weixin.qq.com/s/xmRSjiPrTcv5Wa8wQXUb7A) - [ ] [IATF 16949: 2016 标准详解与实施(56)8.2.3 产品和服务要求的评审](https://mp.weixin.qq.com/s/CfgkUFPqfCcsg-zV-ikHmg) - [ ] [具身智能|这家中国机器人公司,悄悄把仓库变成了“无人区”](https://mp.weixin.qq.com/s/tAFiVQ_KJf-aoxfuoeWybA) - [ ] [护航“十五五”, 网警邀你携手共筑安全防线](https://mp.weixin.qq.com/s/Va7Aj6OsJ-K3OxLW0M7tCA) - [ ] [发现一个免费的美国电力基础设施地图工具](https://mp.weixin.qq.com/s/WBlOxWCrRqCpO9EVZaVPkg) - [ ] [践行总体国家安全观,渝融云在行动](https://mp.weixin.qq.com/s/k0esPs--CUpHiXbXJMgeMg) - [ ] [用户名 / 昵称内容注入漏洞](https://mp.weixin.qq.com/s/SzeDpY60Ywdg1WxF7-H-bw) - [ ] [论文研读与思考|XSSky:通过局部路径持久模糊测试检测XSS漏洞](https://mp.weixin.qq.com/s/pjQyfYPpu_jRHM3RqUt_cQ) - [ ] [问题征集:2026上半年中国及海外数字监管热点问题闭门研讨会](https://mp.weixin.qq.com/s/oXW-t7W_evgJI_hEk1HSIw) - [ ] [国家安全,不仅关乎国家的命运,更牵动着每个人的心弦](https://mp.weixin.qq.com/s/mDKLEWokBCFOWYKGUuZAsw) - [ ] [Burp接入MCP协议!AI秒变黑客](https://mp.weixin.qq.com/s/u8rGE1qAi6gN_AcwGLLLFg) - [ ] [【AI安全】Burp接入MCP协议!AI秒变黑客](https://mp.weixin.qq.com/s/zqn35U4P393H2rG5jaV_Iw) - [ ] [关于公开征求《河南省网信部门行政处罚裁量权基准适用规定(征求意见稿)》意见的通知](https://mp.weixin.qq.com/s/_qxAQCQkGoOYM2EnF8YcoQ) - [ ] [【技术能力】以智能体安全测评启动为起点,构筑产业可信发展根基](https://mp.weixin.qq.com/s/vRKFchRa2XWUOLYTZo0LFw) - [ ] [【新业务】“智体通鉴”智能体综合测评体系:全方位度量智能体质量,引领产业可信发展](https://mp.weixin.qq.com/s/Z7reyUYE2v6H5fGQ1JPVCA) - [ ] [诊断罕见病只要3周,这个AI把确诊时间从5年压缩了99%](https://mp.weixin.qq.com/s/IHfmvddCcIABqfhuBSwjPQ) - [ ] [IOT漏洞挖掘初体验-Tenda A15](https://mp.weixin.qq.com/s/CndbsWSpVMhSDMeRZEH7FA) - [ ] [习近平总书记关于总体国家安全观重要论述的生动实践](https://mp.weixin.qq.com/s/xr7hL1zk6nHaKV1lXJCLXg) - [ ] [钓鱼演练神器曝光!安全圈老司机亲手打造](https://mp.weixin.qq.com/s/3eh9FnilF9-PgeHmCAPmZg) - [ ] [AI浪潮下,软件工程师会消失?这个说法被严重夸大了](https://mp.weixin.qq.com/s/9xXJ1IsxC9yaPEtR0Z1TsQ) - [ ] [【工业控制系统网络安全系列课程】第3课-工业控制系统的网络安全风险-网络防御、检测和分析(续)](https://mp.weixin.qq.com/s/byWcNA5iUx-1nij9H4xBDQ) - [ ] [安全警报 | 知名勒索团体声称获取百度旗下金融平台度小满敏感数据,并公开叫售数十万条数据](https://mp.weixin.qq.com/s/s5KT74af4lrIBwmLC08zEQ) - [ ] [【安全更新】微软4月安全更新多个产品高危漏洞通告](https://mp.weixin.qq.com/s/vqCWhkAK0GECS_SQ-xC5Gg) - [ ] [轻量级的CTF/渗透测试Fuzz工具 - Ryzf](https://mp.weixin.qq.com/s/LA6jIxszuFRtp01s8LyF0Q) - [ ] [西安程序员爆料,42岁,23年被裁员,薪资28500,失业2年,今天收到offer,薪资14000,已经准备去了。](https://mp.weixin.qq.com/s/UNffSmvvTfvmv4AIO7cpVw) - [ ] [2026原生安卓系统手机推荐:谁最值得买?](https://mp.weixin.qq.com/s/VTAGG3dKU2ThzPagSyeMjw) - [ ] [全民国家安全教育日——以宣筑防 以知护安](https://mp.weixin.qq.com/s/NUA4pO8UPasKEqnBj-fpmQ) - [ ] [你的报告,为什么没人读?情报产品受众分析与定制化实操手册](https://mp.weixin.qq.com/s/0LXHRCqQXtIgsogRWdaXbg) - [ ] [夹缝里的15年,美国在蒙古国埋下一颗什么棋子?](https://mp.weixin.qq.com/s/mlKehOXt24o7LH8xo2ELJQ) - [ ] [当《飞行模拟器》遇上战争,游戏开发商如何成为美国情报机器的核心齿轮](https://mp.weixin.qq.com/s/SkMqILCXwog1lSehVs9lQQ) - [ ] [有手就行的JADX MCP环境配置](https://mp.weixin.qq.com/s/xds5Nw8705zQdjxPYmtZVA) - [ ] [关于第一季PolarIOTS个人挑战赛赛前直播的通知](https://mp.weixin.qq.com/s/Zp83lzRFWtydQjKd3qMY1w) - [ ] [中行建设BOCAI大模型能力平台,已构建智能助手400+、RPA覆盖3600+场景](https://mp.weixin.qq.com/s/JaGPoVs1_UJJFZuAml1XEw) - [ ] [AI快讯:美国运通推出AI代理支付工具包,度小满发布DXMClawPay,千问AI眼镜S1现货开售](https://mp.weixin.qq.com/s/VOKBGle2OU3dYf3Nsqlfgw) - [ ] [中国移动、中国电信、东方国信中选!恒丰银行2026年度AI算力建设项目](https://mp.weixin.qq.com/s/tmqRSJXV9WgpG2iiHmQ1Ig) - [ ] [微软Defender零日漏洞可导致权限提升攻击](https://mp.weixin.qq.com/s/YTfCzsTdF4wZRnnUdQmVPA) - [ ] [【安全圈】Adobe 修复 PDF 阅读器零日漏洞,已被黑客利用至少四个月](https://mp.weixin.qq.com/s/LCBNoUxTai6D-nRmE4IW-g) - [ ] [【安全圈】微软 SharePoint Server 0Day漏洞遭在野利用](https://mp.weixin.qq.com/s/I4knZFuMN6uYTJqscwjHfA) - [ ] [【安全圈】假冒 Ledger Live 应用致 950 万美元加密货币被盗,受害者损失惨重](https://mp.weixin.qq.com/s/7GDsJX74fG4zHctt8Kzi_A) - [ ] [4·15 | 筑牢国家安全防线,践行合规经营使命](https://mp.weixin.qq.com/s/tSVd61CD8am2g-wvVFat9A) - [ ] [简单复盘黄金跨越半世纪的涨跌事件](https://mp.weixin.qq.com/s/SKz9QbM_YsnRX7wsxYRjzw) - [ ] [平航杯2026(part1)](https://mp.weixin.qq.com/s/MlF68i8NiYXhf_TxWfri8w) - [ ] [Ivanti Neurons for ITSM漏洞允许远程攻击者获取用户会话](https://mp.weixin.qq.com/s/QbPE4MYPikfr0cUfVg0oZA) - [ ] [微软2026年4月补丁星期二 – 修复168个漏洞,包括正在被利用的0day](https://mp.weixin.qq.com/s/SXpPUvuZOvJuV9HtkL8vTg) - [ ] [第三期网络安全等级测评师能力评估(暨第二期第二次补考)机考拟于5月9日(周六)举行](https://mp.weixin.qq.com/s/mLTnGL-VOhgGz649NOME8A) - [ ] [第三期网络安全等级测评师能力评估(暨第二期第二次补考)机考拟于5月9日举行](https://mp.weixin.qq.com/s/hUIVSiOYQttsLnpGLBmT0w) - [ ] [415全民国家安全教育日|八大高危网安威胁拆解与防护](https://mp.weixin.qq.com/s/ZmYtAKzAY_baAu1qLR1OxQ) - [ ] [伊朗媒体:境内大量美国制造的通信设备突然失灵,操作系统崩溃](https://mp.weixin.qq.com/s/7LOulGaHf9Uia0H_jcA51w) - [ ] [网络安全这五大副业方向甚至超过主业收入,有台电脑就能上!](https://mp.weixin.qq.com/s/7fEA107xhQqZz67aXLP62A) - [ ] [实测:Anthropic新模型可执行复杂渗透测试,自主攻陷基础防护系统](https://mp.weixin.qq.com/s/QS3vf6aaYRkdFi_lzz9URw) - [ ] [OpenAI也搞“Mythos”?网络安全版GPT-5.4-Cyber对外亮相](https://mp.weixin.qq.com/s/DA5yzHUmrMchjEBmzqpT7w) - [ ] [合法终端管理软件遭滥用:疑似银狐攻击事件分析与溯源](https://mp.weixin.qq.com/s/0GdXqw59lsZPL6JTeG-v8Q) - [ ] [智算安全 | 华为携手信通院、AIIA重磅发布全国首个四大行业AI安全实践研究报告](https://mp.weixin.qq.com/s/W_eYqzWMv1htRzTyNw0sdg) - [ ] [PHP Composer 多个新漏洞可导致任意命令执行](https://mp.weixin.qq.com/s/YPVIc3MmgbXm2hFoehoFQA) - [ ] [微软4月补丁星期二值得关注的漏洞](https://mp.weixin.qq.com/s/aQdij4SsQhbE840Nf-hehw) - [ ] [记某edusrc未授权泄露全站密码信息&AI渗透实战测试](https://mp.weixin.qq.com/s/5TEykmmjqRckg8T5t6ggwg) - [ ] [OpenAI贴脸开大!推出网络安全专用 AI 模型 GPT-5.4-Cyber,对标 Claude Mythos](https://mp.weixin.qq.com/s/whu5oQlDSrUAwNsnxqeSLg) - [ ] [Gartner 2031年预测:数据、分析与AI领域趋势展望](https://mp.weixin.qq.com/s/iwpxkvpQwA8vPt8aKxP5bw) - [ ] [网警:有国才有家 国家安全靠大家 让我们一起为“十五五”新征程保驾护航](https://mp.weixin.qq.com/s/RbHQwzg9p062jmAms6IuBg) - [ ] [就业/积分/落户一步到位!上海重点急需工种——网络与信息安全管理员(三级/高级)](https://mp.weixin.qq.com/s/UcE3EXovbpHKTmrAIBGetg) - [ ] [无声的提权:Windows攻击链中的进程伪装与UAC绕过](https://mp.weixin.qq.com/s/oIoBRl2EK6VjP9evAjw0ug) - [ ] [微软确认SharePoint Server关键零日漏洞遭活跃攻击(CVE-2026-32201)](https://mp.weixin.qq.com/s/tE1ru0R7FK44-mHo0fF5dQ) - [ ] [智能体AI威胁建模:MAESTRO框架与OpenClaw实战](https://mp.weixin.qq.com/s/NMDAVhYCQPeYDhATwJCx8w) - [ ] [比导弹更狠!美国远程锁死伊朗通信,国产化的重要](https://mp.weixin.qq.com/s/5TK6bbhiAJ_QUcSVdMUnkg) - [ ] [4·15 全民国家安全教育日丨统筹发展和安全 护航“十五五”新征程](https://mp.weixin.qq.com/s/lKJdXHg0YeDeUR0v9VZZpQ) - [ ] [4·15主题海报来了,快查收!](https://mp.weixin.qq.com/s/qgkW3VVU_InyPWLzBqzr-g) - [ ] [代码之上有防线 键盘之下是国安——“4・15”全民国家安全教育日公益宣传活动走进中关村软件园](https://mp.weixin.qq.com/s/LYlA8Lg2lo-P5gFCtC5gLQ) - [ ] [苹果公司紧急提醒iPhone用户立即更新以防范网页攻击](https://mp.weixin.qq.com/s/smhvPqr-UaYx26MUHcSOJg) - [ ] [OpenAI发布网络安全大模型GPT-5.4-Cyber](https://mp.weixin.qq.com/s/ELRFZ8mD24WR9zbbqVJvrQ) - [ ] [日本统合作战司令部设立目的、架构职能及影响探析](https://mp.weixin.qq.com/s/rIbc7JCI0UyostmpIl4GAA) - [ ] [欧盟拟以新关税配额机制应对全球产能过剩冲击,强化钢铁贸易保护](https://mp.weixin.qq.com/s/TG7FS8XgDpWjChnsbFsFfw) - [ ] [真实安全漏洞,轻松到手](https://mp.weixin.qq.com/s/zXKubSZz9k9wRA_hW22eTQ) - [ ] [【免费领】Android系统漏洞实战权威教程](https://mp.weixin.qq.com/s/VdKJ9WvKpE-x4Rz9buhpEQ) - [ ] [不落地、不留痕:用扣子打造网安工具的新姿势](https://mp.weixin.qq.com/s/sHxKAyq3VTRpy59aD4n9og) - [ ] [适合网安人的速成古法加解密逆向教程](https://mp.weixin.qq.com/s/XIaZdgXUwcnROlCKHqe-qA) - [ ] [装了N个skills之后,鹅厂员工觉得“最香”的是哪一个?](https://mp.weixin.qq.com/s/M-xrfkboccq6IMQlxYZwAQ) - [ ] [【风险通告】微软4月安全更新补丁和多个高危漏洞风险提示](https://mp.weixin.qq.com/s/oo4bwTWyk4ahcHrj2qhddw) - [ ] [【公示】安徽省密码技术应用员职业技能等级认定成绩公示](https://mp.weixin.qq.com/s/K49xyWYcqYtehCZuu3gdKw) - [ ] [Mirax Android RAT 将设备转换为 SOCKS5 代理,通过 Meta 广告覆盖 220,000 次](https://mp.weixin.qq.com/s/ii_hcqutNFAyDd0Qhiotsg) - [ ] [一个零基础小白,如何从啥都不会到挖到人生第一个漏洞?](https://mp.weixin.qq.com/s/tY5lmYSa0g-HdNhSe-MsCw) - [ ] [4・15 全民国家安全教育日|这份网络安全“护身符”请收好!](https://mp.weixin.qq.com/s/hYlFGhFVlb7IybumYIvgHg) - [ ] [深度参编 AIIA《OpenClaw类智能体部署风险管理指南》 百度安全引领智能体安全新范式](https://mp.weixin.qq.com/s/93JmBNKYPwFZ2e_8ueez2w) - [ ] [关于举办“第二期政策解码·赋能共赢沙龙‘大模型与智能体安全新范式’主题活动”的通知](https://mp.weixin.qq.com/s/0Ocp-nTlyxPnrZUOaI27dA) - [ ] [全民国家安全教育日|网络安全——守好指尖上的防线](https://mp.weixin.qq.com/s/eeCdWu2E_dWmS9d_sISRsw) - [ ] [上海财经大学|计算机与人工智能学院教师获得计算机安全顶会NDSS杰出论文奖](https://mp.weixin.qq.com/s/tq1u11tqaGsOhSa0RkvI9Q) - [ ] [Only 5 days left|BSRC 2025 in Bali](https://mp.weixin.qq.com/s/i4fUpRRTNRD_BzF2hWLP3A) - [ ] [避坑有术:从虾塘到企业的安全秘籍](https://mp.weixin.qq.com/s/MaSOa_05mpNjJWPGaTpZmQ) - [ ] [【红队工具】攻防后渗透工具自动化免杀!!!](https://mp.weixin.qq.com/s/ozWYdrjRoCI1L-6k7v3yDw) - [ ] [\"无偿参加\"](https://mp.weixin.qq.com/s/N6RPhOKeK9XwUTHTQ37JLA) - [ ] [数字世界的\"守夜人\":网络与信息安全管理员](https://mp.weixin.qq.com/s/pWcsgpdoQRP0pnAjzmNSjw) - [ ] [鸿蒙生态安全再添基石:梆梆安全鸿蒙SDK首批入选生态优选库,守护应用“最后一公里”](https://mp.weixin.qq.com/s/LrhZHCGUnNlsdpWpEgup9w) - [ ] [全民国家安全教育日 | 筑牢人民防线 维护国家安全](https://mp.weixin.qq.com/s/MWoO8pj-Sqe6Vf-FZvZT1g) - [ ] [ctf之文件包含——你的秘密我知道](https://mp.weixin.qq.com/s/UQpnYk6z3WiWjKAjkA489g) - [ ] [算法与数据结构之栈、队列](https://mp.weixin.qq.com/s/ToG1pG-ZRAAMYs1ZjMlsEw) - [ ] [打穿隔壁:AD域信任攻击——从子域到父域,从一个林到整个林](https://mp.weixin.qq.com/s/rs8tgDgcVWGT5tbb-hcguw) - [ ] [安全简讯(2026.04.15)](https://mp.weixin.qq.com/s/QjAgIlkrdF4mp8aZQlMNxw) - [ ] [【漏洞通告】Apache Tomcat EncryptInterceptor绕过漏洞(CVE-2026-34486)](https://mp.weixin.qq.com/s/CidhE3791Nodwp9CbWNpQw) - [ ] [【漏洞通告】微软4月多个安全漏洞](https://mp.weixin.qq.com/s/Q418HNHiqYF9YMZDchtyAA) - [ ] [LazyDLLSideload:面向红队演练的 DLL 代理与侧载工程化生成器](https://mp.weixin.qq.com/s/hS7rqv05hqbeYlKYj6k8nA) - [ ] [APK Auditor:一个完全在浏览器里运行的APK安全分析工具](https://mp.weixin.qq.com/s/iaX9D-6azrC9XElGmJnAJg) - [ ] [🚨 警告:Juniper 网络设备存在严重漏洞](https://mp.weixin.qq.com/s/WQWlAz1FHnNS7xS_KnE6fQ) - [ ] [[EDU]某校小程序的测试](https://mp.weixin.qq.com/s/BfDSLHOGHZSLxIky-ERaqg) - [ ] [【代码审计】Fortify浅用](https://mp.weixin.qq.com/s/hp9GEmRuD61yUl7jTmzlKg) - [ ] [阿里云DDoS安全运营智能体发布,网络安全的Agentic时刻来临](https://mp.weixin.qq.com/s/x_G2f0FFSKCpjA7Y6f-OFw) - [ ] [Apache Tomcat 远程代码执行漏洞,附漏洞自查方案](https://mp.weixin.qq.com/s/-42YuZv_nyDrzMx2xaf_mw) - [ ] [全民国家安全教育日 |学好新修订的 《中华人民共和国网络安全法》 共同守护清朗网络空间](https://mp.weixin.qq.com/s/kXAqmH5ee6S-lo2Qaio90w) - [ ] [横琴好岗上新|IT项目经理(物流园区智能化与软件系统方向)](https://mp.weixin.qq.com/s/m_ipB-6os4UC-YFJuUM9RA) - [ ] [红队工具 猕猴桃 修复版 兼容最新Windows 11 24H2/25H2](https://mp.weixin.qq.com/s/uT7H8Gm1RG4FtjHrcJRTSw) - [ ] [瓜 来 !!!🍉](https://mp.weixin.qq.com/s/TK1JPj7LYlQEEpGbJa6Isg) - [ ] [网络安全为人民,安全防线靠人民](https://mp.weixin.qq.com/s/LeRjuAMo9BZObXoZUAGICw) - [ ] [群友靶机之Twice](https://mp.weixin.qq.com/s/kVUXwclP3oxeajz5pRAdKg) - [ ] [超硬核!“重庆网警”联合“重庆辟谣”把网络安全课“搬”进校园,现场超燃!](https://mp.weixin.qq.com/s/8wGdBZpKaoK_I0hf-lJ5gA) - [ ] [大语言模型驱动的漏洞挖掘:能力机制、场景分析与演进路径](https://mp.weixin.qq.com/s/6F-rbsxIOgNLzoXafgSJNg) - [ ] [美国陆军新建的数据作战中心(ADOC)上线](https://mp.weixin.qq.com/s/Gh9mAdnsXhmnzIPfhJ4UUw) - [ ] [牛蛙—AI自主反无人机武器站](https://mp.weixin.qq.com/s/Ak8VdT27VnbvPB22yXmmfg) - [ ] [4·15全民国家安全教育日 | 主题宣传手册](https://mp.weixin.qq.com/s/WqtENQOxPBM1bK5Pf91YbA) - [ ] [4·15全民国家安全教育日 | 主题海报](https://mp.weixin.qq.com/s/4fwPpCqtJ9HvA1rVk8nP_g) - [ ] [“4·15”全民国家安全教育日密码安全宣传挂图(附原图下载链接)](https://mp.weixin.qq.com/s/X4DD6B0jLn0xzOjTwjyZPQ) - [ ] [415全民国家安全教育日丨MV《指尖的防线》震撼来袭!](https://mp.weixin.qq.com/s/SWyjSr2ZlFPXSpHkLNvRng) - [ ] [动态|天融信荣获吴文俊人工智能科技进步一等奖](https://mp.weixin.qq.com/s/k_bjjlNH1rru8raR09-Aww) - [ ] [逆向工程AI工具链环境配置](https://mp.weixin.qq.com/s/-VBc5UZ_uOtgt91GMkIYfQ) - [ ] [不算不知道:企业缺乏网络安全意识培训的隐性损失高昂](https://mp.weixin.qq.com/s/16rokMhE9drvgjnZmBSgpw) - [ ] [请评价我的 Thinkpad T430 eGPU 游戏配置](https://mp.weixin.qq.com/s/dlA0UlDx9Wmw0CjiDOJ1uw) - [ ] [26年C4安全CTF培训课程邀你加入](https://mp.weixin.qq.com/s/ntM1GvBih1WEKiRvuhAsvg) - [ ] [全民国家安全教育日|筑牢网络安全防线,守护数字国家安全](https://mp.weixin.qq.com/s/EWtpb3NrMikN-dmIg30gbQ) - GuidePoint Security - [ ] [Ransomware Insights from Q1 2026](https://www.guidepointsecurity.com/blog/ransomware-insights-q1-2026/) - Horizon3.ai - [ ] [CVE-2026-21643](https://horizon3.ai/attack-research/vulnerabilities/cve-2026-21643/) - [ ] [From Patch Tuesday to Pentest Wednesday®: When “Clean” Didn’t Mean Secure](https://horizon3.ai/intelligence/blogs/internal-pentest-hidden-attack-paths/) - Offensive Security Blog: Latest Trends in Hacking | Praetorian - [ ] [Shadow Admins in Active Directory: Hidden Privilege Paths Attackers Exploit](https://www.praetorian.com/blog/shadow-admins-active-directory/) - Securelist - [ ] [Threat landscape for industrial automation systems in Q4 2025](https://securelist.com/industrial-threat-report-q4-2025/119392/) - 绿盟科技技术博客 - [ ] [绿盟科技携手统信软件,共筑成熟 · 智能国产创新生态——统信桌面操作系统V25发布](https://blog.nsfocus.net/%e7%bb%bf%e7%9b%9f%e7%a7%91%e6%8a%80%e6%90%ba%e6%89%8b%e7%bb%9f%e4%bf%a1%e8%bd%af%e4%bb%b6%ef%bc%8c%e5%85%b1%e7%ad%91%e6%88%90%e7%86%9f-%c2%b7-%e6%99%ba%e8%83%bd%e5%9b%bd%e4%ba%a7%e5%88%9b%e6%96%b0/) - [ ] [绿盟科技《Botnet趋势报告》(2026版)正式发布](https://blog.nsfocus.net/%e7%bb%bf%e7%9b%9f%e7%a7%91%e6%8a%80%e3%80%8abotnet%e8%b6%8b%e5%8a%bf%e6%8a%a5%e5%91%8a%e3%80%8b%ef%bc%882026%e7%89%88%ef%bc%89%e6%ad%a3%e5%bc%8f%e5%8f%91%e5%b8%83/) - HackerNews - [ ] [PHP Composer ć›ĺ‡şä¸¤ĺ¤„éŤ˜ĺąćźć´žďźŒĺŻĺŻźč‡´äťťć„ĺ‘˝äť¤ć‰§čĄŒ](http://0.0.0.0:8080/post/64125) - [ ] [ć–°ĺž‹ Mirax 厉ĺ“čżœćŽ§ćœ¨éŠŹĺ°†čŽžĺ¤‡č˝Źä¸ş SOCKS5 䝣ç†ďźŒé€ščż‡ Meta ĺšżĺ‘Šč§ŚĺŠ 22 ä¸‡ç”¨ćˆˇ](http://0.0.0.0:8080/post/64124) - [ ] [č‹šćžœ App Store 出现ĺ‡ĺ†’ Ledger Live ĺş”ç”¨ďźŒç›—ĺ– 950 ä¸‡çžŽĺ…ƒĺŠ ĺŻ†č´§ĺ¸](http://0.0.0.0:8080/post/64123) - [ ] [教育兏ĺ¸çĄŽčŽ¤ć•°ćŽćł„éœ˛ďźŒé勒索团䟙ĺ¨čƒ](http://0.0.0.0:8080/post/64122) - [ ] [ĺŠ ĺŻ†č´§ĺ¸äş¤ć˜“所 Kraken éĺ†…éƒ¨äşşĺ‘˜ćł„éœ˛ĺŽĺ—靑厢勒索](http://0.0.0.0:8080/post/64121) - [ ] [çžŽč‹ąĺŠ č”ĺˆ"ĺ¤§čĽżć´‹čĄŒĺŠ¨"ç ´čŽˇ 4500 ä¸‡çžŽĺ…ƒĺŠ ĺŻ†č´§ĺ¸ç›—çŞƒćĄˆ](http://0.0.0.0:8080/post/64120) - rtl-sdr.com - [ ] [Stream1090: A New Approach to ADS-B Demodulation Using CRC-Based Framing Instead of Preamble Detection](https://www.rtl-sdr.com/stream1090-a-new-approach-to-ads-b-demodulation-using-crc-based-framing-instead-of-preamble-detection/) - [ ] [New YouTube Tutorials for SatDump V2.x.x](https://www.rtl-sdr.com/new-youtube-tutorials-for-satdump-v2-x-x/) - [ ] [Saveitforparts: Receiving Artemis 2 Signals](https://www.rtl-sdr.com/saveitforparts-receiving-artemis-2-signals/) - [ ] [Receiving the Artemis 2 S-Band Carrier With a Wi-Fi Dish and Airspy R2](https://www.rtl-sdr.com/receiving-the-artemis-2-s-band-carrier-with-a-wi-fi-dish-and-airspy-r2/) - 奇客Solidot–传递最新科技情报 - [ ] [全球暖化危及水稻产量](https://www.solidot.org/story?sid=84057) - [ ] [美国国会新法案要求操作系统验证用户年龄](https://www.solidot.org/story?sid=84056) - [ ] [斯坦福报告凸显了 AI 业内人士和公众之间的分歧](https://www.solidot.org/story?sid=84055) - [ ] [俄罗斯流行应用被发现会检测是否安装 VPN](https://www.solidot.org/story?sid=84054) - [ ] [安娜的档案被勒令向 Spotify 等赔偿 3.22 亿美元](https://www.solidot.org/story?sid=84053) - [ ] [互联网档案馆存档数千音乐会录音带](https://www.solidot.org/story?sid=84052) - [ ] [美国最完美的约会日期是 10 月 8 日](https://www.solidot.org/story?sid=84051) - [ ] [英国首相表示社媒平台应停止无限滚动](https://www.solidot.org/story?sid=84050) - [ ] [微软 Surface 系列产品大幅涨价](https://www.solidot.org/story?sid=84049) - [ ] [亚马逊收购 Globalstar](https://www.solidot.org/story?sid=84048) - [ ] [Google 违反承诺未提前通知就将用户数据交给 ICE](https://www.solidot.org/story?sid=84047) - 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台 - [ ] [谷歌为 Mac 推出原生 Gemini AI 应用](https://blog.upx8.com/%E8%B0%B7%E6%AD%8C%E4%B8%BA-Mac-%E6%8E%A8%E5%87%BA%E5%8E%9F%E7%94%9F-Gemini-AI-%E5%BA%94%E7%94%A8) - 锦行科技 - [ ] [415・国安|居安思危,共筑防线](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247494851&idx=1&sn=4e3764becfad0708ace475467aa3f756) - Black Hills Information Security, Inc. - [ ] [Signed, Trusted, and Abused: Proxy Execution via WebView2](https://www.blackhillsinfosec.com/proxy-execution-via-webview2/) - 腾讯玄武实验室 - [ ] [每日安全动态推送(26/4/15)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651960428&idx=1&sn=73fc67a09a0431b77739087ad9b40c9d) - 黑鸟 - [ ] [Predator间谍软件iOS内核利用引擎深度解析](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451186388&idx=1&sn=026e6145ab4170e33b056800424df0a0) - 腾讯安全应急响应中心 - [ ] [AI安全,由攻入防|腾讯广告AI专项众测正式启动](https://mp.weixin.qq.com/s?__biz=MjM5NzE1NjA0MQ==&mid=2651208334&idx=1&sn=05b24e15082ec737dc9e101103715e3f) - Malwarebytes - [ ] [AI clickbait can turn your notifications into a scam feed](https://www.malwarebytes.com/blog/news/2026/04/ai-clickbait-can-turn-your-notifications-into-a-scam-feed) - [ ] [Fake YouTube copyright notices can steal your Google login](https://www.malwarebytes.com/blog/threat-intel/2026/04/fake-youtube-copyright-notices-can-steal-your-google-login) - [ ] [From fake Proton VPN sites to gaming mods, this Windows infostealer is everywhere](https://www.malwarebytes.com/blog/threat-intel/2026/04/from-fake-proton-vpn-sites-to-gaming-mods-this-windows-infostealer-is-everywhere) - [ ] [April Patch Tuesday fixes two zero-days, including one under active attack](https://www.malwarebytes.com/blog/news/2026/04/april-patch-tuesday-fixes-two-zero-days-including-one-under-active-attack) - [ ] [Credit Resources Vault: Why this credit email set off our scam alarms](https://www.malwarebytes.com/blog/news/2026/04/credit-resources-vault-why-this-credit-email-set-off-our-scam-alarms) - 奇安信 CERT - [ ] [【已复现】Apache Tomcat 远程代码执行漏洞(CVE-2026-34486)安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247505225&idx=1&sn=b58bfb52a75a55c62527875f1c9176f5) - [ ] [微软4月补丁日多个产品安全漏洞风险通告:1个在野利用、8个紧急漏洞](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247505225&idx=2&sn=7245dbf9b07c83cd708b6155bd300820) - 微步在线研究响应中心 - [ ] [Apache Tomcat 远程代码执行漏洞,附漏洞自查方案](https://mp.weixin.qq.com/s?__biz=Mzg5MTc3ODY4Mw==&mid=2247508620&idx=1&sn=c31f1cadfa7661cddf43b3388c7ead33) - 安全分析与研究 - [ ] [Shellcode技术——代码注入的核心](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247496651&idx=1&sn=40e405d0398464f001570faf27a84030) - 代码卫士 - [ ] [PHP Composer 多个新漏洞可导致任意命令执行](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247525778&idx=1&sn=f575dcb35ac2b3091d3f1a2359e1ae4d) - [ ] [微软4月补丁星期二值得关注的漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247525778&idx=2&sn=b5edef54c4ece70f1affe656616e58df) - 安全内参 - [ ] [实测:Anthropic新模型可执行复杂渗透测试,自主攻陷基础防护系统](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515823&idx=1&sn=4e7e122c79502e05ce9bc888e8496892) - [ ] [OpenAI也搞“Mythos”?网络安全版GPT-5.4-Cyber对外亮相](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515823&idx=2&sn=d3716a8b48f493a2ec9d58ed2beb361f) - 威努特安全网络 - [ ] [发改委41号令丨电力重大事故隐患判定标准7月起施行](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651141336&idx=1&sn=85b544d0af6b8185141ac47aafa2a097) - 看雪学苑 - [ ] [就业/积分/落户一步到位!上海重点急需工种——网络与信息安全管理员(三级/高级)](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458613414&idx=1&sn=b07aa0550d5ee51da26ad96310dc6937) - [ ] [无声的提权:Windows攻击链中的进程伪装与UAC绕过](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458613414&idx=2&sn=da477c224b836820e9225556a4d1a962) - [ ] [微软确认SharePoint Server关键零日漏洞遭活跃攻击(CVE-2026-32201)](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458613414&idx=3&sn=d5076ce31c456b0a5d868670a8138e94) - 全频带阻塞干扰 - [ ] [丢枪事件致专业感破碎 | 英国警队现状堪忧](https://mp.weixin.qq.com/s?__biz=MzIzMzE2OTQyNA==&mid=2648959193&idx=1&sn=724ff8c2e58d1074fa25e0d8593087e6) - 安全学术圈 - [ ] [行业会议 | 第七届网络空间安全前沿论坛(常安论坛全议程)](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247495255&idx=1&sn=88e9c067ec779342ca956f56d96267c3) - 绿盟科技CERT - [ ] [【安全更新】微软4月安全更新多个产品高危漏洞通告](https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247490027&idx=1&sn=097da91bd350f86fda58d7d57838acc7) - 中国信息安全 - [ ] [国家安全部党委书记、部长陈一新:提升护航高质量发展的国家安全能力](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664261364&idx=1&sn=c532ff4a00f49a9557d4d7bc9f46ab7c) - 信息安全国家工程研究中心 - [ ] [“4·15”全民国家安全教育日密码安全宣传挂图](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247503564&idx=1&sn=29d95f3748a7b0c55b71c00c54a8d7ae) - 安全研究GoSSIP - [ ] [G.O.S.S.I.P 阅读推荐 2026-04-15 大模型安全对齐新思路:让“该不该答”听“安不安全”的话](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247501577&idx=1&sn=fc8de3a1853111addb116513f148196b) - 安全牛 - [ ] [Claude Mythos Preview:AI网络安全能力的分水岭时刻](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651141043&idx=1&sn=cd615a37760d6cf7a1336aedeb80ffe2) - [ ] [4・15 全民国家安全教育日--筑牢网络安全防线,护航数字中国新征程;OpenSSL 4.0.0版本发布:移除弃用协议,新增后量子支持| 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651141043&idx=2&sn=718ed74b00c4ede765b4e98e883c2b5f) - 极客公园 - [ ] [真正的 Skill 商店,为什么变成了微信公众号和小红书?](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653104016&idx=1&sn=0035441fd7e9fd27d3f88165d654ef59) - [ ] [在硅谷和两个 AI 工程师聊完,我觉得下一代汽车可能不是车了](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653103911&idx=1&sn=f52d5a12bafa8e060a4fb08e192a3f10) - [ ] [斯坦福报告:美国AI投资为中国23倍,但模型差距消失;Q1豆包海外版下载7200万次;OpenAI指控Anthropic:300亿收入80亿造假 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653103929&idx=1&sn=2e50fcd0464ff901c9ed770fc5dc01ce) - 滴滴安全应急响应中心 - [ ] [DSRC活动 | 国际化金融业务专项](https://mp.weixin.qq.com/s?__biz=MzA3Mzk1MDk1NA==&mid=2651909202&idx=1&sn=f69a5724342f26fde31b11456b1a64e5) - 斗象智能安全 - [ ] [“安全数字员工”为什么需要「企业级架构」](https://mp.weixin.qq.com/s?__biz=MzIwMjcyNzA5Mw==&mid=2247495378&idx=1&sn=b49b754a53b7b232a46e8ff9f714a3bd) - 慢雾科技 - [ ] [慢雾 Hacking Time 邀您共探 AI × Web3 安全与合规新边界](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247504728&idx=1&sn=2e9d14cd251484f86669e24458daafb6) - 百度安全应急响应中心 - [ ] [Only 5 days left|BSRC 2025 in Bali](https://mp.weixin.qq.com/s?__biz=MzA4ODc0MTIwMw==&mid=2652544032&idx=1&sn=d346ac00c2bb22b0b9a081b5ff91d7a9) - 微步在线 - [ ] [清理完所有木马后,内网却失陷了](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650186195&idx=1&sn=c95018da57de6b417c64eb2a74eb32d0) - 火绒安全 - [ ] [4・15国家安全教育日|火绒安全答题抽奖来啦~](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247532133&idx=1&sn=8cf562996dd6b6818316a5ec1682b6cd) - [ ] [火绒小问答--「个人版」近期top问题解答](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247532133&idx=2&sn=80de337a8ac683597d3507afbc193543) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247532133&idx=3&sn=0243103c6a84676fbb70d2a9dcbfbf86) - 安全圈 - [ ] [【安全圈】Adobe 修复 PDF 阅读器零日漏洞,已被黑客利用至少四个月](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075679&idx=1&sn=6c0e8d061d29da3af35a3914330ee403) - [ ] [【安全圈】微软 SharePoint Server 0Day漏洞遭在野利用](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075679&idx=2&sn=7f36a44c547210554fed60111cd0c94c) - [ ] [【安全圈】假冒 Ledger Live 应用致 950 万美元加密货币被盗,受害者损失惨重](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075679&idx=3&sn=52273781698b2006a532abefe99ec4af) - 吴鲁加 - [ ] [皮克斯首席创意官的创作方法](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247486015&idx=1&sn=9f995ff1bed08990ddefcffc3d481a28) - 绿盟科技研究通讯 - [ ] [OpenClaw安全实战系列三:利用网关劫持实现 OpenClaw控制端1-Click RCE (CVE-2026-25253)](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247499830&idx=1&sn=7e8e642a37a47609bbff7a318c88da55) - Desync InfoSec - [ ] [2026年4月补丁日深度解析:163个漏洞含零日与多个严重RCE](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247490012&idx=1&sn=57fbfca6b63cd2cb604be12c93157df2) - 国家互联网应急中心CNCERT - [ ] [人工智能安全治理论坛在香港举行](https://mp.weixin.qq.com/s?__biz=MzIwNDk0MDgxMw==&mid=2247501413&idx=1&sn=972168a56388abe7d3cfb616f425d2ba) - 安全行者老霍 - [ ] [Agentic workforce 已然到来:思科为何要为 AI 安全装上一只 “Claw”](https://mp.weixin.qq.com/s?__biz=Mzg3NjU4MDI4NQ==&mid=2247486468&idx=1&sn=f905fc037523250b71260197512aed69) - 数世咨询 - [ ] [从访问到威胁仅需22秒](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247542571&idx=1&sn=478e5bafd385f2f5ce9dee26c531d0ab) - [ ] [OpenAI发布网络安全大模型GPT-5.4-Cyber](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247542571&idx=2&sn=8bb1cb0ee975851426a94e0fc9037662) - 威胁猎人Threat Hunter - [ ] [威胁猎人黑话词典2.0|打击欺诈行为,快速了解黑灰产黑话(数据泄露篇)](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247503248&idx=1&sn=1f95954a5661ab72d6fb6bec74fb570a) - 云鼎实验室 - [ ] [Apache Tomcat RCE 漏洞来袭,腾讯云安全已支持防护](https://mp.weixin.qq.com/s?__biz=MzU3ODAyMjg4OQ==&mid=2247497479&idx=1&sn=44f8232429ff85ec83255d3de8f2534d) - 字节跳动技术团队 - [ ] [OpenClaw的启示:身份权限管理是AI Agent时代的阿喀琉斯之踵](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247519254&idx=1&sn=59a6b003989511a6a221574c354b452f) - 网络空间安全科学学报 - [ ] [习近平总书记关于总体国家安全观重要论述的生动实践](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247507431&idx=1&sn=59d805c66c09d376181296cc438c794c) - 迪哥讲事 - [ ] [信息泄露](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247499318&idx=1&sn=8cefa2532c9d291319a9a1515c42d905) - 深信服千里目安全技术中心 - [ ] [【漏洞通告】Axios SSRF漏洞 (CVE-2026-40175)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247525339&idx=1&sn=aaab6e4838ba21ae6ebb1cfa6018c207) - [ ] [微软补丁日安全通告|4月份](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247525339&idx=2&sn=f5d9f09c0128dbbf80d8f2a51f0ea2a5) - [ ] [网络安全信息与动态周报2026年第15期(4月6日-4月12日)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247525339&idx=3&sn=26e66834aa525cf981e3ca632bba2c3a) - Qualys Security Blog - [ ] [Qualys VMDR and TotalCloud™ Now Available on Oracle Cloud Marketplace](https://blog.qualys.com/category/product-tech) - Tails - News - [ ] [Tails 7.6.2](https://tails.net/news/version_7.6.2/) - 赛博昆仑CERT - [ ] [【补丁日速递】2026年4月微软补丁日安全风险通告](https://mp.weixin.qq.com/s?__biz=MzkxMDQyMTIzMA==&mid=2247485007&idx=1&sn=efc05c91c8b6ed846ad1c6df2dcffe2d) - 360数字安全 - [ ] [360数字安全集团携手统信软件,共筑智能国产操作系统创新生态](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247585700&idx=1&sn=fcd3a44e7bfc287cc3956c3d0c69f7d6) - ICT Security Magazine - [ ] [Oltre le Terze Parti, la cybersecurity della supply chain nel 2026](https://www.ictsecuritymagazine.com/notizie/terze-parti-cybersecurity-supply-chain/) - [ ] [Risk management nella sanità digitale: prevenire e mitigare i rischi informatici](https://www.ictsecuritymagazine.com/articoli/risk-management-sanita/) - SANS Internet Storm Center, InfoCON: green - [ ] [[Guest Diary] Compromised DVRs and Finding Them in the Wild, (Thu, Apr 16th)](https://isc.sans.edu/diary/rss/32886) - [ ] [ISC Stormcast For Wednesday, April 15th, 2026 https://isc.sans.edu/podcastdetail/9892, (Wed, Apr 15th)](https://isc.sans.edu/diary/rss/32900) - [ ] [Scanning for AI Models, (Tue, Apr 14th)](https://isc.sans.edu/diary/rss/32896) - Arturo Di Corinto - [ ] [INTELLIGENZA ARTIFICIALE, GIORNALISMO E DEMOCRAZIA](https://dicorinto.it/formazione/intelligenza-artificiale-giornalismo-e-democrazia/) - Steflan’s Security Blog - [ ] [Certified Azure Red Team Expert (CARTE) Review](https://steflan-security.com/certified-azure-red-team-expert-carte-review/?utm_source=rss&utm_medium=rss&utm_campaign=certified-azure-red-team-expert-carte-review) - Instapaper: Unread - [ ] [Building your public sector digital forensics lab](https://www.magnetforensics.com/blog/building-your-public-sector-digital-forensics-lab/) - [ ] [The New Science of Eyewitness Memory | John Wixted | TED](https://www.youtube.com/watch?v=93ocNhHyGVo) - [ ] [Understanding and testing iCloud](https://eclecticlight.co/2026/04/06/understanding-and-testing-icloud/) - [ ] [I got tired of juggling 10 different tools for DFIR, so I spent the last 9 months building an open-source alternative.](https://www.reddit.com/r/computerforensics/comments/1shs1ov/i_got_tired_of_juggling_10_different_tools_for/) - [ ] [Low-Level Extraction for iOS 17 and 18](https://blog.elcomsoft.com/2026/04/low-level-extraction-for-ios-17-and-18/) - Schneier on Security - [ ] [Defense in Depth, Medieval Style](https://www.schneier.com/blog/archives/2026/04/defense-in-depth-medieval-style.html) - Over Security - Cybersecurity news aggregator - [ ] [Critical Nginx UI auth bypass flaw now actively exploited in the wild](https://www.bleepingcomputer.com/news/security/critical-nginx-ui-auth-bypass-flaw-now-actively-exploited-in-the-wild/) - [ ] [New AgingFly malware used in attacks on Ukraine govt, hospitals](https://www.bleepingcomputer.com/news/security/new-agingfly-malware-used-in-attacks-on-ukraine-govt-hospitals/) - [ ] [WordPress plugin suite hacked to push malware to thousands of sites](https://www.bleepingcomputer.com/news/security/wordpress-plugin-suite-hacked-to-push-malware-to-thousands-of-sites/) - [ ] [NIST to limit work on CVE entries as submissions surge](https://therecord.media/nist-to-limit-work-on-cve-entries-surge) - [ ] [Teen arrested in Northern Ireland over cyberattack on school network](https://therecord.media/northern-ireland-cyberattack-arrest) - [ ] [Flashpoint Surpasses Cataloging 7,000 Known Exploited Vulnerabilities as Disclosure Volume Accelerates](https://flashpoint.io/blog/flashpoint-surpasses-cataloging-7000-known-exploited-vulnerabilities/) - [ ] [Ukraine Warns of Surge in Cyberattacks on Hospitals, Local Governments by UAC-0247 Hackers](https://thecyberexpress.com/cyberattacks-on-hospitals-by-uac-0247-hackers/) - [ ] [Signed software abused to deploy antivirus-killing scripts](https://www.bleepingcomputer.com/news/security/signed-software-abused-to-deploy-antivirus-killing-scripts/) - [ ] [Hackerati i Pc di varie banche: ma è un problema di modello di sicurezza](https://www.cybersecurity360.it/news/hackerati-i-pc-di-varie-banche-ma-e-un-problema-di-modello-di-sicurezza/) - [ ] [Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest](https://www.bleepingcomputer.com/news/microsoft/microsoft-pays-23-million-for-cloud-and-ai-flaws-at-zero-day-quest/) - [ ] [UK warns businesses to address cyber risks amid Anthropic AI panic](https://therecord.media/anthropic-mythos-uk-cyber-risk) - [ ] [Attività promozionali, l’Agenzia assicurativa è titolare del trattamento: la sanzione privacy](https://www.cybersecurity360.it/news/attivita-promozionali-lagenzia-assicurativa-e-titolare-del-trattamento-la-sanzione-privacy/) - [ ] [QR code scam e ingegneria sociale: come evolvono le truffe digitali](https://www.cybersecurity360.it/nuove-minacce/qr-code-scam-e-ingegneria-sociale-come-evolvono-le-truffe-digitali/) - [ ] [CISA flags Windows Task Host vulnerability as exploited in attacks](https://www.bleepingcomputer.com/news/security/cisa-flags-windows-task-host-vulnerability-as-exploited-in-attacks/) - [ ] [OpenAI svela GPT-5.4-Cyber: ecco l’approccio graduale all’AI applicata alla sicurezza](https://www.cybersecurity360.it/news/openai-svela-gpt-5-4-cyber-ecco-lapproccio-graduale-allai-applicata-alla-sicurezza/) - [ ] [LmCompatibilityLevel and the PDC Trap](https://decoder.cloud/2026/04/15/lmcompatibilitylevel-and-the-pdc-trap/) - [ ] [Educational company McGraw Hill says Salesforce misconfiguration led to data leak](https://therecord.media/mcgraw-hill-data-leak-tied-to-salesforce-misconfiguration) - [ ] [Rolling Networks: Securing the Transportation Sector](https://www.bleepingcomputer.com/news/security/rolling-networks-securing-the-transportation-sector/) - [ ] [MACOBOX is back from San Francisco](https://mandomat.github.io/2026-04-15-macobox-new-features/) - [ ] [How Cyble Blaze AI Delivers 360° Threat Visibility Across Dark Web and Enterprise Systems](https://cyble.com/blog/cyble-blaze-ai-enterprise-threat-intelligence/) - [ ] [Sweden says pro-Russian hackers attempted to breach thermal power plant](https://therecord.media/sweden-hackers-russia-power-plant) - [ ] [Threat landscape for industrial automation systems in Q4 2025](https://securelist.com/industrial-threat-report-q4-2025/119392/) - [ ] [MiningDropper – A Global Modular Android Malware Campaign Operating at Scale](https://cyble.com/blog/miningdropper-global-modular-android-malware/) - [ ] [Microsoft: April updates trigger BitLocker key prompts on some servers](https://www.bleepingcomputer.com/news/microsoft/microsoft-some-windows-servers-ask-for-bitlocker-key-after-april-updates/) - [ ] [Chile’s Cybersecurity Framework Law: How SOCs Achieve Compliance and Response Readiness](https://any.run/cybersecurity-blog/chile-cybersecurity-framework-law/) - [ ] [Cybersecurity e ROI](https://www.certego.net/blog/cybersecurity-e-roi-dove-mdr-genera-valore-concreto-esempi-pratici-per-cio-ciso/) - [ ] [Aggiornamenti Microsoft aprile 2026: corretta una zero-day in SharePoint già sfruttata](https://www.cybersecurity360.it/nuove-minacce/aggiornamenti-microsoft-aprile-2026-corretta-una-zero-day-in-sharepoint-gia-sfruttata/) - [ ] [Microsoft fixes bug behind Windows Server 2025 automatic upgrades](https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-behind-windows-server-2025-automatic-upgrades/) - [ ] [Unpacking the Unpackable: Malformed APKs as an Anti-Analysis Technique](https://www.cleafy.com/cleafy-labs/malformed-apks-as-an-anti-analysis-technique-malfixer-tool) - [ ] [The n8n n8mare: How threat actors are misusing AI workflow automation](https://blog.talosintelligence.com/the-n8n-n8mare/) - [ ] [La Cina è in vantaggio sui robot umanoidi](https://www.guerredirete.it/la-cina-e-in-vantaggio-sui-robot-umanoidi/) - [ ] [Ivanti Neurons ITSM Vulnerabilities Could Allow Session Persistence](https://thecyberexpress.com/itsm-vulnerabilities-ivanti/) - [ ] [La sicurezza delle interfacce cervello-computer](https://www.cybersecurity360.it/outlook/interfacce-cervello-computer/) - [ ] [OpenAI Expands Access to Advanced AI for Cybersecurity Testing](https://thecyberexpress.com/trusted-access-for-cyber-program-at-openai/) - [ ] [JanaWare Ransomware Targets Turkish Users Through Adwind RAT Campaign](https://thecyberexpress.com/janaware-ransomware-hits-turkish-users/) - [ ] [Microsoft Fixes 167 Vulnerabilities in Latest Patch Tuesday Update](https://thecyberexpress.com/microsoft-patch-tuesday-april-2026/) - [ ] [Big tech fails to opt-out users requesting not to be tracked much of the time, new research says](https://therecord.media/big-tech-fails-to-opt-out-users-requesting-not-to-be-tracked) - Deeplinks - [ ] [EFF Calls on Kuwait to Release Journalist Ahmed Shihab-Eldin](https://www.eff.org/deeplinks/2026/04/eff-calls-kuwait-release-journalist-ahmed-shihab-eldin) - [ ] [Digital Hopes, Real Power: The Rise of Network Shutdowns](https://www.eff.org/deeplinks/2026/04/digital-hopes-real-power-rise-network-shutdowns) - Daniel Miessler - [ ] [We're All Building a Single Digital Assistant](https://danielmiessler.com/blog/we-are-all-building-single-digital-assistant?utm_source=rss&utm_medium=feed&utm_campaign=website) - The Hacker News - [ ] [n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails](https://thehackernews.com/2026/04/n8n-webhooks-abused-since-october-2025.html) - [ ] [Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover](https://thehackernews.com/2026/04/critical-nginx-ui-vulnerability-cve.html) - [ ] [April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More](https://thehackernews.com/2026/04/april-patch-tuesday-fixes-critical.html) - [ ] [Deterministic + Agentic AI: The Architecture Exposure Validation Requires](https://thehackernews.com/2026/04/deterministic-agentic-ai-architecture.html) - [ ] [Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities](https://thehackernews.com/2026/04/microsoft-issues-patches-for-sharepoint.html) - [ ] [OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams](https://thehackernews.com/2026/04/openai-launches-gpt-54-cyber-with.html) - GRAHAM CLULEY - [ ] [Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying](https://grahamcluley.com/smashing-security-podcast-463/) - [ ] [108 malicious Chrome extensions caught stealing Google and Telegram data from 20,000 users](https://www.bitdefender.com/en-us/blog/hotforsecurity/malicious-chrome-extensions-steal-google-telegram-data) - The Register - Security - [ ] [Anthropic's Project Glasswing CVE tally is still anyone's guess](https://go.theregister.com/feed/www.theregister.com/2026/04/15/project_glasswing_cves/) - [ ] [Patch these critical Fortinet sandbox bugs that let attackers bypass login, run commands over HTTP](https://go.theregister.com/feed/www.theregister.com/2026/04/15/critical_fortinet_sandbox_bugs/) - [ ] [Automotive data biz Autovista blames ransomware for service disruption](https://go.theregister.com/feed/www.theregister.com/2026/04/15/automotive_data_biz_autovista_ransomware/) - [ ] [French cops free mother and son after 20-hour crypto kidnap ordeal](https://go.theregister.com/feed/www.theregister.com/2026/04/15/crypto_kidnap_france/) - [ ] [Ancient Excel bug comes out of retirement for active attacks](https://go.theregister.com/feed/www.theregister.com/2026/04/15/excel_exploit/) - [ ] [Raspberry Pi OS ends open-door policy for sudo](https://go.theregister.com/feed/www.theregister.com/2026/04/15/raspberry_pi_os_sudo/) - [ ] [UK told its Big Tech habit is now a national security risk](https://go.theregister.com/feed/www.theregister.com/2026/04/15/uk_big_tech_dependence/) - [ ] [Agents hooked into GitHub can steal creds – but Anthropic, Google, and Microsoft haven't warned users](https://go.theregister.com/feed/www.theregister.com/2026/04/15/claude_gemini_copilot_agents_hijacked/) - Security Affairs - [ ] [CVE-2026-33032: severe nginx-ui bug grants unauthenticated server access](https://securityaffairs.com/190841/hacking/cve-2026-33032-severe-nginx-ui-bug-grants-unauthenticated-server-access.html) - [ ] [U.S. CISA adds Microsoft SharePoint Server, and Microsoft Office Excel flaws to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/190852/hacking/u-s-cisa-adds-microsoft-sharepoint-server-and-microsoft-office-excel-flaws-to-its-known-exploited-vulnerabilities-catalog.html) - [ ] [Mirax malware campaign hits 220K accounts, enables full remote control](https://securityaffairs.com/190842/uncategorized/mirax-malware-campaign-hits-220k-accounts-enables-full-remote-control.html) - [ ] [PHP Composer flaws enable remote command execution via Perforce VCS](https://securityaffairs.com/190824/security/php-composer-flaws-enable-remote-command-execution-via-perforce-vcs.html) - [ ] [Microsoft Patch Tuesday for April 2026 fixed actively exploited SharePoint zero-day](https://securityaffairs.com/190831/security/microsoft-patch-tuesday-for-april-2026-fixed-actively-exploited-sharepoint-zero-day.html) - TorrentFreak - [ ] [Anna’s Archive Loses $322 Million Spotify Piracy Case Without a Fight](https://torrentfreak.com/annas-archive-loses-322-million-spotify-piracy-case-without-a-fight/) - Tor Project blog - [ ] [New Release: Tails 7.6.2](https://blog.torproject.org/new-release-tails-7_6_2/) - 白帽子章华鹏 - [ ] [安全岗上新|滴滴/去哪儿/米哈游/贝壳等12个优质岗位直推负责人](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650238981&idx=1&sn=754d50404a97fb1095321b64285ce24f) - Security Weekly Podcast Network (Audio) - [ ] [Not All CISO Gigs Are Created Equal and RSAC Interviews from ESET and Mimecast - Rob Juncker, Joanna Chen, Tony Anscombe - BSW #443](http://sites.libsyn.com/18678/not-all-ciso-gigs-are-created-equal-and-rsac-interviews-from-eset-and-mimecast-rob-juncker-joanna-chen-tony-anscombe-bsw-443)
每日安全资讯(2026-04-16)