# 每日安全资讯(2026-04-18) - Doonsec's feed - [ ] [互联网协议第 8 版(IPv8)](https://mp.weixin.qq.com/s/aiuKeCq-t35QnSC555Ar4A) - [ ] [跟我零基础跟玩RSC反序列(3)](https://mp.weixin.qq.com/s/ev1ffisbI9FePqwSIoJiMg) - [ ] [2026年C3技术之夜 | 一场硬核与思辨交融的顶尖攻防秀](https://mp.weixin.qq.com/s/RrBZhGjHVoq419IizDi1Qg) - [ ] [向信而行·智赢未来|亚信安全C3合作伙伴大会·2026蓉城召开](https://mp.weixin.qq.com/s/0lICKbRXbpSih9G1mZ9Lqg) - [ ] [倒计时1天!2026年C3安全大会直播预约通道正式开启](https://mp.weixin.qq.com/s/1u-Q1yMBv2qQjV-9dm3WTg) - [ ] [成语分解谣言套路,网警教你见招拆招](https://mp.weixin.qq.com/s/gte0L60yxmpU0-AncL4qiA) - [ ] [分享图片](https://mp.weixin.qq.com/s/qrjZK4-y1iNqh-BrumdJsg) - [ ] [已至](https://mp.weixin.qq.com/s/7wJ-kCW8_Qw-fAwzMvHjOQ) - [ ] [PyGlimmer:Python逆向集成工具](https://mp.weixin.qq.com/s/x5PdxArjEiVBp1LriSJthw) - [ ] [失业4个月,丈母娘一句话,把我打回原形](https://mp.weixin.qq.com/s/fsGS0pMiXwJmhfIdPcbZyw) - [ ] [FanchmWrt适配无线宝亚瑟、太乙、雅典娜3款路由器](https://mp.weixin.qq.com/s/aa_VWj6OsW_7SeU7StG_CQ) - [ ] [重温“4.19”重要讲话十周年系列(5): “菁英计划”圆满结业,开展实战人才新篇](https://mp.weixin.qq.com/s/t6UWc_ssAabGEv_7_zh9tQ) - [ ] [热点速览 | 每周网安大事件(20260406-20260412)](https://mp.weixin.qq.com/s/cjiOM2KgIxTMpWUrt7fkMA) - [ ] [关注 | 中国网络空间安全学会出版工作委员会正式成立](https://mp.weixin.qq.com/s/I5f7T-RpEfIJBgZqr0deXw) - [ ] [文章阅读量不过百是啥感觉](https://mp.weixin.qq.com/s/RV1S8ydLh-nITrFosXDt9A) - [ ] [frida源码快速分析课程更新完成](https://mp.weixin.qq.com/s/ZACUXfvXkXWYRW58hneeAA) - [ ] [论文研读与思考 | 边缘计算中容器性能表征](https://mp.weixin.qq.com/s/MfBMfhusOdo5j1G9lY_Fxw) - [ ] [参赛手册 | 2026数字中国创新大赛数字安全赛道网络和数据安全积分争夺个人赛和团队赛决赛](https://mp.weixin.qq.com/s/BeHudD0273FHzirTjtdvQQ) - [ ] [【工业控制系统网络安全系列课程】第4课-工业控制系统的网络安全风险-攻击的主要阶段(续)](https://mp.weixin.qq.com/s/0_I4kthp2MqbxIroRnuNaQ) - [ ] [抓包之后再也不用手动分析了!Anything Analyzer 来了](https://mp.weixin.qq.com/s/cwP16wG9xc9b6SKlYwaKhA) - [ ] [Ansible copy 模块,带状态、可审计、可重复执行的文件分发机制](https://mp.weixin.qq.com/s/pTmUVIbpHITCV-sVyHmiwg) - [ ] [【招人】车辆网络安全实习生](https://mp.weixin.qq.com/s/f5uDARaGkgtUQjaXnjTkIg) - [ ] [Cross-Signed 驱动程序已死?未必如此](https://mp.weixin.qq.com/s/FkyPZd1KeLEUIPkspfCVgA) - [ ] [针对Microsoft Defender零日漏洞的新概念验证利用代码发布](https://mp.weixin.qq.com/s/vyvfLkl-NExwWLl78qVlxA) - [ ] [Chrome隐私漏洞:指纹识别与HTTP头泄露使用户面临风险](https://mp.weixin.qq.com/s/r4fBT0h-jzN8SxTfndggZg) - [ ] [从“无限制频谱战”到“网络韧性设计”:美国太空军2040愿景文件网络空间要点解读](https://mp.weixin.qq.com/s/tnP2-p0WEgS3JJgySlhjPw) - [ ] [淘宝预售699元!100%开源,乐鑫StackChan社区共创 AI 桌面机器人,内置AI Agent,支持视频通话、操控智能家居设备](https://mp.weixin.qq.com/s/0HoHetVF6rs8UAbuxTYaMw) - [ ] [AI共学营 Day4 实录:今天,你想吃什么?](https://mp.weixin.qq.com/s/6ENHsr3g89y5KciWkJcXZQ) - [ ] [黄仁勋最新访谈拆解:供应链护城河、TPU威胁与对华芯片争议](https://mp.weixin.qq.com/s/D-jCc8G6tV7w6f1r_xOkSQ) - [ ] [Windows截图工具漏洞允许攻击者通过网络执行欺骗操作](https://mp.weixin.qq.com/s/TOFhVZjiVT9H5f3HsePOyQ) - [ ] [Azure Windows 管理中心的一键式远程代码执行漏洞允许攻击者执行任意命令](https://mp.weixin.qq.com/s/0yTOZmgF73e67DzwzdNHoA) - [ ] [浙商银行建成统一AI能力中枢,已覆盖内部管理场景50余个](https://mp.weixin.qq.com/s/M_kzCx_LlmKdQG-O4yi01w) - [ ] [AI快讯:ChatGPT公布用户数据,拉卡拉支付Skill在扣子上线,Gucci将推AI智能眼镜](https://mp.weixin.qq.com/s/mYrq7Tp2wF_mN-K34_987g) - [ ] [294万元/年!东莞证券AI创新建设开发人员外包服务采购项目](https://mp.weixin.qq.com/s/ctV5VVqohMmXs1h6OtTfiA) - [ ] [先知先行——灯塔系列城市沙龙第十三场 · 成都站成功举办!](https://mp.weixin.qq.com/s/ZcMUiPEhyXRYl6UlO96cjg) - [ ] [MASB2.0智能体护栏:从AI安全入口到智能体安全控制面](https://mp.weixin.qq.com/s/i8j1X7UqO8VYpNPMqaWnUQ) - [ ] [别再把安全与网络安全相提并论,二者几乎毫无共性](https://mp.weixin.qq.com/s/LDBmg4finTEmV0ULUso4Ag) - [ ] [关于对网安标委技术文件《人工智能应用伦理安全指引》1.0版(征求意见稿)公开征求意见的通知](https://mp.weixin.qq.com/s/ZcfKCnSLGW5jsbiYoRYASg) - [ ] [免费赠送 | 415全民国家安全教育日-安全意识培训科普素材](https://mp.weixin.qq.com/s/JcJY3uzrZhc_r1UQDmNV8w) - [ ] [首届“楚安杯”网络攻防高校邀请赛AWDP 第十轮smarty WP](https://mp.weixin.qq.com/s/ZdM-U4ry1LpQHLArp01Q7Q) - [ ] [(12)5.2 人工智能方针 — 企业信息安全负责人必读系列丛书书稿《ISO/IEC 42001: 2023人工智能管理体系标准的谬误辨析与实施详解》](https://mp.weixin.qq.com/s/OwD8jJNjkmMM32AJbUCcaA) - [ ] [【福利赠送】ISO 22301业务连续性管理体系导入实施案例(14)业务连续性策略和方案的确定](https://mp.weixin.qq.com/s/etU2CP7cR_woXOMYsjxXBw) - [ ] [西安电子科技大学 | SLOT:基于图强化学习的溯源图驱动APT检测方法](https://mp.weixin.qq.com/s/SmxPnJjdubjx1oFnxZy2gw) - [ ] [论坛·认知域安全 | 美国构建“中国网络威胁”叙事的认知塑造机制研究与事件分析](https://mp.weixin.qq.com/s/RA29k0jNGECpMEVw7X-dvQ) - [ ] [覆盖10亿用户!360发现全球高危漏洞 漏洞挖掘智能体首次披露](https://mp.weixin.qq.com/s/LdFxutGiQumDDYi8iDxXLw) - [ ] [CNNVD | 人工智能重要漏洞通报(2026年第五期)](https://mp.weixin.qq.com/s/GgKdQgtdR7g0_uzFZPeEzA) - [ ] [国家发展改革委:“十五五”期间,推动低空经济“管得好、飞得稳、用得活”](https://mp.weixin.qq.com/s/UNOaqpLOIAlG2loJ0_Q9ww) - [ ] [通知 | 《人工智能应用伦理安全指引》1.0版(征求意见稿)公开征求意见(附全文)](https://mp.weixin.qq.com/s/QhvA8Hy2DoGI85BbIPBoBQ) - [ ] [前沿 | “养龙虾热”的智能体安全隐忧](https://mp.weixin.qq.com/s/uuQaQLkd77DPsgxwXzSMaA) - [ ] [省数据局关于发布2026年湖北省“数智+”场景育新行动智慧城市领域机会清单、能力清单和案例清单的通知](https://mp.weixin.qq.com/s/e-RGPd0BMbBI2914pHcmDQ) - [ ] [理事动态 | 东方网盾第二届“网盾杯”人工智能与网络安全知识竞赛圆满成功](https://mp.weixin.qq.com/s/6RTwAktCcm_1-99k4poQjQ) - [ ] [等保二级、三级、四级合规自查清单](https://mp.weixin.qq.com/s/jjUi0h6d7Hi5m4_OxFST3g) - [ ] [等保标准再扩新篇,数据安全系列公安行标解析-GA/T 2395网络安全等级保护](https://mp.weixin.qq.com/s/VU1mE_NN-20r4aCWaYgTAA) - [ ] [你的每一次“点击”,都与网络安全同频](https://mp.weixin.qq.com/s/qATLEWPNbW9RvbKX2fX8VA) - [ ] [安全大咖说xa0| 揭开白盒密码技术的面纱(上篇)](https://mp.weixin.qq.com/s/9XqiVn-p1kG4TD3VEDGnxg) - [ ] [CAN信号的Intel格式和Motorola格式有什么区别?](https://mp.weixin.qq.com/s/nymnXmmWOa-9z-sMF3WHig) - [ ] [车载DEM诊断模块基础知识详解](https://mp.weixin.qq.com/s/yvNOW_kHtjQiKQL630H9Ag) - [ ] [【免杀工具】DLLHijackHunter](https://mp.weixin.qq.com/s/kRmu6rtrSKiF8v6d5eadew) - [ ] [等保标准再扩新篇,数据安全系列公安行标解析(四)](https://mp.weixin.qq.com/s/NV-nvmMMK-OwwQKoNpm22g) - [ ] [等保2.0风险评估|物理环境:别让机房“地基”,拖垮整个合规](https://mp.weixin.qq.com/s/3fkwBMaNCHgcHk4DkTxbJg) - [ ] [专家观点丨电子标准化院:新型工业化背景下切实提升工业控制系统网络安全防护能力](https://mp.weixin.qq.com/s/yKLb1o-JwhSY2H0bUaDyyw) - [ ] [征求意见稿丨国家标准《网络安全技术 区块链系统安全实施指南》(附下载)](https://mp.weixin.qq.com/s/6Ds38Qrt_hCBKwEMIollSw) - [ ] [CVE复现之老洞新探CVE-2021-3156](https://mp.weixin.qq.com/s/cPULYIBBV9DyVd6x_QzZ3Q) - [ ] [【免费领】顶级黑客工具:Kali Linux最优渗透测试思路及方法](https://mp.weixin.qq.com/s/6XGueAev-neUkdt7kV6mrg) - [ ] [覆盖亿级用户!360发现全球高危漏洞 漏洞挖掘智能体首次披露](https://mp.weixin.qq.com/s/D_y6vbBa5KoP65uGwkW3Lg) - [ ] [从Vibe Coding到Agentic Engineering:重构后台开发全流程](https://mp.weixin.qq.com/s/pr8oQ9wEC7Oa1NvvW89j6w) - [ ] [[漏洞复现]某科技 X2Modbus网关 GetConfig 信息泄露漏洞](https://mp.weixin.qq.com/s/P4GmEK8tEwD8MAZZQGLj8w) - [ ] [直播预告 | 安全运营AI 进阶:AI威胁研判的场景化应用与落地路径](https://mp.weixin.qq.com/s/Ri1CCJUe7XLBgqkZUO4jPg) - [ ] [【代码审计】基于Tabby的反序列化示例](https://mp.weixin.qq.com/s/R7tBno-m5o2QGN6uZJ5Plg) - [ ] [web选手入门pwn(35)——bllhl_fmt](https://mp.weixin.qq.com/s/CWLksKhWkrupvSRlaHADVg) - [ ] [经典回顾 | 手机取证之安卓微信数据分布](https://mp.weixin.qq.com/s/TqQa648BWm1p6_SP9PgsDw) - [ ] [《权限劫持:2024脑机接口重构计划》二](https://mp.weixin.qq.com/s/GZl7T4VJ4tsbgzsbkQTg6A) - [ ] [【全国首单】思而听联合PICC推出“网络安全防勒索专项服务综合保单”在济南高新区成功落地](https://mp.weixin.qq.com/s/J3ZCayEUEg3XGcv3kmnZnw) - [ ] [肖仰华:“养龙虾热”的智能体安全隐忧](https://mp.weixin.qq.com/s/Qs0eDVtUGccNJX4PphON2Q) - [ ] [人工智能重要漏洞通报(2026年第五期)](https://mp.weixin.qq.com/s/PLInxZLj89ZkyE9AP0WLcQ) - [ ] [免费AI代码漏洞扫描神器!MonkeyScan开放注册,限时速领3000积分](https://mp.weixin.qq.com/s/2gA8KuLUpHsivY9SI9X5DA) - [ ] [全员就位!长亭科技 415 安全主题活动高能回顾](https://mp.weixin.qq.com/s/T9kVvgdGaeCaIZ4fzYICGA) - [ ] [信息安全漏洞预警(2026年4月13日-4月17日)](https://mp.weixin.qq.com/s/3eQn8-mbJiio8NXepLKxow) - [ ] [【漏洞通告】Nginx UI MCP接口绕过认证漏洞(CVE-2026-33032)](https://mp.weixin.qq.com/s/7kHtjd2OqAtbTccOn_p7cg) - [ ] [CTO们在AI时代关注的安全风险](https://mp.weixin.qq.com/s/lYxr6mleBPJ_nRM7ode5IA) - [ ] [安全简讯(2026.04.17)](https://mp.weixin.qq.com/s/57_632c39dxJ2ert4ZCXLg) - [ ] [Python爬虫之某站JS加密逆向分析](https://mp.weixin.qq.com/s/bvfN3F24nRRcXhvYZ7qNRg) - [ ] [安全资讯汇总:2026.4.13-2026.4.17](https://mp.weixin.qq.com/s/fryDB3o9E4BYcE0X_LOcLg) - [ ] [群友靶机之Calc.](https://mp.weixin.qq.com/s/_5r604orNlsDD0x3x8Ni_w) - [ ] [邬贺铨 余晓晖等发文:我国新一代信息技术产业重点领域的成就与不足](https://mp.weixin.qq.com/s/muEtoe78WfPjpthSF0FQmQ) - [ ] [全国网安标委发布2026年度第二批网络安全国家标准需求](https://mp.weixin.qq.com/s/svu0P9HjCO-IboCkHjIJtA) - [ ] [通知|新一轮京东卡即将上线!](https://mp.weixin.qq.com/s/G6njq_rCqQAKLzgBL5DWaQ) - [ ] [TCP和UDP的本质区别(超通俗,不堆术语,小白也能秒懂)](https://mp.weixin.qq.com/s/qCMRLNxxBljJQwrdIBBZyg) - [ ] [网络协议---TCP协议(三次握手,四次挥手)](https://mp.weixin.qq.com/s/ng_pPmLMklbZbpPXhcamoA) - [ ] [网络协议---UDP协议](https://mp.weixin.qq.com/s/VxwkPTDBiWIdgFevqgrraA) - [ ] [CH-47F Block II“支奴干”未来演进之路](https://mp.weixin.qq.com/s/kHs2zL5dHxhCD5dJctfsiw) - [ ] [安全巡检平台 -- ReconInspector(4月13日更新)](https://mp.weixin.qq.com/s/v0kU_8m8iLTqs-EdXv3luw) - [ ] [360发现全球高危漏洞,漏洞挖掘智能体首次披露](https://mp.weixin.qq.com/s/DQTx5-O6hnzW0kJyE22fIw) - [ ] [数字金融新时代 | 任子行数据安全分类分级,数安三件套护航金融合规](https://mp.weixin.qq.com/s/Tr_ak1Gz-GmUkqp1D5ijxw) - [ ] [很抱歉,封笔停更,转行了!](https://mp.weixin.qq.com/s/JVbLn1Tf2IloV8DVpllh1Q) - [ ] [重要公告||《重要网络和信息系统密评工作指南2026版》发布](https://mp.weixin.qq.com/s/aaJpe9lVQF7iLJGvr0ppfA) - [ ] [《重要网络和信息系统密评工作指南2026版》发布](https://mp.weixin.qq.com/s/JUylSWePleGpA4MnUYXZ_g) - [ ] [【专题征稿】网络安全智能防御技术](https://mp.weixin.qq.com/s/U4WeDwEkzyF1LKlFT_-qOQ) - [ ] [能信安:病毒和恶意代码通告](https://mp.weixin.qq.com/s/k0P7NuHQMEXPV1GXcbqgkA) - [ ] [一本恶意软件分析速成课程](https://mp.weixin.qq.com/s/NB2XhiuSppn7aW5IMsD2Ug) - [ ] [AI Agent导致杀伤链失效](https://mp.weixin.qq.com/s/Wtt5vcNKiiQNJ0C4cFhJkA) - [ ] [国家网信办持续整治网上金融信息乱象](https://mp.weixin.qq.com/s/9LyVHueyRrY9oUQaX5770g) - [ ] [杭州某公司因数据遭境外窃取被处罚!](https://mp.weixin.qq.com/s/8yxcK5JqkcL49j-caJ7y_w) - [ ] [三星电子员工利用公司系统漏洞大规模收集个人信息 被起诉](https://mp.weixin.qq.com/s/CLXLNRn2xjPiuflugDhHjQ) - [ ] [2026年你必须学习的Web开发技能](https://mp.weixin.qq.com/s/hgHsg3n2xuf2ggCSmgjXLw) - [ ] [2026年你最常用的API测试工具是什么?](https://mp.weixin.qq.com/s/5RTDYRFujJBjpSptn7jXVA) - [ ] [政企私有化部署IM安全数据防泄密方案介绍](https://mp.weixin.qq.com/s/Vsf2oNAjup7EA-6B_JLe4A) - [ ] [【公益译文】2026年国际AI安全报告(五)](https://mp.weixin.qq.com/s/uKwlv3dJNUturwmddEwsMA) - [ ] [Claude Opus 4.7 系统级提示词「泄露」与 CL4R1T4S 的半透明战争](https://mp.weixin.qq.com/s/dL9A_q-1GeD9mk9Xqq19Fg) - [ ] [美西方“大国竞争”级OSINT商业情报服务商](https://mp.weixin.qq.com/s/i85uWqBEmB_Er6lI7cNeXA) - [ ] [查找英国政治“旋转门”生态的OSINT平台](https://mp.weixin.qq.com/s/OrMK8eZGOKmBF85Ir6C6KA) - [ ] [俄罗斯AI自动狙击系统【视频】](https://mp.weixin.qq.com/s/JNteGnkt6tji0yoXUbJK-w) - [ ] [Zack-AI-Scanner 新一代基于AI大模型的Web漏洞扫描器 (文末福利)](https://mp.weixin.qq.com/s/UcKuAyZow6QhEhCbpX4JDw) - [ ] [AI把我取代了吗?——大胆开麦篇](https://mp.weixin.qq.com/s/nloc4ANSZMOC_r2lc11-Yw) - [ ] [绕过av/edr防护dump用户本地哈希工具](https://mp.weixin.qq.com/s/jiNALhn3wEPyCTcFIJHGDQ) - [ ] [赶不走的幽灵:AD域持久化技术与检测对抗](https://mp.weixin.qq.com/s/KgSBwlNzCyRksjWnqngvlA) - [ ] [安恒信息实力护航第四届四川省卫生健康行业网络安全技能大赛,实战淬炼医疗数字防线](https://mp.weixin.qq.com/s/bXc6fCuvAjW7grZRCDzOVQ) - [ ] [党建引领,守网安初心|山石网科杨庆华荣登北京广播电视台《新时代新担当新作为》,讲述网安人使命担当](https://mp.weixin.qq.com/s/g0ySEezuZElkiMIPdlTnzw) - [ ] [山石网科荣膺 “威胁情报支撑单位突出贡献奖”|亮相2026世界互联网大会亚太峰会](https://mp.weixin.qq.com/s/OQInptg3Gr8ZR0N2YYZF1g) - [ ] [AI安全讨论交流学习群(广告勿扰)](https://mp.weixin.qq.com/s/7Tw4RBmAe2097Dc4bWyNTA) - [ ] [相约紫禁:携手顶级战队与行业大咖,共探智能攻防前沿课题](https://mp.weixin.qq.com/s/EVVR0F1vgxPaUVTAiju9PQ) - [ ] [告别盲审,用Agent skill代码审计定位高危漏洞](https://mp.weixin.qq.com/s/eAkrurVXmoZY4IPjvlaoxQ) - [ ] [我是如何把不支持eSIM的国行手机支持eSIM的?](https://mp.weixin.qq.com/s/Yu6TlkoCZsLJ1n3RHbjogA) - SecWiki News - [ ] [SecWiki News 2026-04-17 Review](http://www.sec-wiki.com/?2026-04-17) - Recent Commits to cve:main - [ ] [Update Fri Apr 17 11:17:27 UTC 2026](https://github.com/trickest/cve/commit/23fceaeba3c04ec239dbdce37b207d529c7aea5b) - Private Feed for M09Ic - [ ] [strands-agents released v1.36.0 at strands-agents/sdk-python](https://github.com/strands-agents/sdk-python/releases/tag/v1.36.0) - [ ] [PrefectHQ released 3.6.27 at PrefectHQ/prefect](https://github.com/PrefectHQ/prefect/releases/tag/3.6.27) - [ ] [bolucat released 202604172110 at bolucat/Archive](https://github.com/bolucat/Archive/releases/tag/202604172110) - [ ] [anthropics released v2.1.113 at anthropics/claude-code](https://github.com/anthropics/claude-code/releases/tag/v2.1.113) - [ ] [github released v0.7.3 at github/spec-kit](https://github.com/github/spec-kit/releases/tag/v0.7.3) - [ ] [pydantic released v0.0.14 at pydantic/monty](https://github.com/pydantic/monty/releases/tag/v0.0.14) - [ ] [zeroclaw-labs released v0.7.0-beta.1041 at zeroclaw-labs/zeroclaw](https://github.com/zeroclaw-labs/zeroclaw/releases/tag/v0.7.0-beta.1041) - [ ] [killeven starred microsoft/go-winio](https://github.com/microsoft/go-winio) - [ ] [zema1 starred op7418/logo-generator-skill](https://github.com/op7418/logo-generator-skill) - [ ] [Ridter starred KKKKhazix/khazix-skills](https://github.com/KKKKhazix/khazix-skills) - [ ] [0xbug starred logto-io/logto](https://github.com/logto-io/logto) - [ ] [pydantic released v0.0.13 at pydantic/monty](https://github.com/pydantic/monty/releases/tag/v0.0.13) - [ ] [ZeddYu starred Lakr233/Asspp](https://github.com/Lakr233/Asspp) - [ ] [zeroclaw-labs released v0.7.0-beta.1040 at zeroclaw-labs/zeroclaw](https://github.com/zeroclaw-labs/zeroclaw/releases/tag/v0.7.0-beta.1040) - [ ] [mgeeky starred Octoberfest7/SilentHarvest_BOF](https://github.com/Octoberfest7/SilentHarvest_BOF) - [ ] [Ridter starred incursi0n/BlueSAM](https://github.com/incursi0n/BlueSAM) - [ ] [lz520520 starred GALIAIS/CTF-Sandbox-Orchestrator](https://github.com/GALIAIS/CTF-Sandbox-Orchestrator) - [ ] [Mel0day starred hellodigua/ChatLab](https://github.com/hellodigua/ChatLab) - [ ] [Mel0day forked Mel0day/WeFlow from hicccc77/WeFlow](https://github.com/Mel0day/WeFlow) - [ ] [whwlsfb starred elder-plinius/CL4R1T4S](https://github.com/elder-plinius/CL4R1T4S) - [ ] [gh0stkey starred vercel-labs/wterm](https://github.com/vercel-labs/wterm) - [ ] [zema1 starred ysm-dev/cpdown](https://github.com/ysm-dev/cpdown) - Corelan | Exploit Development & Vulnerability Research - [ ] [Debugging - WinDBG(X) Automation & Scripting - Part 1](https://www.corelan.be/index.php/2026/04/17/debugging-windbgx-automation-scripting-part-1/) - A Few Thoughts on Cryptographic Engineering - [ ] [Anonymous credentials: an illustrated primer (Part 2)](https://blog.cryptographyengineering.com/2026/04/17/anonymous-credentials-an-illustrated-primer-part-2/) - Microsoft Security Blog - [ ] [Containing a domain compromise: How predictive shielding shut down lateral movement](https://www.microsoft.com/en-us/security/blog/2026/04/17/domain-compromise-predictive-shielding-shut-down-lateral-movement/) - obaby 𝐢𝐧⃝ void - [ ] [偷梁换柱 — 解决『出境易暂不支持此应用。』](https://zhongxiaojie.cn/2026/04/990/) - Horizon3.ai - [ ] [Mythos Didn’t Break Cybersecurity. It Exposed What Was Already Broken.](https://horizon3.ai/intelligence/blogs/mythos-ai-cybersecurity-risk-gaps/) - GuidePoint Security - [ ] [Identity Convergence: The Missing Link in Whole-of-State Cybersecurity](https://www.guidepointsecurity.com/blog/identity-convergence-for-whole-of-state-cybersecurity/) - Malware-Traffic-Analysis.net - Blog Entries - [ ] [2026-04-16: Files for an ISC diary (Lumma Stealer infection with Sectop RAT/ArechClient2)](https://www.malware-traffic-analysis.net/2026/04/16/index.html) - VMRay - [ ] [March 2026 Detection Highlights: 10 New VTIs, Expanded Config Extractors, and 30+ Fresh YARA Rules](https://www.vmray.com/march-2026-detection-highlights-10-new-vtis-expanded-config-extractors-and-30-fresh-yara-rules/) - SentinelOne - [ ] [The Good, the Bad and the Ugly in Cybersecurity – Week 16](https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-16-7/) - The Trail of Bits Blog - [ ] [We beat Google’s zero-knowledge proof of quantum cryptanalysis](https://blog.trailofbits.com/2026/04/17/we-beat-googles-zero-knowledge-proof-of-quantum-cryptanalysis/) - Intigriti - [ ] [Common misconceptions debugged!](https://www.intigriti.com/blog/business-insights/common-misconceptions-debugged) - Malwarebytes - [ ] [This old-school scam is still working](https://www.malwarebytes.com/blog/news/2026/04/this-old-school-scam-is-still-working) - [ ] [“Your shipment has arrived” email hides remote access software](https://www.malwarebytes.com/blog/news/2026/04/your-shipment-has-arrived-email-hides-remote-access-software) - Reverse Engineering - [ ] [Reverse-engineering of Internet Backgammon from Windows 7, with parts of how ZPA (Zone Protocol), the MSN Gaming Zone protocol worked](https://www.reddit.com/r/ReverseEngineering/comments/1so548z/reverseengineering_of_internet_backgammon_from/) - [ ] [I need help i need someone expert in reverse engineering that can help me in play game again that servers shoutdown](https://www.reddit.com/r/ReverseEngineering/comments/1so7kds/i_need_help_i_need_someone_expert_in_reverse/) - 绿盟科技技术博客 - [ ] [以AI之名,聚伙伴之力,登峰向未来:绿盟科技2026年合作伙伴峰会在福州顺利召开](https://blog.nsfocus.net/%e4%bb%a5ai%e4%b9%8b%e5%90%8d%ef%bc%8c%e8%81%9a%e4%bc%99%e4%bc%b4%e4%b9%8b%e5%8a%9b%ef%bc%8c%e7%99%bb%e5%b3%b0%e5%90%91%e6%9c%aa%e6%9d%a5%ef%bc%9a%e7%bb%bf%e7%9b%9f%e7%a7%91%e6%8a%802026%e5%b9%b4/) - 奇客Solidot–传递最新科技情报 - [ ] [英伟达 CEO 反对进一步限制向中国出口芯片](https://www.solidot.org/story?sid=84078) - [ ] [美国科技巨头成功在欧盟法律中将数据中心环境影响列为保密信息](https://www.solidot.org/story?sid=84077) - [ ] [Firefox 加入了对 Web Serial API 的支持](https://www.solidot.org/story?sid=84075) - [ ] [大自然仍然在铸造人类基因](https://www.solidot.org/story?sid=84074) - [ ] [威尼斯如何应对海平面上升](https://www.solidot.org/story?sid=84073) - [ ] [SpaceX 将发射 ESA 的 Rosalind Franklin 火星漫游车](https://www.solidot.org/story?sid=84072) - [ ] [Discourse 强调会继续开源](https://www.solidot.org/story?sid=84071) - [ ] [美国主流媒体封禁互联网档案馆的存档机器人](https://www.solidot.org/story?sid=84070) - 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台 - [ ] [Anthropic推出面向“设计小白”的AI创意工具](https://blog.upx8.com/Anthropic%E6%8E%A8%E5%87%BA%E9%9D%A2%E5%90%91-%E8%AE%BE%E8%AE%A1%E5%B0%8F%E7%99%BD-%E7%9A%84AI%E5%88%9B%E6%84%8F%E5%B7%A5%E5%85%B7) - [ ] [英国大臣呼吁公众拥抱AI并启动主权AI基金](https://blog.upx8.com/%E8%8B%B1%E5%9B%BD%E5%A4%A7%E8%87%A3%E5%91%BC%E5%90%81%E5%85%AC%E4%BC%97%E6%8B%A5%E6%8A%B1AI%E5%B9%B6%E5%90%AF%E5%8A%A8%E4%B8%BB%E6%9D%83AI%E5%9F%BA%E9%87%91) - [ ] [熊猫外卖因违规收费与纽约市政府和解,被罚超87万美元](https://blog.upx8.com/%E7%86%8A%E7%8C%AB%E5%A4%96%E5%8D%96%E5%9B%A0%E8%BF%9D%E8%A7%84%E6%94%B6%E8%B4%B9%E4%B8%8E%E7%BA%BD%E7%BA%A6%E5%B8%82%E6%94%BF%E5%BA%9C%E5%92%8C%E8%A7%A3-%E8%A2%AB%E7%BD%9A%E8%B6%8587%E4%B8%87%E7%BE%8E%E5%85%83) - [ ] [拼多多被罚没合计15.2亿元 7家平台中最高](https://blog.upx8.com/%E6%8B%BC%E5%A4%9A%E5%A4%9A%E8%A2%AB%E7%BD%9A%E6%B2%A1%E5%90%88%E8%AE%A115-2%E4%BA%BF%E5%85%83-7%E5%AE%B6%E5%B9%B3%E5%8F%B0%E4%B8%AD%E6%9C%80%E9%AB%98) - [ ] [比亚迪公司计划加入欧洲汽车制造商协会](https://blog.upx8.com/%E6%AF%94%E4%BA%9A%E8%BF%AA%E5%85%AC%E5%8F%B8%E8%AE%A1%E5%88%92%E5%8A%A0%E5%85%A5%E6%AC%A7%E6%B4%B2%E6%B1%BD%E8%BD%A6%E5%88%B6%E9%80%A0%E5%95%86%E5%8D%8F%E4%BC%9A) - [ ] [日产正与奇瑞商讨合作以提高桑德兰工厂开工率](https://blog.upx8.com/%E6%97%A5%E4%BA%A7%E6%AD%A3%E4%B8%8E%E5%A5%87%E7%91%9E%E5%95%86%E8%AE%A8%E5%90%88%E4%BD%9C%E4%BB%A5%E6%8F%90%E9%AB%98%E6%A1%91%E5%BE%B7%E5%85%B0%E5%B7%A5%E5%8E%82%E5%BC%80%E5%B7%A5%E7%8E%87) - HackerNews - [ ] [äşşĺˇĽć™şčƒ˝ĺšłĺ° n8n 袍杼用于éšç§˜ç˝‘çťœé’“éąźĺŠćść„č˝Żäťśäź ć’](http://0.0.0.0:8080/post/64138) - [ ] [Claude Codeă€Gemini CLI ĺ’Œ GitHub Copilot Agents ĺ› ćł¨é‡Šé˘ä¸´ć示注兼风陊](http://0.0.0.0:8080/post/64137) - [ ] [睧 Anthropic ĺ‘ĺ¸ƒ Mythos ĺŽďźŒOpenAI ć‰Šĺ¤§ĺ…śç˝‘çťœĺŽ‰ĺ…¨ć¨Ąĺž‹ä˝żç”¨ćƒé™](http://0.0.0.0:8080/post/64136) - [ ] [ZionSiphon ćść„软䝜专盯水处ç†çłťçťŸćžç ´ĺ](http://0.0.0.0:8080/post/64135) - [ ] [“PowerOFF čĄŒĺŠ¨â€ é”厚 7.5 万ĺ DDoS ç”¨ćˆˇďźŒĺ…łĺœ 53 ä¸ŞĺŸŸĺ](http://0.0.0.0:8080/post/64134) - [ ] [éť‘ĺŽ˘ĺˆŠç”¨ Marimo ćźć´žäťŽ Hugging Face éƒ¨ç˝˛ NKAbuse ćść„软䝜](http://0.0.0.0:8080/post/64133) - 腾讯玄武实验室 - [ ] [每日安全动态推送(26/4/17)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651960435&idx=1&sn=e77ecf846f7ab61d2611344dbf6d8835) - 黑鸟 - [ ] [互联网协议第 8 版(IPv8)](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451186413&idx=1&sn=678e9884ac5ab3f33729c1363033acec) - 安全分析与研究 - [ ] [综合实战演练(下)——攻击实施与结果分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247496653&idx=1&sn=d570924e7fdc36ed2c3b5a82ee780c71) - 代码卫士 - [ ] [思科紧急修复高危 ISE 漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247525791&idx=1&sn=8e8b1cc8aa09816bba96ee685aa24394) - 安全内参 - [ ] [企业财务预警:网络安全不合格,银行贷款利率会高一大截](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515836&idx=1&sn=7e11ad928fe91c2a21398f4b9a86f123) - [ ] [杭州某科技公司数据遭境外窃取被罚5万元](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515836&idx=2&sn=7cdaf1b2dee9c50b72f375c4a662e575) - 威努特安全网络 - [ ] [威努特云桌面:破解制造运维难题,筑牢数据安全屏障](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651141392&idx=1&sn=8bd48cf764af8d3c1762180c1bf2cbf5) - 绿盟科技研究通讯 - [ ] [【公益译文】2026年国际AI安全报告(五)](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247499835&idx=1&sn=0f880df1abf9ddb1b2c0e120da0a04c3) - 看雪学苑 - [ ] [大模型落地必学!提示词越狱与防御,已成为AI安全从业者刚需技能](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458613821&idx=1&sn=6295d5114f197edfbdbd39ad5bb1b8aa) - [ ] [Polaris-Obfuscator中IndirectCall简要分析+反混淆](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458613821&idx=2&sn=79f352435c823dbe3e29c0ce9dc8c39c) - [ ] [绕过杀毒软件!GitHub ZIP成为新型恶意软件传播新渠道](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458613821&idx=3&sn=3c11564698af024b827a1f21eab4a339) - Shostack & Friends Blog - [ ] [Measuring the ROI of threat modeling: moving from activity to impact](https://shostack.org/blog/roi-of-threat-modeling/) - CT Stack 安全社区 - [ ] [免费AI代码漏洞扫描神器!MonkeyScan开放注册,限时速领3000积分](https://mp.weixin.qq.com/s?__biz=MzIzOTE1ODczMg==&mid=2247500237&idx=1&sn=e9880580ec6b69027016c2e8025bdd27) - 奇安信 CERT - [ ] [安全热点周报:Adobe 修复已被利用数月的 Reader 零日漏洞](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247505248&idx=1&sn=5d29547754806bda2da31d2a75c24db4) - 安全研究GoSSIP - [ ] [G.O.S.S.I.P 阅读推荐 2026-04-17 英伟达之惊叹](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247501591&idx=1&sn=4b5381d670968cda48620eaa0bf323e2) - 奇安信病毒响应中心 - [ ] [每周勒索威胁摘要](https://mp.weixin.qq.com/s?__biz=MzI5Mzg5MDM3NQ==&mid=2247498596&idx=1&sn=d94cac8f213484f3977bde98cede11e3) - 安全学术圈 - [ ] [西安电子科技大学 | SLOT:基于图强化学习的溯源图驱动APT检测方法](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247495266&idx=1&sn=29c8c0f6ac509461ca1b2a94bac01ad1) - 天御攻防实验室 - [ ] [“工匠”不想再谈Mythos](https://mp.weixin.qq.com/s?__biz=MzU0MzgyMzM2Nw==&mid=2247486934&idx=1&sn=58c1214cc8b7137b2aaf04ba15cdbdcb) - 丁爸 情报分析师的工具箱 - [ ] [【工具】全球基础设施查询网站](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651155202&idx=1&sn=fb5384061ba29e354233da771dc0141e) - 中国信息安全 - [ ] [世界互联网大会亚太峰会AI网络安全主题沙龙在香港举行](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664261527&idx=1&sn=6824cbca1c54ab4837729653f0652078) - 信息安全国家工程研究中心 - [ ] [肖仰华:“养龙虾热”的智能体安全隐忧](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247503576&idx=1&sn=824b0edff661d96fe6409fe182f08c8d) - 安全圈 - [ ] [【安全圈】IPv8草案发布,互联网迎来重大变革!100%兼容IPv4](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075765&idx=1&sn=ecb9c3181c954a09271de02d2ff3ec72) - [ ] [【安全圈】WordPress 数十款插件被植入后门,超 2 万站点面临风险](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075765&idx=2&sn=1acf9a9fa65623768ad2ffd2dc9376a3) - [ ] [【安全圈】开源AI中转站现高危漏洞 利用缺陷可以伪造任意金额充值](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652075765&idx=3&sn=a588e1c5afd9f96b2e0c70d421d8b1fc) - 长亭科技 - [ ] [免费AI代码漏洞扫描神器!MonkeyScan开放注册,限时速领3000积分](https://mp.weixin.qq.com/s?__biz=MzIwNDA2NDk5OQ==&mid=2651390359&idx=1&sn=63fe73fcd9180d0b4fb8476201925c6d) - [ ] [全员就位!长亭科技 415 安全主题活动高能回顾](https://mp.weixin.qq.com/s?__biz=MzIwNDA2NDk5OQ==&mid=2651390359&idx=2&sn=619f91d6c958aebf4399b88567572521) - 极客公园 - [ ] [当游戏遇见 AI:为什么头部厂商都在选择阿里云](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653104140&idx=1&sn=2fe0d6a982e7d96e61e4dcdf84c97b71) - [ ] [群核黄晓煌:创业者的「命」,归根结底来自「世界观」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653104108&idx=1&sn=aa5112fc52a86d4ba86b38be04fefdf8) - [ ] [雷军15小时直播验证「一次充电」到上海;大疆 Pocket 4 上市即售罄;Opus4.7 正式上线 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653104072&idx=1&sn=9cf8d55af3672ba05cfeb7f55940e29a) - 安全牛 - [ ] [2026 网安核弹级对决:GPT-5.4-Cyber vs Claude Mythos,谁是真正王者](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651141063&idx=1&sn=8ffdf1646a0bc80943f7a5b39f0ca695) - [ ] [Anthropic发布Claude Opus 4.7:自动化网络安全防护上线,面向长时自主任务;CNNVD发布关于微软多个安全漏洞的通报| 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651141063&idx=2&sn=0676a1147b4aefbc60868519f1f70e05) - M01N Team - [ ] [每周蓝军技术推送(2026.4.11-4.17)](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247494984&idx=1&sn=ea46bd4807fef8f239f9ccf214502a09) - 火绒安全 - [ ] [火绒安全|对品牌冒用零容忍 曝光伪装安装包静默监控套路](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247532187&idx=1&sn=e0e04e5113063644995631780b9078f6) - [ ] [火绒小问答——「企业版」文件分发](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247532187&idx=2&sn=90ab08909e99042f8335b569d2f734c6) - [ ] [【火绒安全周报】国家网络安全通报中心发文/知名软件被入侵](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247532187&idx=3&sn=ad21b4adabbf0a13d27b46067aaa9fdc) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247532187&idx=4&sn=14fb3eebf209e27b13902ecd156c122d) - 阿里安全响应中心 - [ ] [先知先行——灯塔系列城市沙龙第十三场 · 成都站成功举办!](https://mp.weixin.qq.com/s?__biz=MzIxMjEwNTc4NA==&mid=2652998820&idx=1&sn=da11298d0e7d0d09ea4409abb2141e3b) - 数世咨询 - [ ] [AI Agent导致杀伤链失效](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247542591&idx=1&sn=36fd04a338f608244b24543332a447cc) - OPPO安全中心 - [ ] [【奖励公告】2026年3月及Q1](https://mp.weixin.qq.com/s?__biz=MzUyNzc4Mzk3MQ==&mid=2247494800&idx=1&sn=a773f4e0bd9382de954e9a3157c4b8de) - 复旦白泽战队 - [ ] [成果分享 | [USENIX Security 2026] KernelRCA:Linux内核漏洞的自动化成因分析](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247498287&idx=1&sn=cfb1678feb5e2fa37e8e0e45db513fbd) - 补天平台 - [ ] [通知|新一轮京东卡即将上线!](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247510668&idx=1&sn=8609dcbf758cd8a1d444504fc9b43ae7) - 吴鲁加 - [ ] [知识星球官方 Skill 发布](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247486020&idx=1&sn=8bc8bb7d73309deb0e5dcd5e9318b8a4) - 奇安信威胁情报中心 - [ ] [每周高级威胁情报解读(2026.04.10~04.16)](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247518448&idx=1&sn=216169f08223a886a191c4fa9c75aeeb) - 迪哥讲事 - [ ] [容易被忽视的越权](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247499328&idx=1&sn=18755513ba72bcf05de63d0696ba6671) - TrustedSec - [ ] [Mythos, Memory Loss, and the Part InfoSec Keeps Missing](https://trustedsec.com/blog/mythos-memory-loss-and-the-part-infosec-keeps-missing) - 威胁猎人Threat Hunter - [ ] [“贷款催收”短信诈骗:揭露假催背后的黑产交易产业链](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247503321&idx=1&sn=1f188e50033e957dbec7ea1a3b5b02f2) - Desync InfoSec - [ ] [当AI学会使用工具:Agentic AI与MCP生态的七大安全风险](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247490066&idx=1&sn=631ce56b789f2d6fcce71063fd5994cf) - 360数字安全 - [ ] [覆盖亿级用户!360发现全球高危漏洞 漏洞挖掘智能体首次披露](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247585736&idx=1&sn=3f8646fdec13122c42f50da17a326780) - 安全行者老霍 - [ ] [智能体 AI 安全范围矩阵:保障自主 AI 系统安全的框架](https://mp.weixin.qq.com/s?__biz=Mzg3NjU4MDI4NQ==&mid=2247486494&idx=1&sn=15a5a289409f24185e5cfea3b4d6ec86) - 深信服千里目安全技术中心 - [ ] [【漏洞通告】Nginx UI MCP接口绕过认证漏洞(CVE-2026-33032)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247525356&idx=1&sn=937dcf233c3dd1df9a2d77f81c9a211b) - 字节跳动技术团队 - [ ] [字节跳动首创DisCoGC架构,重塑EB级分布式存储GC范式](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247519246&idx=1&sn=42a80ee711fb0327f7c332154702497c) - IT Service Management News - [ ] [Privacy: Modello di DPIA dell'EDPB](http://blog.cesaregallotti.it/2026/04/privacy-modello-di-dpia-delledpb.html) - Securityinfo.it - [ ] [L’App europea di verifica dell’età è stata bucata in due minuti](https://www.securityinfo.it/2026/04/17/lapp-europea-di-verifica-delleta-e-stata-bucata-in-meno-di-due-minuti/?utm_source=rss&utm_medium=rss&utm_campaign=lapp-europea-di-verifica-delleta-e-stata-bucata-in-meno-di-due-minuti) - bellingcat - [ ] [Painkiller Pipeline: 300 Million Tapentadol Pills Sent from India to West Africa](https://www.bellingcat.com/news/2026/04/17/painkiller-pipeline-300-million-tapentadol-pills-sent-from-india-to-west-africa/) - 白泽安全实验室 - [ ] [2026年第一季度疑似伊朗背景的APT组织攻击事件综合分析](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492916&idx=1&sn=e8b17a7e32578cf3375df9ee006ca4ed) - Javvad Malik - [ ] [Breach of Confidence 17 April 2026](https://javvadmalik.com/2026/04/17/breach-of-confidence-17-april-2026/) - SANS Internet Storm Center, InfoCON: green - [ ] [ISC Stormcast For Friday, April 17th, 2026 https://isc.sans.edu/podcastdetail/9896, (Fri, Apr 17th)](https://isc.sans.edu/diary/rss/32906) - [ ] [Lumma Stealer infection with Sectop RAT (ArechClient2), (Fri, Apr 17th)](https://isc.sans.edu/diary/rss/32904) - Lenny Zeltser - [ ] [Scoring Your Security Product Strategy in the AI Era](https://zeltser.com/scoring-security-product-strategy) - Schneier on Security - [ ] [Friday Squid Blogging: New Giant Squid Video](https://www.schneier.com/blog/archives/2026/04/friday-squid-blogging-new-giant-squid-video-2.html) - [ ] [Mythos and Cybersecurity](https://www.schneier.com/blog/archives/2026/04/mythos-and-cybersecurity.html) - ICT Security Magazine - [ ] [Usato una volta, hackerato due volte: il debito di sicurezza dei dispositivi IoT ricondizionati](https://www.ictsecuritymagazine.com/articoli/dispositivi-iot-ricondizionati/) - [ ] [La responsabilità penale dell’ethical hacker: confini incerti tra ricerca e reato](https://www.ictsecuritymagazine.com/articoli/ethical-hacker/) - Over Security - Cybersecurity news aggregator - [ ] [Man who hacked US Supreme Court filing system sentenced to probation](https://techcrunch.com/2026/04/17/man-who-hacked-us-supreme-court-filing-system-sentenced-to-probation/) - [ ] [Payouts King ransomware uses QEMU VMs to bypass endpoint security](https://www.bleepingcomputer.com/news/security/payouts-king-ransomware-uses-qemu-vms-to-bypass-endpoint-security/) - [ ] [Ransomware attack continues to disrupt healthcare in London nearly two years later](https://therecord.media/ransomware-nhs-cyberattack-disruption) - [ ] [Hackers are abusing unpatched Windows security flaws to hack into organizations](https://techcrunch.com/2026/04/17/hackers-are-abusing-unpatched-windows-security-flaws-to-hack-into-organizations/) - [ ] [Four arrested in latest ‘PowerOFF’ DDoS-for-hire takedown](https://therecord.media/ddos-hire-europol-doj-crackdown) - [ ] [National Vulnerability Database (NVD) Shifts to Selective Enrichment as CVE Volume Surges](https://flashpoint.io/blog/national-vulnerability-database-nvd-shifts-to-selective-enrichment-as-cve-volume-surges/) - [ ] [Truffe agli anziani, vecchie dinamiche per nuovi contesti: il caso dell’app “Lino il maialino”](https://www.cybersecurity360.it/news/truffe-agli-anziani-vecchie-dinamiche-per-nuovi-contesti-il-caso-dellapp-lino-il-maialino/) - [ ] [L’App europea di verifica dell’età è stata bucata in due minuti](https://www.securityinfo.it/2026/04/17/lapp-europea-di-verifica-delleta-e-stata-bucata-in-meno-di-due-minuti/) - [ ] [Truffe agli anziani: dall’app fantasma Lino ai raggiri digitali, evoluzione delle dinamiche criminali](https://www.cybersecurity360.it/news/truffe-agli-anziani-dallapp-fantasma-lino-ai-raggiri-digitali-evoluzione-del-modus-operandi/) - [ ] [Sintesi riepilogativa delle campagne malevole nella settimana del 11 – 17 aprile](https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-del-11-17-aprile/) - [ ] [Grinex exchange blames "Western intelligence" for $13.7M crypto hack](https://www.bleepingcomputer.com/news/security/grinex-exchange-blames-western-intelligence-for-137m-crypto-hack/) - [ ] [From Zero to Hero Trust](https://www.cybersecurity360.it/cultura-cyber/from-zero-to-hero-trust/) - [ ] [Ukraine confirms suspected APT28 campaign targeting prosecutors, anti-corruption agencies](https://therecord.media/ukraine-confirms-suspected-apt28-campaign-targeting-prosecutors) - [ ] [Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card Shops](https://www.bleepingcomputer.com/news/security/inside-an-underground-guide-how-threat-actors-vet-stolen-credit-card-shops/) - [ ] [Four Nationally Significant Cyberattacks Every Week — Is the UK Ready?](https://cyble.com/blog/uk-cyberattacks-ncsc-report/) - [ ] [Ricerca scientifica e privacy: le linee guida EDPB, tra esigenze di sistema e prospettive evolutive](https://www.cybersecurity360.it/news/ricerca-scientifica-e-privacy-le-linee-guida-edpb-tra-esigenze-di-sistema-e-prospettive-evolutive/) - [ ] [Chat Control scaduto: o prevale il diritto o comandano le piattaforme](https://www.cybersecurity360.it/legal/privacy-dati-personali/chat-control-scaduto-o-prevale-il-diritto-o-comandano-le-piattaforme/) - [ ] [In defeat for Trump, House extends electronic spying program for just 10 days](https://therecord.media/fisa--trump-congress-extension-surveillance) - [ ] [The Cyber Express Weekly Roundup: Crypto Breaches, State-Linked Schemes, and Platform Exploits](https://thecyberexpress.com/tce-weekly-roundup-cybersecurity-news/) - [ ] [Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery](https://www.bleepingcomputer.com/news/security/webinar-from-phishing-to-fallout-why-msps-must-rethink-both-security-and-recovery/) - [ ] [75,000 DDoS-for-Hire Users Reprimanded as Authorities Seize Dozens of Domains](https://thecyberexpress.com/75000-ddos-for-hire-users-reprimanded/) - [ ] [Kuwait Banks Deploy Real-Time War Room to Fight Growing Cyber Fraud Threats](https://thecyberexpress.com/kuwait-cyber-fraud-threats-prompt-war-room/) - [ ] [CISA flags Apache ActiveMQ flaw as actively exploited in attacks](https://www.bleepingcomputer.com/news/security/cisa-flags-apache-activemq-flaw-as-actively-exploited-in-attacks/) - [ ] [Infedeltà dei dipendenti e cybercrime: quando la minaccia viene dall’interno](https://www.cybersecurity360.it/legal/infedelta-dei-dipendenti-e-cybercrime-quando-la-minaccia-viene-dallinterno/) - [ ] [La sottile differenza tra hacking e scraping: quando la forma non cambia la sostanza](https://www.cybersecurity360.it/news/differenza-hacking-scraping/) - [ ] [Critical nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover](https://thecyberexpress.com/cve-2026-33032-nginx-ui-server-takeover/) - [ ] [Microsoft: Some Windows servers enter reboot loops after April patches](https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-of-reboot-loops-affecting-some-domain-controllers/) - [ ] [GDPR, quella del giornalista non è una professione ma una funzione: la responsabilità che nessuno vede](https://www.cybersecurity360.it/legal/privacy-dati-personali/gdpr-quella-del-giornalista-non-e-una-professione-ma-una-funzione-la-responsabilita-che-nessuno-vede/) - [ ] [Man gets 30 months for selling thousands of hacked DraftKings accounts](https://www.bleepingcomputer.com/news/security/man-gets-30-months-for-selling-thousands-of-hacked-draftkings-accounts/) - [ ] [Google Says Gemini Ad Safety Blocked 8.3 Billion Policy-Violating Ads in 2025](https://thecyberexpress.com/gemini-ad-safety-targets-scam-ads/) - [ ] [$15M Grinex Hack Forces Trading Halt After Major Crypto Wallet Breach](https://thecyberexpress.com/grinex-cyberattack-15m-wallet-breach/) - [ ] [Recently leaked Windows zero-days now exploited in attacks](https://www.bleepingcomputer.com/news/security/recently-leaked-windows-zero-days-now-exploited-in-attacks/) - [ ] [Russian GRU Cyber Campaign Targets Western Logistics Firms Supporting Ukraine](https://thecyberexpress.com/russian-gru-cyber-campaign-targets-logistics/) - [ ] [Amtrak - 2,147,679 breached accounts](https://haveibeenpwned.com/Breach/Amtrak) - [ ] [Recovery scam: quando la truffa colpisce due volte](https://www.securityinfo.it/2026/04/16/recovery-scam-quando-la-truffa-colpisce-due-volte/) - [ ] [Supply chain: il 69% delle aziende pronto a co-finanziare la sicurezza](https://www.securityinfo.it/2026/04/15/supply-chain-il-69-delle-aziende-pronto-a-finanziare-la-sicurezza-dei-fornitori/) - Have I Been Pwned latest breaches - [ ] [Amtrak - 2,147,679 breached accounts](https://haveibeenpwned.com/Breach/Amtrak) - Yak Project - [ ] [Harness 到底是什么?揭秘 IRify 规模化背后的“注意力保卫战”](https://mp.weixin.qq.com/s?__biz=Mzk0MTM4NzIxMQ==&mid=2247529679&idx=1&sn=d8aa395d2802db8e1a4afac2d4b6376f) - GRAHAM CLULEY - [ ] [Singer loses life savings to fake wallet downloaded from the Apple App Store](https://www.bitdefender.com/en-us/blog/hotforsecurity/singer-loses-life-savings-fake-wallet) - The Register - Security - [ ] [CISA tells feds to patch 13-year-old Apache ActiveMQ bug under active attack](https://go.theregister.com/feed/www.theregister.com/2026/04/17/cisa_tells_feds_to_patch/) - [ ] [Opsec oopsie: Dutch navy frigate location outed by mailing it a Bluetooth tracker](https://go.theregister.com/feed/www.theregister.com/2026/04/17/dutch_navy_frigate_tracked/) - [ ] [Locked-out iPhone user tells The Reg that Apple is scrambling to fix character flaw passcode bug](https://go.theregister.com/feed/www.theregister.com/2026/04/17/iphone_keyboard_error_fix/) - [ ] [Claude Opus wrote a Chrome exploit for $2,283](https://go.theregister.com/feed/www.theregister.com/2026/04/17/claude_opus_wrote_chrome_exploit/) - Security Affairs - [ ] [Kyrgyzstan-based crypto exchange Grinex shuts down after $13.7M cyber heist, blames Western Intelligence](https://securityaffairs.com/190950/security/kyrgyzstan-based-crypto-exchange-grinex-shuts-down-after-13-7m-cyber-heist-blames-western-intelligence.html) - [ ] [DraftKings hacker sentenced to prison, ordered to pay $1.4 Million](https://securityaffairs.com/190943/cyber-crime/draftkings-hacker-sentenced-to-prison-ordered-to-pay-1-4-million.html) - [ ] [Operation PowerOFF: 53 DDoS domains seized and 3 Million criminal accounts uncovered](https://securityaffairs.com/190932/cyber-crime/operation-poweroff-53-ddos-domains-seized-and-3-million-criminal-accounts-uncovered.html) - [ ] [Inside ZionSiphon: politically driven malware aims at Israeli water systems](https://securityaffairs.com/190922/malware/inside-zionsiphon-politically-driven-malware-aims-at-israeli-water-systems.html) - [ ] [U.S. CISA adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/190917/security/u-s-cisa-adds-a-flaw-in-apache-activemq-to-its-known-exploited-vulnerabilities-catalog.html) - TorrentFreak - [ ] [Korean Rights Holders Behind Takedown of Manga Piracy Giant TuMangaOnline](https://torrentfreak.com/korean-rights-holders-behind-takedown-of-manga-piracy-giant-tumangaonline/) - Technical Information Security Content & Discussion - [ ] [Anonymous credentials: an illustrated primer (Part 2)](https://www.reddit.com/r/netsec/comments/1sobv0s/anonymous_credentials_an_illustrated_primer_part_2/) - Social Engineering - [ ] [What does status signalling do? When successful, what does it achieve?](https://www.reddit.com/r/SocialEngineering/comments/1so4e4x/what_does_status_signalling_do_when_successful/) - Instapaper: Unread - [ ] [DFU mode](https://eclecticlight.co/2026/04/16/dfu-mode/) - [ ] [DRIFT Linux la nuova live distro forense italiana](https://www.dalchecco.it/drift-linux-digital-forensics-distro/) - Deeplinks - [ ] [Keep Pushing: We Get 10 More Days to Reform Section 702](https://www.eff.org/deeplinks/2026/04/keep-pushing-we-get-10-more-days-reform-section-702) - Deep Web - [ ] [¿Creen que aprender COBOL vale la pena?](https://www.reddit.com/r/deepweb/comments/1sof0bq/creen_que_aprender_cobol_vale_la_pena/) - Daniel Miessler - [ ] [Jensen vs. Dwarkesh on China Chips](https://danielmiessler.com/blog/jensen-vs-dwarkesh-china-chips?utm_source=rss&utm_medium=feed&utm_campaign=website) - Computer Forensics - [ ] [Apple Watch](https://www.reddit.com/r/computerforensics/comments/1so747d/apple_watch/) - NetSPI - [ ] [Walking Through an Attack Path with ForceHound](https://www.netspi.com/blog/technical-blog/web-application-pentesting/walking-through-an-attack-path-with-forcehound/) - [ ] [Auditing Salesforce Permission Hierarchies with ForceHound](https://www.netspi.com/blog/technical-blog/web-application-pentesting/auditing-salesforce-permission-hierarchies-with-forcehound/) - The Hacker News - [ ] [Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched](https://thehackernews.com/2026/04/three-microsoft-defender-zero-days.html) - [ ] [Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul](https://thehackernews.com/2026/04/google-blocks-83b-policy-violating-ads.html) - [ ] [NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions](https://thehackernews.com/2026/04/nist-limits-cve-enrichment-after-263.html) - [ ] [Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts](https://thehackernews.com/2026/04/operation-poweroff-seizes-53-ddos.html) - [ ] [Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation](https://thehackernews.com/2026/04/apache-activemq-cve-2026-34197-added-to.html) - Information Security - [ ] [What are some frustrations with DLP products?](https://www.reddit.com/r/Information_Security/comments/1so7d58/what_are_some_frustrations_with_dlp_products/) - [ ] [Booking.com Breach Exposes Millions: Storm-1865 ClickFix Attack Hit 170 Hotel Partners](https://www.reddit.com/r/Information_Security/comments/1so6azv/bookingcom_breach_exposes_millions_storm1865/) - [ ] [This Week's 4 Must-Patch Threats: FortiClient EMS Zero-Day to Rockstar's 78M Breach](https://www.reddit.com/r/Information_Security/comments/1snyktn/this_weeks_4_mustpatch_threats_forticlient_ems/) - [ ] [2,689 nginx servers exposed. No password required. Full configuration takeover.](https://www.reddit.com/r/Information_Security/comments/1snlo00/2689_nginx_servers_exposed_no_password_required/) - [ ] [Most post-advisory Salesforce reviews missed the sharing rules layer. ShinyHunters didn't.](https://www.reddit.com/r/Information_Security/comments/1snog4x/most_postadvisory_salesforce_reviews_missed_the/) - [ ] [Trying to build a no-BS threat intel feed… worth following?](https://www.reddit.com/r/Information_Security/comments/1snmpwh/trying_to_build_a_nobs_threat_intel_feed_worth/) - netsecstudents: Subreddit for students studying Network Security and its related subjects - [ ] [Ada-Win32-](https://www.reddit.com/r/netsecstudents/comments/1snvvvr/adawin32/) - 网安寻路人 - [ ] [生成式人工智能情感交互的技术原理、风险与治理路径研究综述](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247508369&idx=1&sn=dc2856ff63ba04b0f4ae540c7624e062)
每日安全资讯(2026-04-18)