[每日信息流] 2026-03-17 #1180
Description
每日安全资讯(2026-03-17)
- Private Feed for M09Ic
- zeroclaw-labs released v0.4.2-beta.300 at zeroclaw-labs/zeroclaw
- zeroclaw-labs released v0.4.2-beta.281 at zeroclaw-labs/zeroclaw
- bolucat released 202603162012 at bolucat/Archive
- zeroclaw-labs released v0.4.0-beta.260 at zeroclaw-labs/zeroclaw
- mgeeky starred jonny-jhnson/RandomPOCs
- IC3-CR3AM starred calesthio/Crucix
- zeroclaw-labs released v0.4.0-beta.257 at zeroclaw-labs/zeroclaw
- ZeddYu contributed to ccfddl/ccf-deadlines
- FunnyWolf starred JDArmy/Evasion-SubAgents
- FunnyWolf forked FunnyWolf/agent-security-skill-scanner from caidongyun/agent-security-skill-scanner
- mgeeky starred jakobdylanc/llmcord
- IC3-CR3AM starred aiming-lab/AutoResearchClaw
- airbus-seclab released v4.8.1 at airbus-seclab/soxy
- mgeeky starred cisagov/ScubaGoggles
- gh0stkey starred ruifigueira/playwright-crx
- wuhan005 starred 666ghj/MiroFish
- wh0amitz starred chrisjsimpson/ansible-vault-vars-decryptor
- mgeeky starred zux0x3a/Phantom
- gh0stkey forked HACK-THE-WORLD/browser-cli from Osso/browser-cli
- FunnyWolf starred anthropics/claude-plugins-official
- gh0stkey starred sharpbrowser/SharpBrowser
- zema1 starred LouisShark/chatgpt_system_prompt
- Mel0day starred farion1231/cc-switch
- 先知安全技术社区
- Recent Commits to cve:main
- Microsoft Security Blog
- Tenable Blog
- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
- Doonsec's feed
- 宝可梦GO用一场全民游戏,完成了全球最大规模的众包实景测绘
- 软件系统安全赛-Thymeleaf 3.0.15 视图名注入 + PRNG 逆向:完整 RCE 到 Root 提权
- 字节跳动老铁感慨:北京买了房,还是奉劝大家离开北京才是生活,北京只适合挣钱,离开之后,才发现生活乐趣,也不迷茫了。。。
- 从SEO投毒到GEO投毒:AI时代的新型网络攻击
- 中央网信办召开会议传达学习2026年全国两会精神
- 为什么你挖不到漏洞?从“无效努力”到“高效出洞”的思维跃迁
- C14-S05 龙虾专网:用安全域思维化解Claw类智能体toB应用的安全困局
- C15-S06 Claw类智能体端侧安全的三大支柱(天珣端安全产品解决方案)
- C13-S04 启明星辰:OpenClaw类智能应用安全思维总览和措施导引
- 阿里建立AI新组织,CEO挂帅!
- VulnRadar:集成多模块的Chrome浏览器安全渗透测试扩展
- frida源码分析目录规划
- 【Web安全】PHP反序列化漏洞
- 让“龙虾”安全上岗!中国电信重磅发布天翼智安·智能体安全解决方案!
- [杂谈]以员工为中心:胖东来发展模式的思考与启示
- 利用TG收集网页钓鱼信息
- 赶紧自查一下之大批量供应链投毒
- AI时代,网安从业者个人生存指南 (行动篇)
- 3.15 晚会! GEO 投毒事件深度调查
- 数据托管成泄密风险口!国家安全机关警示三类安全隐患
- 春秋云境-Tsclient
- 汇业研究 | AIGC时代GEO营销的基本原理及主要法律风险
- OpenClaw全员应用:百度安全如何打造极致体验与防护?
- JNDI注入攻防全解析:从低版本RCE到高版本绕过分析
- 从Vibe Coding到Agent开发:和AI协作的经验分享
- 3·15晚会:AI大模型GEO投毒技术分析
- 科技企业大裁员叠加AI狂潮,安全从业者真的会被“优化”吗?聊聊一线真实体感
- 吐血整理!全网最全的 SRC 挖掘实战技巧
- 【已复现】泛微 E-cology10 多个远程代码执行漏洞
- 枇杷熟了-全球网络安全日报2026-03-16
- 2026年AI赛道最值得关注的5个细分领域:具体到公司和岗位
- 阿里成立token事业群!吴泳铭亲自挂帅,硬刚字节腾讯
- 拒绝黑话:一文看懂大模型时代的LLM、RAG、Skills、Agent、ClawBot和那些被夸大的概念
- 别再瞎晒了!老年人科学晒太阳指南,这篇讲透
- Phoenix僵尸网络
- 【已复现】OpenClaw WebSocket共享令牌权限提升漏洞(QVD-2026-13829)安全风险通告
- 安全的下一个好赛道,非常值得研究
- 这…以后谁还敢连公司WIFI
- 【签约仪式】中国软件评测中心与京津冀润泽(廊坊)数字信息有限公司签署合作协议
- DDoS攻击风险预警通告|近期国内出现大规模持续性扫段攻击活动
- 日本稀土研发版图曝光,关键机构与核心团队一览
- 看不见的制胜利器,防区外电子干扰机如何重塑现代战争规则
- 3·15直击AI乱象|AI大模型输出结果真的可操控吗?
- WatchVuln_Web高价值漏洞采集与推送
- 本月目前的瓜:AI龙虾爆雷、零日漏洞频发、黑产遭重创
- 第一批养虾人开始卸载龙虾!账单三天三千,全盘权限沦为黑客“自助餐”
- 攻击者滥用Microsoft Teams和Quick Assist以释放Stealthy A0Backdoor
- 初一几何小练习,双动点最值
- 回森警戒线狼王,现改名为誓言,因跟美国军
- GoLinHound:用 Go 把 Linux 和 SSH 的攻击路径画出来
- “3·15”曝光的网安黑灰产:AI大模型投毒的背后
- “OpenClaw & Security Shanghai”安全聚会成功举办,安言咨询出席并做主题演讲
- “OpenClaw & Security Shanghai” 安全聚会圆满举办
- 免费赠送 | 防范金融财产诈骗宣传资料(第十九期)
- 白帽黑客发现Injective中危及5亿美元资产的漏洞,仅获5万美元奖励且尚未支付
- 一文读懂 GEO:防范黑帽GEO,AI 时代的信息优化。
- 改变,是一件很难的事情。但,很重要
- AI时代的银行数据治理探索
- AI快讯:信通院启动“可信AI-智能体”系列评估,阿里将推出企业级AI旗舰应用
- 招商银行AI开发能力提升工作坊采购项目供应商征集
- 每日安全动态推送(26/3/16)
- CTFshow-Pwn入门栈溢出(76-79,81-85)
- [ 深度洞察 ] 自动驾驶时代的黑客:Shannon 如何将“漏洞扫描”升维为“全自动渗透”?
- 专家观点丨国家工信安全中心:人工智能赋能工业领域网络安全体系构建与应用
- 读懂“十五五”丨工业信息安全迎来新变革
- GEO乱象刷屏3·15!AI被“投毒”,你的信息决策正被悄悄操纵?
- RSAC 2026创新沙盒 | Geordie AI:企业 AI Agent 安全治理体系的构建者
- 安全工程师推荐(社招)
- 哥斯达黎加你飘了吧:竟指控东大关联黑客组织攻击其国家电力电信机构?
- 关于抓头的AI问题
- 邀请函 |珞安科技邀您参加第六届中国液化天然气大会
- “AI投毒”与“网络开盒”背后:数字时代的信任危机如何破局?
- 工信部通报24款APP!乱跳转、强授权、难关闭……合规警钟为谁而鸣?附梆梆安全合规建议指南
- 鼎信安全 | 网络安全一周资讯
- Dejavu(逮虾户),专逮野生小龙虾:OpenClaw基线安全检测神器来了
- 上世纪八九十年代很火的Unix工作站,现在还能遇到吗?
- 网络安全小课堂,网络安全记心上
- SecWiki周刊(第628期)
- 谷歌2025年发放了近1.2亿元漏洞赏金,单个漏洞最高奖励170万元
- 某运营商路由器秘密将遥测数据发送到一家土耳其人工智能公司
- 时间敏感网络TSN的时钟同步协议
- AI “炮火” 下的真相保卫战
- 上市15 周年宠粉到位!海量会员、海景房全都有,还不快来冲?
- 315点名AI投毒!一文读懂未来三年AI安全十大核心趋势
- SecWiki News
- 博客园 - bamb00
- Bug Bounty in InfoSec Write-ups on Medium
- Toooold
- CTFするぞ
- Horizon3.ai
- Malwarebytes
- Reverse Engineering
- Securelist
- Offensive Security Blog: Latest Trends in Hacking | Praetorian
- 绿盟科技技术博客
- 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台
- HackerNews
- 奇客Solidot–传递最新科技情报
- 安全分析与研究
- 腾讯玄武实验室
- 安全客
- 吾爱破解论坛
- 威努特安全网络
- 黑鸟
- 青衣十三楼飞花堂
- 代码卫士
- 安全内参
- 看雪学苑
- 先进攻防
- 天御攻防实验室
- 长亭安全应急响应中心
- 天黑说嘿话
- Flanker论AI
- 信安之路
- 奇安信 CERT
- 中国信息安全
- 长亭科技
- 安全圈
- XCTF联赛
- 默安科技
- 电子物证
- 君哥的体历
- 网络空间安全科学学报
- 补天平台
- 数世咨询
- 极客公园
- 阿里安全响应中心
- 慢雾科技
- 嘶吼专业版
- 百度安全应急响应中心
- 枇杷熟了
- 漏洞战争
- 360数字安全
- 迪哥讲事
- Over Security - Cybersecurity news aggregator
- Your OSINT Is Only as Good as Your Thinking
- Stryker attack wiped tens of thousands of devices, no malware needed
- How NightBeacon Cuts SOC Alert Fatigue Without Replacing Analysts
- Luxembourg court overturns $858 million privacy fine against Amazon
- CISA flags Wing FTP Server flaw as actively exploited in attacks
- Stryker says hospital tools are safe, but digital ordering systems still down after cyberattack
- UK’s Companies House confirms security flaw exposed business data
- Cyberattack disrupts parking payments in Russian city
- La guerra ibrida che non abbiamo chiesto: la minaccia iraniana
- Microsoft Exchange Online outage blocks access to mailboxes
- DORA, regolamento UE per la resilienza operativa: guida alla conformità per banche e fornitori ICT
- UEBA in the Real World: Catching Intrusions That Don’t Look Like Intrusions
- Shadow AI is everywhere. Here’s how to find and secure it.
- Russia-linked espionage campaign targeting Ukraine using Starlink and charity lures
- Microsoft pulls Samsung app blocking Windows C: drive from Store
- GlassWorm Campaign Expands Through Malicious Open VSX Extensions
- Il rischio dell’Agentic Blabbering nei browser intelligenti: cos’è e come difendersi
- EUBA in the Real World: Catching Intrusions That Don’t Look Like Intrusions
- Sperimentazioni cliniche, la proposta di EDPB ed EDPS per una legge UE di semplificazione
- Free real estate: GoPix, the banking Trojan living off your memory
- Europe Moves to Ban AI Nudification Tools Under Updated AI Act
- ANY.RUN at RootedCON 2026: Meeting Security Teams and Showcasing New Capabilities
- AI Legal Risks: Lisa Fitzgerald on Why Businesses Must Vet AI Use Cases
- China Demands Proof After Costa Rica Blames UNC2814 for ICE Cyberattack
- AI-Assisted Phishing Campaign Exploits Browser Permissions to Capture Victim Data
- IT Service Management News
- Securityinfo.it
- ICT Security Magazine
- Krypt3ia
- Schneier on Security
- Dark Space Blogspot
- Lenny Zeltser
- CNVD漏洞平台
- The Hacker News
- GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
- ⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More
- Why Security Validation Is Becoming Agentic
- ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers
- DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage
- Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse
- SANS Internet Storm Center, InfoCON: green
- The Register - Security
- TorrentFreak
- 云鼎实验室
- Trend Micro Research, News and Perspectives
- Social Engineering
- Computer Forensics
- Your Open Hacker Community
- Taszk Labs on taszk.io labs
- Blackhat Library: Hacking techniques and research
- Deeplinks
- Security Affairs
- U.S. CISA adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog
- Russia-linked APT uses DRILLAPP backdoor to spy on Ukrainian targets
- FBI launches inquiry into Steam games spreading malware
- Former Germany’s foreign intelligence VP hit in Signal account takeover campaign
- Advanced Protection Mode in Android 17 prevents apps from misusing Accessibility Services
- Unprivileged users could exploit AppArmor bugs to gain root access
- Technical Information Security Content & Discussion
- Qihoo 360's AI Product Leaked the Platform's SSL Key, Issued by Its Own CA Banned for Fraud
- How to Apply VXLAN-GBP Encapsulation to PCAP Files Using PacketSmith
- GlassWorm: Part 3. Wave 3 Windows payload, sideloaded Chrome extension, two additional wallets
- Perfex CRM: Autologin cookie fed into unserialize() gives unauthenticated RCE
- Hypervisor Based Defense
- netsecstudents: Subreddit for students studying Network Security and its related subjects
- I spent months building an offline Web Pentest lab app for Android. I need 10 people to help me test it (Free Pro access).
- Looking for serious people interested in Cybersecurity / CTFs (learning community)
- I'm a cybersecurity student and I built an open-source AD forensics tool, here's what I learned
- Malicious npm Package react-refresh-update Drops Cross-Platform Trojan on Developer Machines
- Do most cybersecurity professionals actually have CCNA or Network+?
- Information Security
- AI agents starting to feel like the new shadow IT
- Meta agent most spoofed in 2026
- I’ve been vibe coding in Cursor for a while and finally got tired of accidentally shipping secrets, so I built an MCP that quietly scans my code while I work.
- Participants needed for university research on deepfake detection (18+, Computing Related Fields, 8–10m)
- Stripe Security Engineer New Grad Hackerrank OA Advice Needed
- 安全攻防团队
- Security Weekly Podcast Network (Audio)