# 每日安全资讯(2026-06-19) - SecWiki News - [ ] [SecWiki News 2026-06-18 Review](http://www.sec-wiki.com/?2026-06-18) - Private Feed for M09Ic - [ ] [liamg contributed to infracost/cli](https://github.com/infracost/cli/pull/168) - [ ] [esrrhs contributed to esrrhs/fakelua](https://github.com/esrrhs/fakelua/pull/207) - [ ] [joaoviictorti starred l00sy4/LuciSocks](https://github.com/l00sy4/LuciSocks) - [ ] [Mr-xn starred madeye/meow-rs](https://github.com/madeye/meow-rs) - [ ] [gh0stkey starred WillyJL/MemSed](https://github.com/WillyJL/MemSed) - [ ] [4ra1n starred oritera/Cairn](https://github.com/oritera/Cairn) - [ ] [gh0stkey starred wygoralves/panes](https://github.com/wygoralves/panes) - obaby 𝐢𝐧⃝ void - [ ] [错觉](https://zhongxiaojie.cn/2026/06/1503/) - Microsoft Security Blog - [ ] [New Forrester study shows customers who unified with Microsoft Security benefited from 124% ROI](https://www.microsoft.com/en-us/security/blog/2026/06/18/new-forrester-study-shows-customers-who-unified-with-microsoft-security-benefited-from-124-roi/) - [ ] [From package to postinstall payload: Inside the Mastra npm supply chain compromise](https://www.microsoft.com/en-us/security/blog/2026/06/17/postinstall-payload-inside-mastra-npm-supply-chain-compromise/) - 安全客-有思想的安全新媒体 - [ ] [Splunk AI Toolkit曝高危漏洞:CVSS 9.1,可远程执行任意系统命令](https://www.anquanke.com/post/id/315618) - Tenable Blog - [ ] [Oracle June 2026 Critical Security Patch Update Addresses 243 CVEs (CVE-2026-35273)](https://www.tenable.com/blog/oracle-june-2026-critical-security-patch-update-addresses-243-cves-cve-2026-35273) - Recent Commits to cve:main - [ ] [Update Thu Jun 18 12:03:11 UTC 2026](https://github.com/trickest/cve/commit/1870839d66d8e8f0eed29dd3013603bb72dcde9a) - ElcomSoft blog - [ ] [Downloading iOS 26 iCloud Backups](https://blog.elcomsoft.com/2026/06/downloading-ios-26-icloud-backups/) - Doonsec's feed - [ ] [3万字讲透AI必懂的60个核心概念(汇总版)](https://mp.weixin.qq.com/s/4w9cKj-sMdC_gDYfUZkpfA) - [ ] [天地伟业Easy7 queryDataByTypeEx接口存在SQL注入漏洞 附POC](https://mp.weixin.qq.com/s/rNx3yX6gGluZl3kS4J-T5g) - [ ] [熵密杯专题|公钥密码之椭圆曲线理论(完整版)](https://mp.weixin.qq.com/s/WQB2HhBqNrnZDm__1GZ5Cw) - [ ] [熵密杯专题|公钥密码之协同签名技术规范(理论篇)](https://mp.weixin.qq.com/s/IvYAIawYDrGJx-yIv-StdQ) - [ ] [SearchLeak漏洞:微软365 Copilot如何沦为一键数据窃取工具](https://mp.weixin.qq.com/s/X9xlliFeMxd90MnrNmZvrg) - [ ] [Aztec Connect 2.2M 美元资产被盗分析:电路缺失等式约束门](https://mp.weixin.qq.com/s/MMvqyqWBL3XRy-8XkgC7ew) - [ ] [关于印发《实施网络安全标识的产品目录(第一批)》及相关实施规则的通知](https://mp.weixin.qq.com/s/60p4yB4fjSJhYTpFXjrReg) - [ ] [乔迁新址启新程|渝融云吉安公司正式入驻市行政中心大楼](https://mp.weixin.qq.com/s/UkHPZV1UwSFVztkXVJHSig) - [ ] [研究完50家美国AI相关公司,为你秘制了一幅AI时代航海图](https://mp.weixin.qq.com/s/79XQAPGwWEzmsoK-V5qIrA) - [ ] [【资料】美国政府持续在此领域资助中国,显示该领域中美合作展现出较强韧性](https://mp.weixin.qq.com/s/j7WHsfqMoE_xUXPnk7130A) - [ ] [伯克利上线「AI漏洞发现排行榜」,这家中国实验室冲到第一?](https://mp.weixin.qq.com/s/yhVN8zvrlS75Jeypo6m4ow) - [ ] [不用羡慕Mac用户!Win端Codex入门教程,一样能用爽](https://mp.weixin.qq.com/s/TfhAeiKYBjCvF9GcLrsb5g) - [ ] [网络数据安全风险评估办法](https://mp.weixin.qq.com/s/m5yibM-YI8-Wdq88fV-eyg) - [ ] [国家网信办等三部门联合公布《网络数据安全风险评估办法》](https://mp.weixin.qq.com/s/QmXzWhLwDKm3-9TWYQ3vsA) - [ ] [【成功复现】Gitea未授权信息泄露漏洞(CVE-2026-27771)](https://mp.weixin.qq.com/s/I6ZE9r1ClwI2_CQvVYE5mA) - [ ] [【工具推荐】红队利器VueCrack](https://mp.weixin.qq.com/s/OxifmSk2oyEJeACkAc29fg) - [ ] [CipherBridge ——面向APP/Web 加解密逆向分析、渗透测试神器](https://mp.weixin.qq.com/s/SZ22dKTCwK25OZFZ64vDxw) - [ ] [逻辑漏洞之登录模块18种利用方法](https://mp.weixin.qq.com/s/0ScVykFvzJnw9Y9WkjQXcQ) - [ ] [2026中国白酒市场现状](https://mp.weixin.qq.com/s/Dt_UtKM1Gwj4mv63l6Zg2A) - [ ] [现实智械危机:AI沦为网络钓鱼工具,成功率高达54%!](https://mp.weixin.qq.com/s/-DZjFFso_WxQI3eL8KxJ8A) - [ ] [“社会组织协同创新,助力企业AI转型”专题交流活动在鼎夏智能举办](https://mp.weixin.qq.com/s/K1fboYl4IzD62ynJSqXSXQ) - [ ] [AI证据观察之四|AI伪造证据九问审查法](https://mp.weixin.qq.com/s/H0Z3zLJtbmhZUpGfaeIF9g) - [ ] [八方网域网安课怎么样](https://mp.weixin.qq.com/s/HXhGboLoGRJUu9EKmhcKpQ) - [ ] [银狐黑产组织内存查杀技术](https://mp.weixin.qq.com/s/2U6ifEEHte86Tar6FlhQEg) - [ ] [【报名开启】「智弈」AI智能体攻防实战沙龙议程抢先看](https://mp.weixin.qq.com/s/erke6MzJ5p2kwqbGKzJEVw) - [ ] [【AI渗透工具】——AI驱动的MCP网络安全自动化平台(HexStrike AI )](https://mp.weixin.qq.com/s/gsAV2nSq5QSpPh1yPyYylQ) - [ ] [Splunk AI Toolkit曝高危漏洞:CVSS 9.1,可远程执行任意系统命令](https://mp.weixin.qq.com/s/H8kFhVqIZi_zq-XyVi4rbw) - [ ] [端午假期服务不“打烊”,美亚柏科技术支持7*24小时在线](https://mp.weixin.qq.com/s/XBDT2Y8RS_OAkvthh08BsA) - [ ] [最顶级的骗局,从来都不像骗局](https://mp.weixin.qq.com/s/x8QtZDiIDuW598ZexwboRA) - [ ] [存储桶检测插件 - Browser-BucketScan](https://mp.weixin.qq.com/s/WU3TFw4PXqruecy2SzWLtg) - [ ] [MistTrack 季度更新:风险衰减模型、链路分析与开发者能力增强](https://mp.weixin.qq.com/s/s2CKPZ-LthjxU9GQOlBxDw) - [ ] [Token 到底怎么买才划算?](https://mp.weixin.qq.com/s/z-S2GZ9UCQSJcuJLrA5idw) - [ ] [大模型 skills 由繁到简](https://mp.weixin.qq.com/s/aN5Yd-IvXeVGoHlBJOyokw) - [ ] [Claude Desktop Connection Refused 故障排查以及本地 VM runtime 剖析](https://mp.weixin.qq.com/s/nV55I6Vh6Ea1qzogvJ9voA) - [ ] [【安全圈】注意!用 Wallpaper Engine 的赶紧看这条!](https://mp.weixin.qq.com/s/hD41Ee0UCR6Gm_vzqfzc9g) - [ ] [【安全圈】微软 Copilot 被曝高危漏洞:点击一个链接,验证码、邮件全泄露](https://mp.weixin.qq.com/s/1NCfwykzgi0z8KRbFDNM4A) - [ ] [【安全圈】FortiBleed 泄露事件暴露 73,000 台设备的 Fortinet VPN 凭证](https://mp.weixin.qq.com/s/pKSqk81RFBiVtMDVvhA8jA) - [ ] [中原银行打造外呼营销智能体,营销转化率较人工提升30%](https://mp.weixin.qq.com/s/ZBda5TUHcL5PmxPkS-l0KQ) - [ ] [AI快讯:国家8部门发布AI+消费实施意见,多位大行领导谈AI](https://mp.weixin.qq.com/s/Y7sVxg8KNAZ8XiTfGdFMXA) - [ ] [一家间谍软件公司的全球生意:向15国出口手机监听系统](https://mp.weixin.qq.com/s/Kd3N00H563UaHP0Sw9UWzQ) - [ ] [安全动态丨网络空间安全动态第338期](https://mp.weixin.qq.com/s/L1T7Vwpo-9yMFrG3N13RNg) - [ ] [每周网络安全简讯 ( 2026年 第25周 )](https://mp.weixin.qq.com/s/4kIuWXVelhkaXpd8B0ZgIw) - [ ] [【域名劫持事件】某社区卫生服务中心公众号某个功能点居然跳转黄色网站?](https://mp.weixin.qq.com/s/4ATK2cNyC0S2bGFJPpMKHQ) - [ ] [ISC.AI 2026 生态聚力 携手打造超级组织论坛 议程抢先看](https://mp.weixin.qq.com/s/3ylIXF1nrhfvWLfK7L_yyA) - [ ] [ISC.AI 2026 AI落地加速:企业场景全面开局——从技术底座到行业场景的实干之路论坛 议程抢先看](https://mp.weixin.qq.com/s/jnArTiT3yvU4UfAGSZgcTQ) - [ ] [vLLM如何通过三段请求拿下root](https://mp.weixin.qq.com/s/SvaR2wk5OiD6wsiZc90YMA) - [ ] [AI 爬虫来势汹汹!反爬治理该如何突围?](https://mp.weixin.qq.com/s/nQG14PQUyHVZO7mzmUGDLg) - [ ] [一周安全事件回顾:AI失控与数据泄露正在重写企业安全的成本账单](https://mp.weixin.qq.com/s/0jxMn94j10iejRr12ry7Hg) - [ ] [关于举办全国网络安全“双师型”教师研修班(AI网络安全威胁响应)的通知](https://mp.weixin.qq.com/s/QR2jdnhmSnz5uvkJq22HZg) - [ ] [国家网信办、工业和信息化部、公安部联合公布《网络数据安全风险评估办法》](https://mp.weixin.qq.com/s/TpCGskKEJA0M_6qFuSfvyw) - [ ] [市经信局关于《武汉市人工智能OPC企业认定办法(征求意见稿)》公开征求意见的通知](https://mp.weixin.qq.com/s/c03qBejXDr4czoWWYsB-dA) - [ ] [深耕国密人才培养|思为同飞商用密码实训平台,打通理论→实操全链路](https://mp.weixin.qq.com/s/MgYCmPthNZqmc0OznOoFjQ) - [ ] [攻防旺季 Rundll又活了 Dump Lsass免杀过最新360(附代码视频)](https://mp.weixin.qq.com/s/YGSVO3dVbTh0XpJyrw1lRg) - [ ] [360企业安全浏览器鸿蒙版获“鸿蒙办公行业先锋奖”!](https://mp.weixin.qq.com/s/Syy4icVwzNVwRbGj4eSuwA) - [ ] [绿盟科技亮相2026全国CIO大会,分享智能体全周期安全落地实践](https://mp.weixin.qq.com/s/FHj3v0-ak1CZfu5LPyXWjA) - [ ] [捷普端午节放假保障通知请查收!](https://mp.weixin.qq.com/s/klpQE6cD0qTP_ZCYEyVowA) - [ ] [2026年漏洞预测:AI推动CVE数量激增至6.6万](https://mp.weixin.qq.com/s/Hgfm7oDEFsFjLfU-XDdLBg) - [ ] [高危Chrome漏洞可导致攻击者执行任意代码,无需点击即可中招](https://mp.weixin.qq.com/s/fIKUI1cihccTAAZabrv-Pw) - [ ] [朝鲜黑客伪造macOS更新窃取密码与加密货币数据](https://mp.weixin.qq.com/s/KGIlleYIxkHmaduoZd8Bfg) - [ ] [攻击者滥用云日志服务逃避检测并削弱防御者可见性](https://mp.weixin.qq.com/s/2AUkP12CM6yybYqKMrBlzg) - [ ] [Autosar CyberSecurity之HSM和CSM, CryIf,Crypto Driver之间的关系](https://mp.weixin.qq.com/s/W-hyP5Jbx3WF9af2Ajashg) - [ ] [标普全球汽车核心技术首席研究分析师确认出席AutoEEA 2026:全球及各主要区域智能座舱与网联汽车市场趋势](https://mp.weixin.qq.com/s/tth98AsPdlYm03dFO9Skew) - [ ] [物理 AI(Physical AI):从数字世界走向真实世界的AI革命](https://mp.weixin.qq.com/s/bl4yIZFhPGWZM7Tc6lKvew) - [ ] [【论文速读】| 守护代码理解:检测代码语言模型中的自然后门漏洞](https://mp.weixin.qq.com/s/H-Z2RAieW4DN7Pt183bkig) - [ ] [深度解读|艾瑞报告重磅发布,网易智企-易盾持续领跑内容风控行业](https://mp.weixin.qq.com/s/IsQNRx3eUh0N7xjQ8VMTIg) - [ ] [安全热点周报:Oracle 缓解了 PeopleSoft 零日漏洞在数据窃取攻击中的利用](https://mp.weixin.qq.com/s/CibPYDSRuZfV1GQRo4kClw) - [ ] [《网络数据安全风险评估办法》答记者问](https://mp.weixin.qq.com/s/uDy66cS_HgQ0I95Lju1Oxg) - [ ] [【漏洞预警】大华智慧园区综合管理平台未授权访问漏洞](https://mp.weixin.qq.com/s/ZIlyS54lU2bUWaB3Y_Yo3Q) - [ ] [天融信入选AI安全代表厂商,典型案例入编《AI大模型安全评估与防护技术应用指南》](https://mp.weixin.qq.com/s/efqsE6hvb1_h-OJ7bIb8CA) - [ ] [天融信携手南京审计大学金审学院共建“天融信”班,共育实战型网安英才](https://mp.weixin.qq.com/s/knqItWXDdxO_C4MQge9xgQ) - [ ] [Yakit 新功能:Edit Binary 让上传包里的不可见字符可控了](https://mp.weixin.qq.com/s/VGsPhbBtrwN8ygYpqKSCiw) - [ ] [2026年国家电子政务外网安全培训会(第二期)在大连成功举办](https://mp.weixin.qq.com/s/0IhzPG-UcfyG9vH-pjUu4w) - [ ] [湖南金盾祝大家端午安康!](https://mp.weixin.qq.com/s/BpUS-0En2MlwlWECewvJuQ) - [ ] [国家安全部点名预警!软件供应链投毒治理指南来了](https://mp.weixin.qq.com/s/WuqiHCi35JFnkQyv9BssIA) - [ ] [工业网络安全周报-2026年第20期](https://mp.weixin.qq.com/s/gJ8YQOYSrB9kb4TTtxOygA) - [ ] [XCTF百城千赛・辽宁科技大学站圆满落幕!](https://mp.weixin.qq.com/s/r82SXaxsMZj37X4jOlJv5A) - [ ] [近期校赛快讯](https://mp.weixin.qq.com/s/JSEISA0RxJBHRwEpqrNr9g) - [ ] [供应链投毒——利用仿冒PyPI实现AI助手定向误导](https://mp.weixin.qq.com/s/lRgoACpnbk-qtkDiBRtVhw) - [ ] [钉钉新CEO首封全员信出炉!](https://mp.weixin.qq.com/s/IHi29RTtf5c59jahjzJIUg) - [ ] [度小满SRC太有心意了](https://mp.weixin.qq.com/s/j64JLJo0RmXKuLvRKfhy_g) - [ ] [张雪峰真没骗我,网络安全这碗饭还真能吃一辈子...](https://mp.weixin.qq.com/s/j-2WdR4sNGXlfgDS3i6iig) - [ ] [CNNVD | 人工智能重要漏洞通报(2026年第九期)](https://mp.weixin.qq.com/s/hoQIpeIG7tGKmMWRRwUWbg) - [ ] [软件“供应链投毒”集中爆发,国安部紧急提醒!](https://mp.weixin.qq.com/s/K_xuxRykvJvdjRbgHhCGxQ) - [ ] [外卖“补贴大战”凉凉!市场监管总局就《外卖平台补贴行为规范十条》公开征求意见](https://mp.weixin.qq.com/s/MS9WDRqiZCCaz-ZtpIq0Aw) - [ ] [通知 | 《网络安全技术 零信任能力成熟度模型及评价方法(征求意见稿)》等5项国家标准公开征求意见(附下载)](https://mp.weixin.qq.com/s/acGVTb62CnCRy7br4a9-Rw) - [ ] [领导者!长亭入选 IDC WAAP 2026年报告](https://mp.weixin.qq.com/s/LUiJkvBMy7gaDwnYPDkiGA) - [ ] [节日安康 安全不打烊](https://mp.weixin.qq.com/s/thOVugryoRg-ul32UJLR-w) - [ ] [jumpserver_decrypto 投毒项目分析](https://mp.weixin.qq.com/s/7Su8v49bFShll1sGvpvD9A) - [ ] [天关·零信任+“3+2+2”产业实践:多维能力升级,解锁行业规模化落地路径](https://mp.weixin.qq.com/s/ok1bEw0s35cmkfqpt-Emtw) - [ ] [多篇成果入选,快手邀您共赴ICML 2026!](https://mp.weixin.qq.com/s/aUeG_u18MAOK2k7PGkJxVw) - [ ] [快Star邮轮夜宴邀请|ICML 2026 汉江烟火,不见不散](https://mp.weixin.qq.com/s/Nf0W5qkd_nZyn-Uc9iZnsw) - [ ] [庄荣文:坚持统筹发展和安全 不断做强做优做大数字经济](https://mp.weixin.qq.com/s/NAKivNCwMxHaWgsniHHojQ) - [ ] [动态|第五届“复兴杯”全国大学生网络安全精英赛侧记](https://mp.weixin.qq.com/s/yyY1mBbVj2yoD6sokxgf7Q) - [ ] [动态|全国网安标委征求《网络安全技术 零信任能力成熟度模型及评价方法》(征求意见稿)等5项国家标准意见](https://mp.weixin.qq.com/s/uFcv0Wz6jG39ibGLNodbYQ) - [ ] [动态|《Token驱动智能经济研究报告(2026年)》正式发布](https://mp.weixin.qq.com/s/Hj3C-o1hgGvXxp-z9LS-iw) - [ ] [天威诚信参编,《OS应用软件包签名/验证技术规范》发布](https://mp.weixin.qq.com/s/xOlZsHFX9owkGtsQxmvYtA) - [ ] [净网专项行动|网警侦破一起涉世界杯网络赌博推广引流案件](https://mp.weixin.qq.com/s/S-hWljUqp7pmgKHhAwTtdQ) - [ ] [腾讯马上要出网盘了,大家期待吗?](https://mp.weixin.qq.com/s/V2PnI2VIdfb_U0AWC7rHEQ) - [ ] [无问AI网安模型网页端降价通知](https://mp.weixin.qq.com/s/gig_3o5VTgoNlqEV5me_aw) - [ ] [【无问社区】无问AI网安模型价格下调通知](https://mp.weixin.qq.com/s/Wpvp5PeHviAbnIDPM6xbHg) - [ ] [安全快报 | 伊朗黑客组织Handala声称入侵美国加州水务系统并窃取5GB数据](https://mp.weixin.qq.com/s/CkuClwN0j5JjY414P72j9g) - [ ] [每日安全动态推送(26/6/18)](https://mp.weixin.qq.com/s/Rpbj8e3xIXoODoF9mVGnaA) - [ ] [福利现场 | 纸箱归猫,礼盒归你](https://mp.weixin.qq.com/s/QrIh45QFxN5Zie_gRF4U7Q) - [ ] [寰球密码简报(2026年乙本第14期)丨ISACA调查揭示:多数组织量子安全准备滞后](https://mp.weixin.qq.com/s/rwsKIP09hofyQi51if8m3g) - [ ] [寰球密码简报(2026年乙本第15期)丨“先收集、后解密”风险:后量子密码应对趋势](https://mp.weixin.qq.com/s/1pStBYa8dyDO1DHhMxxdIA) - [ ] [开源](https://mp.weixin.qq.com/s/rmtVgQGgopMNRIeKVHwONQ) - [ ] [软件“供应链投毒”来势汹汹 国家安全部发布安全提醒](https://mp.weixin.qq.com/s/smw4axJ1ZxZF9Zt4E_ep3g) - [ ] [腾讯云AICC正式上线:为云上部署大模型提供可验证的安全保障](https://mp.weixin.qq.com/s/yzGYd2lhXvuIO80UbEQaKQ) - [ ] [人工智能重要漏洞通报(2026年第九期)](https://mp.weixin.qq.com/s/tj099pgcLF3C9rKU7bqOqQ) - [ ] [安全简讯(2026.06.18)](https://mp.weixin.qq.com/s/JQkDAnLSsLV6lSV86DRxag) - [ ] [关于NISI转换CISI的公告](https://mp.weixin.qq.com/s/zyyHw5BaMm90NgnYFebhjw) - [ ] [EISS-AI安全之北京站(2026.06.26/周五/北京)](https://mp.weixin.qq.com/s/x1v6ahUewnTmnj-unjSaPw) - [ ] [阿里28岁工程师考公上岸副省级市直!是回去当公务员还是接着卷AI](https://mp.weixin.qq.com/s/Pt2W38YDgVsVEk-lh_2Wiw) - [ ] [世界杯火热开赛,USDT 正成为赌球“新宠”?](https://mp.weixin.qq.com/s/1XqWtL6fF_GLqRQ6_5eDSg) - [ ] [《网络安全技术 关键信息基础设施安全检测评估方法》等5项国家标准公开征求意见](https://mp.weixin.qq.com/s/R7XJZBMXhSS6j7OTqEPR6A) - [ ] [2026盘古石取证-端午假期值班安排](https://mp.weixin.qq.com/s/LqhslHhdQKxV0JSgudPi4w) - [ ] [上交所发布《人工智能大模型企业适用科创板第五套上市标准》](https://mp.weixin.qq.com/s/pE8V8DAgUdMcBrM2nZG9pw) - [ ] [2026 年中国自动驾驶商业模式研究](https://mp.weixin.qq.com/s/IZX9QZzd3le7TX7gnA-gXw) - [ ] [bshare 域名过期抢注事件](https://mp.weixin.qq.com/s/el8kgTrBRFM4VczpXDP15A) - [ ] [纯干货需带饮料看,一招教你破解网站密码!!!](https://mp.weixin.qq.com/s/RhOudxmZZPsfZ5P7QP1sAg) - [ ] [存在漏洞的 PackageKit 使攻击者能够获得 root 权限](https://mp.weixin.qq.com/s/8DRJdSmNRz_1Rn-VxF8jqQ) - [ ] [通过测试用的 Kubernetes 集群访问 Bitbucket](https://mp.weixin.qq.com/s/m6VQW3XnDJHt-JsGo30MUw) - [ ] [端午安康 | 宁盾端午节放假通知](https://mp.weixin.qq.com/s/Zrf-pscP-MngW_7vK3AWxg) - [ ] [【高危漏洞预警】Linux Kernel net/sched act_pedit本地权限提升漏洞CVE-2026-46331](https://mp.weixin.qq.com/s/Cag8qF35yy-xVpshAfeW6A) - [ ] [测评机构的回旋镖来了!测评机构不仅要会“测别人”,更要先“管好自己”](https://mp.weixin.qq.com/s/5yvzBiG0omt6w-T3wcjjMg) - [ ] [LLM Agent攻击链全拆解:从System Prompt泄露到完整权限获取的6步Kill Chain](https://mp.weixin.qq.com/s/ph-6Ux__5Xkybhn_3p_BRw) - [ ] [当钓鱼邮件盯上 AI Agent,风险不止点错链接](https://mp.weixin.qq.com/s/Y3AOkKimWLrwLUBhqctTZg) - [ ] [理财公司迎监管评级|任子行数据安全分类分级,数安三件套夯实数据治理高分底座](https://mp.weixin.qq.com/s/TWsz90aW745-0WDGGU21oQ) - [ ] [ADCS-ESC6枚举和利用](https://mp.weixin.qq.com/s/85MNOfzVnGSDUWnviE2Aog) - [ ] [PhantomCtx:一种用于逃避 EDR 的激活上下文劫持新方法](https://mp.weixin.qq.com/s/ZhAgr31ND0GaSbZIeGPcXQ) - [ ] [FIFA世界杯流媒体后台被曝高危漏洞:公开注册账号即可访问核心直播配置](https://mp.weixin.qq.com/s/C-g4nMzVf2INSkT6BpJJhA) - [ ] [重磅|抢占AI安全赛道:企业资质+人员CISP-AISS双布局](https://mp.weixin.qq.com/s/G_WzCBC363YEP9AQ1T4GVQ) - [ ] [AI 赋能 哥斯拉 MCP 插件:联动 Claude 打造红队 Webshell 自动化作战工具](https://mp.weixin.qq.com/s/do7uYAuHkyLr07tP4SahMw) - [ ] [特朗普要炒赫格塞斯的鱿鱼?这场内斗比伊朗核协议本身更值得看](https://mp.weixin.qq.com/s/7YpHQPcttQ5uqbHpS5cOAA) - [ ] [等级测评师一二三级要求](https://mp.weixin.qq.com/s/znP7bviR5IBLw-TkfJLwGA) - [ ] [一场88分钟的猎杀:Mastra作用域接管事件深度剖析](https://mp.weixin.qq.com/s/1fuMqIiNs0fUypY2ziECRQ) - [ ] [每周勒索威胁摘要](https://mp.weixin.qq.com/s/2nuNx3RvtLjSywZo20hIBQ) - [ ] [Anthropic模型封禁事件解密,彭博社曝光美国商务部长告知函](https://mp.weixin.qq.com/s/s8VgNAuPtwnQF9Bh_l-K3g) - [ ] [境外恶意IP地址防范与通报(来自公安部网安局)](https://mp.weixin.qq.com/s/gbijfVZPeQsQabp-S8Ul0A) - [ ] [ESC10结合RBCD链式利用](https://mp.weixin.qq.com/s/gDceOks0upbh14GUsDm5Bw) - [ ] [刷擦边小视频也能通杀edu?](https://mp.weixin.qq.com/s/aTK0ZScMkunc2SkzdRwpHw) - [ ] [有多少人认识这个鱼?🐟](https://mp.weixin.qq.com/s/_DwPSsi8Qmn0sX9rjB913A) - [ ] [记一次众测发现的任意用户修改密码](https://mp.weixin.qq.com/s/9lEqwsbZLD9KcqT3rgO2rw) - [ ] [国家网络安全通报中心:防范假冒公安机关恶意应用程序攻击](https://mp.weixin.qq.com/s/8IKLzBcF-PwH2JSmyx_RxQ) - [ ] [专题解读 | Harness Engineering:AI 工程正在从“调模型”走向“造环境”](https://mp.weixin.qq.com/s/ui8sR9O7L5bA_0092BOSiA) - [ ] [国家网络与信息安全信息通报中心:防范假冒公安机关恶意应用程序攻击](https://mp.weixin.qq.com/s/R1P0ohtm3SQ5sYP1yspKDA) - [ ] [某大模型 rce 瓜](https://mp.weixin.qq.com/s/MrJiLWZVvHsNWK7KrXHOTA) - [ ] [DATA+AI战略首发:中新赛克让 AI 真正扎根业务一线创造价值](https://mp.weixin.qq.com/s/Is2QZ81mtCflk2M2XOiTeg) - [ ] [黑客工具备忘录](https://mp.weixin.qq.com/s/BZnL1U59CXCC8vMiDhow_w) - [ ] [一个PCAP包,十分钟溯源——AI驱动的流量溯源分析实战全揭秘-pcap-traceability-report](https://mp.weixin.qq.com/s/UJTtJamKEtRL3XmltGUIKQ) - [ ] [计算与网络中的关键组件,了解主板、网卡、HBA和RJ45](https://mp.weixin.qq.com/s/vVM8uIE0PNsPawQ_nsbR4w) - [ ] [从 Warp 换到 cmux:一个更适合 AI Agent 的终端](https://mp.weixin.qq.com/s/7tnPJez7t-CM5zmR-91O6A) - [ ] [汇丰与谷歌达成AI领域合作,每个项目或将产生1亿美元收益?](https://mp.weixin.qq.com/s/iN4_bRLEZHLrKDWPmzubEw) - [ ] [抽奖啦 | 披风斩棘 一举高“粽”](https://mp.weixin.qq.com/s/6eYaTQeLLO6YUxk5aUo33Q) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s/99mqecITGCItZkyrVU7c0g) - [ ] [分享图片](https://mp.weixin.qq.com/s/mxhyOnl8gsHwIJDGBSSnyg) - [ ] [黑客偷了Claude拿去黑别人:完整攻击日志曝光](https://mp.weixin.qq.com/s/fCFlE2JV4SWS2-hCJTeRVg) - [ ] [2026–2030年Stellantis集团战略规划](https://mp.weixin.qq.com/s/n5e4HYc0lNftuYGWAdFPsg) - [ ] [西安电子科技大学密码学院与ISN全国重点实验室成果被EUROCRYPT 2026接收](https://mp.weixin.qq.com/s/4bme54EMmjNvuFDdVSyTuw) - Bug Bounty in InfoSec Write-ups on Medium - [ ] [“Bug Bounty Bootcamp #47: Account Takeover 101 — How to Steal Everyone’s Account (Legally)”](https://infosecwriteups.com/bug-bounty-bootcamp-47-account-takeover-101-how-to-steal-everyones-account-legally-684fd8e3e198?source=rss----7b722bfd1b8d--bug_bounty) - [ ] [Building a Hackbot for Bug Bounties — Auth Testing Subagent Setup](https://infosecwriteups.com/building-a-hackbot-for-bug-bounties-auth-testing-subagent-setup-02cc9cb89196?source=rss----7b722bfd1b8d--bug_bounty) - [ ] [“Bug Bounty Bootcamp #46: Not Allowed From Your IP?”](https://infosecwriteups.com/bug-bounty-bootcamp-46-not-allowed-from-your-ip-8df1b1f96a30?source=rss----7b722bfd1b8d--bug_bounty) - [ ] [I Pentested a Real CRM System and Found 4 Critical Vulnerabilities — Here’s the Full Attack Chain](https://infosecwriteups.com/i-pentested-a-real-crm-system-and-found-4-critical-vulnerabilities-heres-the-full-attack-chain-98c030a57ab1?source=rss----7b722bfd1b8d--bug_bounty) - NVISO Labs - [ ] [The Road to Post-Quantum Readiness Part 1 of 2: Understanding the Risk](https://blog.nviso.eu/2026/06/18/the-road-to-post-quantum-readiness-part-1/) - Malwarebytes - [ ] [Microsoft working on a fix for RoguePlanet, a flaw that grants full PC control](https://www.malwarebytes.com/blog/news/2026/06/microsoft-working-on-a-fix-for-rogueplanet-a-flaw-that-grants-full-pc-control) - [ ] [Retro gaming fans are the new target for fake GitHub malware](https://www.malwarebytes.com/blog/threat-intel/2026/06/retro-gaming-fans-are-the-new-target-for-fake-github-malware) - [ ] [Kodak confirms breach as ShinyHunters’ leak threat reaches deadline](https://www.malwarebytes.com/blog/news/2026/06/kodak-confirms-breach-as-shinyhunters-leak-threat-reaches-deadline) - 绿盟科技技术博客 - [ ] [绿盟科技亮相2026全国CIO大会,分享智能体全周期安全落地实践](https://blog.nsfocus.net/%e7%bb%bf%e7%9b%9f%e7%a7%91%e6%8a%80%e4%ba%ae%e7%9b%b82026%e5%85%a8%e5%9b%bdcio%e5%a4%a7%e4%bc%9a%ef%bc%8c%e5%88%86%e4%ba%ab%e6%99%ba%e8%83%bd%e4%bd%93%e5%85%a8%e5%91%a8%e6%9c%9f%e5%ae%89%e5%85%a8/) - [ ] [用某些旧版客户端登录Ubuntu遭遇OSC控制序列](https://blog.nsfocus.net/%e7%94%a8%e6%9f%90%e4%ba%9b%e6%97%a7%e7%89%88%e5%ae%a2%e6%88%b7%e7%ab%af%e7%99%bb%e5%bd%95ubuntu%e9%81%ad%e9%81%87osc%e6%8e%a7%e5%88%b6%e5%ba%8f%e5%88%97/) - text/plain - [ ] [A Quarter Century in Tech](https://textslashplain.com/2026/06/18/a-quarter-century-in-tech/) - 奇客Solidot–传递最新科技情报 - [ ] [地球的海洋来自何处?](https://www.solidot.org/story?sid=84622) - [ ] [三个安全启动证书即将过期](https://www.solidot.org/story?sid=84621) - [ ] [摩根大通高盛禁止香港员工使用 Anthropic 模型](https://www.solidot.org/story?sid=84620) - [ ] [诺和诺德 1.3 TB 内部数据被盗,被勒索 2500 万美元](https://www.solidot.org/story?sid=84619) - [ ] [科学家将鼠疫追溯到 5500 年前](https://www.solidot.org/story?sid=84618) - [ ] [调查显示中国三分之一青少年睡眠质量差](https://www.solidot.org/story?sid=84617) - [ ] [法国物理学家和科普名人因论文抄袭被剥夺博士学位](https://www.solidot.org/story?sid=84616) - [ ] [中国汽车占欧洲新车销售的比例将超过 10%](https://www.solidot.org/story?sid=84615) - [ ] [苹果准备涨价](https://www.solidot.org/story?sid=84614) - [ ] [美国暂缓将 DeepSeek 加入黑名单](https://www.solidot.org/story?sid=84613) - HackerNews - [ ] [论文导读:面向多种防御策略的自动化越狱攻击](http://0.0.0.0:8080/post/64362) - [ ] [CISA 警告存在正在被积极利用的 Joomla JCE 漏洞,可导致 PHP 代码执行](http://0.0.0.0:8080/post/64361) - [ ] [初级黑客在其 C2 下线后使用 Tailscale 和 OpenSSH 保持访问](http://0.0.0.0:8080/post/64360) - [ ] [FortiBleed 泄露事件暴露 73,000 台设备的 Fortinet VPN 凭证](http://0.0.0.0:8080/post/64359) - [ ] [柯达确认 ShinyHunters 勒索团伙声称的数据泄露事件](http://0.0.0.0:8080/post/64358) - [ ] [Rockwell Automation 修复 ICS 控制器和软件中的漏洞](http://0.0.0.0:8080/post/64357) - [ ] [Microsoft Teams 中继服务器被滥用于 DragonForce 勒索软件攻击](http://0.0.0.0:8080/post/64356) - 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台 - [ ] [DeepL并购Mixhalo团队 进军AI语音市场](https://blog.upx8.com/DeepL%E5%B9%B6%E8%B4%ADMixhalo%E5%9B%A2%E9%98%9F-%E8%BF%9B%E5%86%9BAI%E8%AF%AD%E9%9F%B3%E5%B8%82%E5%9C%BA) - [ ] [爱沙尼亚正在为AI智能体分配“个人识别码”](https://blog.upx8.com/%E7%88%B1%E6%B2%99%E5%B0%BC%E4%BA%9A%E6%AD%A3%E5%9C%A8%E4%B8%BAAI%E6%99%BA%E8%83%BD%E4%BD%93%E5%88%86%E9%85%8D-%E4%B8%AA%E4%BA%BA%E8%AF%86%E5%88%AB%E7%A0%81) - [ ] [伊利诺伊州或禁止驾驶员佩戴智能眼镜](https://blog.upx8.com/%E4%BC%8A%E5%88%A9%E8%AF%BA%E4%BC%8A%E5%B7%9E%E6%88%96%E7%A6%81%E6%AD%A2%E9%A9%BE%E9%A9%B6%E5%91%98%E4%BD%A9%E6%88%B4%E6%99%BA%E8%83%BD%E7%9C%BC%E9%95%9C) - [ ] [SpaceX扩大董事会:马斯克长期盟友加入](https://blog.upx8.com/SpaceX%E6%89%A9%E5%A4%A7%E8%91%A3%E4%BA%8B%E4%BC%9A-%E9%A9%AC%E6%96%AF%E5%85%8B%E9%95%BF%E6%9C%9F%E7%9B%9F%E5%8F%8B%E5%8A%A0%E5%85%A5) - [ ] [微软向字节等出售AI模型 赚取丰厚利润](https://blog.upx8.com/%E5%BE%AE%E8%BD%AF%E5%90%91%E5%AD%97%E8%8A%82%E7%AD%89%E5%87%BA%E5%94%AEAI%E6%A8%A1%E5%9E%8B-%E8%B5%9A%E5%8F%96%E4%B8%B0%E5%8E%9A%E5%88%A9%E6%B6%A6) - [ ] [三分之二的美国人认为AI发展速度过快](https://blog.upx8.com/%E4%B8%89%E5%88%86%E4%B9%8B%E4%BA%8C%E7%9A%84%E7%BE%8E%E5%9B%BD%E4%BA%BA%E8%AE%A4%E4%B8%BAAI%E5%8F%91%E5%B1%95%E9%80%9F%E5%BA%A6%E8%BF%87%E5%BF%AB) - [ ] [报告发现TikTok的AI生成内容是YouTube的三倍](https://blog.upx8.com/%E6%8A%A5%E5%91%8A%E5%8F%91%E7%8E%B0TikTok%E7%9A%84AI%E7%94%9F%E6%88%90%E5%86%85%E5%AE%B9%E6%98%AFYouTube%E7%9A%84%E4%B8%89%E5%80%8D) - 腾讯玄武实验室 - [ ] [每日安全动态推送(26/6/18)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651960493&idx=1&sn=8741f64e02c3986a95ff6c7a40544c98) - 黑鸟 - [ ] [SearchLeak漏洞:微软365 Copilot如何沦为一键数据窃取工具](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451187085&idx=1&sn=dfebfb0d691ba51a7ecdf6f8cb8e5d79) - 安全内参 - [ ] [供应商泄露上千万用户数据,甲方赔偿超2.3亿元](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247516115&idx=1&sn=e56257925c3beb1413f9aab054c1f0db) - [ ] [布局数字战场:美国网络司令部为JCWA构建云原生基座与数据动脉](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247516115&idx=2&sn=f5e5e7f9adfa5a0353adc474b9df06d0) - 威努特安全网络 - [ ] [智能制造IT架构升级:超融合如何守护产线核心业务系统?](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651142407&idx=1&sn=468ae903cbf94bcbdedb88b1fff67e92) - [ ] [WinClaw限时全免!注册即享AI大模型免费额度](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651142407&idx=2&sn=5b3b43ffb2dd8eec26618dbb0043de7f) - 代码卫士 - [ ] [CISA 要求联邦机构在本周五前修复Joomla 插件满分漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247526330&idx=1&sn=42e983016d623f7d964bffc4b9b3466e) - [ ] [Fortra 访问管理器漏洞可导致远程命令注入攻击](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247526330&idx=2&sn=634ff7aee7d1db205f90e279a8c74f64) - [ ] [贡献者账号遭劫持,144个 Mastra npm 包被攻击](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247526330&idx=3&sn=b88d64d1c070aa274392118c7922759d) - 微步在线研究响应中心 - [ ] [原创漏洞 | NGINX堆缓冲区溢出漏洞](https://mp.weixin.qq.com/s?__biz=Mzg5MTc3ODY4Mw==&mid=2247508753&idx=1&sn=b5ee55949e117ad9e73d583f957368c4) - 绿盟科技研究通讯 - [ ] [供应链投毒——利用仿冒PyPI实现AI助手定向误导](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247500004&idx=1&sn=3ffecb7ed784c2ead09472ad7965f49a) - 安全分析与研究 - [ ] [银狐黑产组织内存查杀技术](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247496802&idx=1&sn=129e3e786df2abe070086caf92feb7bd) - 天黑说嘿话 - [ ] [发新一个寄快递“漏洞”!运费直接省50%](https://mp.weixin.qq.com/s?__biz=MzI5NTQ5MTAzMA==&mid=2247486107&idx=1&sn=aa97bfadad24a0e9a4cbda697cef52e2) - 安全客 - [ ] [Splunk AI Toolkit曝高危漏洞:CVSS 9.1,可远程执行任意系统命令](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649790099&idx=1&sn=17ef8b65a5934d609189271357051b6a) - 看雪学苑 - [ ] [打破传统AI逆向的新思路:多Agent、自主管理上下文 - 逆向思路](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458616781&idx=1&sn=da033ac7ab96ce635d060973a467e970) - [ ] [无需交互即可提权至SYSTEM!微软承认Defender曝“RoguePlanet”高危零日漏洞](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458616781&idx=2&sn=cdffb0e31362c473f09b0712e981f34c) - [ ] [【618满减优惠】利用AI人工智能辅助逆向分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458616781&idx=3&sn=a642f8975a6c6df93a16596cc40c81e2) - 信息安全国家工程研究中心 - [ ] [软件“供应链投毒”来势汹汹 国家安全部发布安全提醒](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247504223&idx=1&sn=56c41b42e8f609461e6a7f3838252255) - 数世咨询 - [ ] [基于意图的终端安全公司:种子轮融资1亿美元](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247543285&idx=1&sn=81a4cc0648ec52f9b918a7fd623ebed7) - [ ] [算力爆发下的 AI 散热:技术跃迁与国产替代新机遇](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247543285&idx=2&sn=2cabb1fbb95c268ccfbc854a84bebb50) - 奇安信威胁情报中心 - [ ] [一场88分钟的猎杀:Mastra作用域接管事件深度剖析](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247519114&idx=1&sn=a77289b85be94df6e9efcc98e0badc7b) - 长亭科技 - [ ] [领导者!长亭入选 IDC WAAP 2026年报告](https://mp.weixin.qq.com/s?__biz=MzIwNDA2NDk5OQ==&mid=2651390498&idx=1&sn=241566edf99871d5625c2af2695ebf57) - [ ] [节日安康 安全不打烊](https://mp.weixin.qq.com/s?__biz=MzIwNDA2NDk5OQ==&mid=2651390498&idx=2&sn=bbc9f37bcb62bb885b5071ddd040d6a2) - 安全圈 - [ ] [【安全圈】注意!用 Wallpaper Engine 的赶紧看这条!](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652077470&idx=1&sn=55acb26450f08df32fbbcc06ba8b7bee) - [ ] [【安全圈】微软 Copilot 被曝高危漏洞:点击一个链接,验证码、邮件全泄露](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652077470&idx=2&sn=e1fb1a4e832121ae7a088023cf1bf5f8) - [ ] [【安全圈】FortiBleed 泄露事件暴露 73,000 台设备的 Fortinet VPN 凭证](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652077470&idx=3&sn=d9993512bb783a74569e8df09225a9d5) - 安全牛 - [ ] [从“零日漏洞”到国家级封禁:Fable 5与Mythos 5下架背后的AI安全权力博弈](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651141720&idx=1&sn=eb04f766392c97e2ef29ef5c95fabd70) - [ ] [与大咖共话数智未来 | 第五届数字信任大会火热报名中](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651141720&idx=2&sn=748911ce7fefe90ed37e45ea608dba8d) - 奇安信病毒响应中心 - [ ] [每周勒索威胁摘要](https://mp.weixin.qq.com/s?__biz=MzI5Mzg5MDM3NQ==&mid=2247498614&idx=1&sn=0baf5b1aeb487c48a73c1f667abeb813) - 极客公园 - [ ] [理想的具身智能走到了哪里?一颗芯片、一套大脑、一个新范式](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653109083&idx=1&sn=708abe59098d53e5847fe83c1b0af3c9) - [ ] [Liblib 打破中国 AI 应用层融资记录:打过仗的人,不迷信错位竞争](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653109053&idx=1&sn=5881b0507512227c52e105809ae7a20c) - [ ] [库克:内存压力大,苹果将涨价;传 DeepSeek 估值超 4000 亿;联想推 AI 主机 MINI,2999 元 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653109068&idx=1&sn=2a45fa57656ecf6654469567a7080eba) - 火绒安全 - [ ] [抽奖啦 | 披风斩棘 一举高“粽”](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247534606&idx=1&sn=607cb141f86f9a39b127b2267c213c6a) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247534606&idx=2&sn=9e53997912682e1da6014c13b3a7bdfe) - 君哥的体历 - [ ] [3万字讲透AI必懂的60个核心概念(汇总版)](https://mp.weixin.qq.com/s?__biz=MzI2MjQ1NTA4MA==&mid=2247492451&idx=1&sn=6431fe289eb34f65ac5d309cb31724fb) - 情报分析师 - [ ] [特朗普要炒赫格塞斯的鱿鱼?这场内斗比伊朗核协议本身更值得看](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650568237&idx=1&sn=1b08d352ddb3dafe82cba742669e53d3) - 微步在线 - [ ] [首次!银狐使用非开源手法致盲EDR](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650186829&idx=1&sn=fbc051e7402ec98a041228647f070ff7) - 美团技术团队 - [ ] [美团海报生成 AIGC 技术创新与实践](https://mp.weixin.qq.com/s?__biz=MjM5NjQ5MTI5OA==&mid=2651782896&idx=1&sn=d13b5709795af1b2e75c9396956d5fc2) - [ ] [报名|美团&顶会论文分享:搜索推荐ASX专场](https://mp.weixin.qq.com/s?__biz=MjM5NjQ5MTI5OA==&mid=2651782896&idx=2&sn=ce2cb30b2d2b0e9ea12d03561124dd05) - OnionSec - [ ] [五年前的一段聊天记录](https://mp.weixin.qq.com/s?__biz=MzUyMTUwMzI3Ng==&mid=2247485821&idx=1&sn=fb02a189e56ba3bb3756f1960200c115) - 慢雾科技 - [ ] [MistTrack 季度更新:风险衰减模型、链路分析与开发者能力增强](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247505246&idx=1&sn=bc08e36c2980b3bda727761349bc137d) - 云鼎实验室 - [ ] [从低权限 Key 到 AI Gateway 接管:LiteLLM 漏洞链完整剖析](https://mp.weixin.qq.com/s?__biz=MzU3ODAyMjg4OQ==&mid=2247497782&idx=1&sn=26de363234b141e682c1fc30321013a1) - 软件安全与逆向分析 - [ ] [618活动!公众号粉丝课程半价福利,错过再等一年!](https://mp.weixin.qq.com/s?__biz=MzU3MTY5MzQxMA==&mid=2247485275&idx=1&sn=a0bb00c5be4de8c5c3a47f0013ead5a3) - 墨菲安全 - [ ] [国家安全部点名预警!软件供应链投毒治理指南来了](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488475&idx=1&sn=4634f5d93ce93652867fcd458cb6bb65) - TrustedSec - [ ] [Modern Web Application Content Discovery](https://trustedsec.com/blog/modern-web-application-content-discovery) - 专注安管平台 - [ ] [从RSAC2026看安全运营技术发展趋势(4):综合观察与反思](https://mp.weixin.qq.com/s?__biz=MzUyNzMxOTAwMw==&mid=2247485258&idx=1&sn=db3a87cbb89dceaebb763ebef592a256) - 丁爸 情报分析师的工具箱 - [ ] [【资料】美国政府持续在此领域资助中国,显示该领域中美合作展现出较强韧性](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651156314&idx=1&sn=c59ed406e3af41bbc2ad930b3d750a7a) - 深信服千里目安全技术中心 - [ ] [【漏洞通告】Linux Kernel net/sched act_pedit 权限提升漏洞(CVE-2026-46331)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247525944&idx=1&sn=0068a85063edf376b9e29d4bdf0baf00) - [ ] [网络安全信息与动态周报2026年第24期(6月8日-6月14日)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247525944&idx=2&sn=d1d54a74d6c3a9d6be66bda1c71c7ef1) - 360数字安全 - [ ] [360企业安全浏览器鸿蒙版获“鸿蒙办公行业先锋奖”!](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247586278&idx=1&sn=824e6d16df391d8e694d25e1e18a5d42) - 迪哥讲事 - [ ] [离谱的重定向](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247499576&idx=1&sn=8823029184e74644e518fc4085925564) - Qualys Security Blog - [ ] [Oracle Critical Patch Update, June 2026 Security Update Review](https://blog.qualys.com/category/vulnerabilities-threat-research) - Over Security - [ ] [Ralph Lauren - 139,903 breached accounts](https://haveibeenpwned.com/Breach/RalphLauren) - [ ] [Gentlemen ransomware uses multiple EDR killers to disable defenses](https://www.bleepingcomputer.com/news/security/gentlemen-ransomware-uses-multiple-edr-killers-to-disable-defenses/) - [ ] [Nova Claims Access to NSW Systems: Between 400 GB Exfiltrated and Data Disputed by Authorities](https://www.suspectfile.com/nova-claims-access-to-nsw-systems-between-400-gb-exfiltrated-and-data-disputed-by-authorities/) - [ ] [Operation Endgame 4.0 - 153,527 breached accounts](https://haveibeenpwned.com/Breach/OperationEndgame4) - [ ] [Bulgaria allowed surveillance tech firm to sell products to repressive regimes, report says](https://therecord.media/bulgaria-allowed-surveillance-tech-firm-to-sell-to-repressive-regimes-report) - [ ] [FlipCTL — our GUI framework for embedded Linux systems](https://blog.flipper.net/flipctl-our-gui-framework-for-embedded-linux-systems/) - [ ] [Nintendo confirms data stolen in WebMD subsidiary cyberattack](https://www.bleepingcomputer.com/news/security/nintendo-confirms-data-stolen-in-webmd-subsidiary-cyberattack/) - [ ] [Close Encounters of the Human Kind](https://blog.talosintelligence.com/close-encounters-of-the-human-kind/) - [ ] [‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm](https://krebsonsecurity.com/2026/06/popa-botnet-linked-to-publicly-traded-israeli-firm/) - [ ] [USB worm spreads crypto-stealing malware via Windows shortcut files](https://www.bleepingcomputer.com/news/security/usb-worm-spreads-crypto-stealing-malware-via-windows-shortcut-files/) - [ ] [Lock-in tecnologico cyber: come pianificare la strategia di uscita](https://www.cybersecurity360.it/soluzioni-aziendali/lock-in-tecnologico-cyber-come-pianificare-la-strategia-di-uscita/) - [ ] [The Analyst's New Job Description](https://binarydefense.com/resources/blog/the-analysts-new-job-description) - [ ] [Editoriale newsletter Guerre Di Rete](https://guerredirete.substack.com/p/editoriale-newsletter-guerre-di-rete) - [ ] [Australian sugar producer works to restore operations as ransomware group claims attack](https://therecord.media/mackay-sugar-cyberattack-claimed-gentlemen) - [ ] [Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks](https://www.bleepingcomputer.com/news/security/klue-oauth-breach-linked-to-icarus-salesforce-data-theft-attacks/) - [ ] [FortiBleed: 73.000 firewall Fortinet compromessi in 194 Paesi, anche in Italia. Cosa fare adesso](https://www.cybersecurity360.it/news/fortibleed-73-000-firewall-fortinet-compromessi-in-194-paesi-anche-in-italia-cosa-fare-adesso/) - [ ] [5 reasons Microsoft 365 backup isn’t enough for business data protection](https://www.bleepingcomputer.com/news/security/5-reasons-microsoft-365-backup-isnt-enough-for-business-data-protection/) - [ ] [Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp](https://www.bleepingcomputer.com/news/security/law-enforcement-nukes-socgholish-malware-from-nearly-15-000-sites/) - [ ] [Digital Omnibus, approvata la modifica dell’AI Act: ecco la nuova roadmap della compliance](https://www.cybersecurity360.it/legal/digital-omnibus-approvata-la-modifica-dellai-act-ecco-la-nuova-roadmap-della-compliance/) - [ ] [ShapedPlugin update flow hacked to infect WordPress sites](https://www.bleepingcomputer.com/news/security/shapedplugin-update-flow-hacked-to-infect-wordpress-sites/) - [ ] [Telegram admits it couldn't police exam-leak channels, India tells court](https://www.bleepingcomputer.com/news/security/telegram-admits-it-couldnt-police-exam-leak-channels-india-tells-court/) - [ ] [Apple fixes Beats Studio Buds flaw that let hackers spy on conversations](https://www.bleepingcomputer.com/news/security/apple-fixes-beats-studio-buds-flaw-that-let-hackers-spy-on-conversations/) - [ ] [FortiBleed: credenziali Fortinet esposte, interessata anche la PA italiana](https://cert-agid.gov.it/news/fortibleed-credenziali-fortinet-esposte-interessata-anche-la-pa-italiana/) - [ ] [Cybercrime Breaches Klue: Salesforce Data Impacted for Many Victims, including Huntress | Huntress](https://www.huntress.com/blog/klue-breach-investigation?hnt=pznifbfhot7e) - [ ] [F5 issues out-of-band patches for critical NGINX vulnerabilities](https://www.bleepingcomputer.com/news/security/f5-issues-out-of-band-patches-for-critical-nginx-vulnerabilities/) - [ ] [Operation FanTrap: Inside the FIFA 2026 Fraud Ecosystem](https://cyble.com/blog/operation-fantrap-fifa-2026-fraud-ecosystem/) - [ ] [Microsoft fixes Windows Server 2016 security update failures](https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-server-2016-security-update-failures/) - [ ] [€25k for an old Nokia handset?](https://www.theregister.com/on-prem/2009/04/21/25k-for-an-old-nokia-handset/1381456) - [ ] [Investigators replicate Nokia 1100 online banking hack](https://www.networkworld.com/article/781736/data-center-investigators-replicate-nokia-1100-online-banking-hack.html) - [ ] [Scripting the disassembler: Local agentic reverse engineering through vbdec’s live COM object model](https://blog.talosintelligence.com/scripting-the-disassembler/) - [ ] [Attacchi NFC, stanno aumentando i furti tramite smartphone Android](https://www.cybersecurity360.it/news/attacchi-nfc-android/) - [ ] [What Ukraine’s Entry Into the EU Cybersecurity Reserve Means](https://thecyberexpress.com/ukraine-joins-eu-cybersecurity-reserve/) - [ ] [Social Dinner BiTM 🍽️](https://www.hacklabg.net/uncategorized/social-dinner-bitm-%F0%9F%8D%BD%EF%B8%8F/) - [ ] [Windows Defender Vulnerability Exposed as RoguePlanet PoC Spreads Online](https://thecyberexpress.com/cve-2026-50656-rogueplanet-windows-defender/) - [ ] [BTMOB, il trojan di accesso remoto per Android: come proteggersi](https://www.cybersecurity360.it/news/btmob-il-trojan-di-accesso-remoto-per-android-come-proteggersi/) - [ ] [Hosting europeo, con Ionos il primo anno è gratuito: dettagli e vantaggi](https://www.cybersecurity360.it/cultura-cyber/hosting-europeo-ionos-offerta/) - [ ] [Audit di sicurezza e NIS2: dalla conformità formale alla governance reale](https://www.cybersecurity360.it/legal/audit-di-sicurezza-e-nis2-dalla-conformita-formale-alla-governance-reale/) - [ ] [GitBait: Phishing dirigido al sector financiero mexicano](https://www.group-ib.com/blog/gitbait-phishing-mexico-banking-finance-es/) - [ ] [CFGI - 248,235 breached accounts](https://haveibeenpwned.com/Breach/CFGI) - [ ] [Leak confirms OpenAI is testing a ChatGPT for Science subscription](https://www.bleepingcomputer.com/news/artificial-intelligence/leak-confirms-openai-is-testing-a-chatgpt-for-science-subscription/) - Tails - News - [ ] [Tails 7.9](https://tails.net/news/version_7.9/) - SANS Internet Storm Center, InfoCON: green - [ ] [ISC Stormcast For Thursday, June 18th, 2026 https://isc.sans.edu/podcastdetail/9978, (Thu, Jun 18th)](https://isc.sans.edu/diary/rss/33088) - [ ] [The Behavior of Coordinated SSH Brute Force Attacks over the last three months [Guest Diary], (Wed, Jun 17th)](https://isc.sans.edu/diary/rss/33086) - ICT Security Magazine - [ ] [Sicurezza informatica in sanità: GDPR, rischio cyber e governance dei dati](https://www.ictsecuritymagazine.com/articoli/sicurezza-informatica-in-sanita/) - [ ] [eBPF: la sicurezza, e anche l’attacco, si spostano nel kernel](https://www.ictsecuritymagazine.com/cyber-security/ebpf-sicurezza/) - Have I Been Pwned latest breaches - [ ] [Ralph Lauren - 139,903 breached accounts](https://haveibeenpwned.com/Breach/RalphLauren) - [ ] [Operation Endgame 4.0 - 153,527 breached accounts](https://haveibeenpwned.com/Breach/OperationEndgame4) - [ ] [CFGI - 248,235 breached accounts](https://haveibeenpwned.com/Breach/CFGI) - Lenny Zeltser - [ ] [A Report Template for Malware Analysis](https://zeltser.com/malware-analysis-report) - 白帽子章华鹏 - [ ] [AI 不是在给安全团队提效,是在重写安全团队的价值](https://mp.weixin.qq.com/s?__biz=MzIyOTAxOTYwMw==&mid=2650239104&idx=1&sn=38bc19790f3b594b49bbd855293f5406) - Schneier on Security - [ ] [Embedding Forbidden Text in Spyware to Discourage AI Analysis](https://www.schneier.com/blog/archives/2026/06/embedding-forbidden-text-in-spyware-to-discourage-ai-analysis.html) - Trend Micro Research, News and Perspectives - [ ] [PeopleSoft PeopleTools Pre-Authentication RCE: A PSIGW SSRF Chain That Executes Inside the JVM](https://www.trendmicro.com/en_us/research/26/f/PeopleTools.html) - TorrentFreak - [ ] [Major Publishers Sue ‘WeLib’, a Pirate Site Built on Anna’s Archive Code](https://torrentfreak.com/major-publishers-sue-welib-a-pirate-site-built-on-annas-archive-code/) - Yak Project - [ ] [Yakit 新功能:Edit Binary 让上传包里的不可见字符可控了](https://mp.weixin.qq.com/s?__biz=Mzk0MTM4NzIxMQ==&mid=2247529933&idx=1&sn=a19487238bfebbae679db1afd6f2d5b7) - Security Affairs - [ ] [Tor-Based Clipper Malware Targets Wallet Seed Phrases](https://securityaffairs.com/193860/uncategorized/tor-based-clipper-malware-targets-wallet-seed-phrases.html) - [ ] [Cisco fixed a critical ISE vulnerability that lets attackers to gain root access](https://securityaffairs.com/193849/uncategorized/cisco-fixed-a-critical-ise-vulnerability-that-lets-attackers-to-gain-root-access.html) - [ ] [F5 Patches Critical NGINX Vulnerabilities Enabling Unauthenticated Code Execution](https://securityaffairs.com/193842/security/f5-patches-critical-nginx-vulnerabilities-enabling-unauthenticated-code-execution.html) - [ ] [Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development](https://securityaffairs.com/193830/security/microsoft-confirms-rogueplanet-zero-day-in-defender-patch-under-development.html) - [ ] [FortiBleed Exposes Admin Passwords for 75,000 Fortinet Firewalls](https://securityaffairs.com/193817/hacking/fortibleed-exposes-admin-passwords-for-75000-fortinet-firewalls.html) - The Hacker News - [ ] [F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution](https://thehackernews.com/2026/06/f5-patches-two-critical-nginx-open.html) - [ ] [Orphaned AI Agents: How to Find Hidden Access Risks Inside Your Network](https://thehackernews.com/2026/06/orphaned-ai-agents-how-to-find-hidden.html) - [ ] [ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories](https://thehackernews.com/2026/06/threatsday-bulletin-claude-chat-abuse.html) - [ ] [Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2](https://thehackernews.com/2026/06/microsoft-details-windows-clipper.html) - [ ] [INC Ransomware Emerges as Major RaaS Threat in 2026 with 830+ Victims Since 2023](https://thehackernews.com/2026/06/inc-ransomware-claims-830-victims-since.html) - [ ] [The Scripts on Your Checkout Page Are Now a PCI DSS Problem](https://thehackernews.com/2026/06/the-scripts-on-your-checkout-page-are.html) - [ ] [DragonForce Hackers Abuse Microsoft Teams Relays to Hide Backdoor.Turn C2 Traffic](https://thehackernews.com/2026/06/dragonforce-hackers-abuse-microsoft.html) - bellingcat - [ ] [Super-Potent Synthetic Opioids Spread Across US Amid Fentanyl Crackdown](https://www.bellingcat.com/news/2026/06/18/super-potent-synthetic-opioids-spread-across-us-amid-fentanyl-crackdown/) - www.theregister.com - Articles - [ ] [Google told researcher 'Nice catch!' Then denied bug bounty for flaw it still hasn't fixed](https://www.theregister.com/security/2026/06/18/google-told-researcher-nice-catch-then-denied-bug-bounty-for-flaw-it-still-hasnt-fixed/5258076) - [ ] [Major US carrier stored credit card info in the clear, employee learned on first day](https://www.theregister.com/security/2026/06/18/major-us-carrier-stored-credit-card-info-in-the-clear-employee-learned-on-first-day/5257932) - [ ] [Cyber offenses now account for around a third of all crime across Asia and South Pacific](https://www.theregister.com/cyber-crime/2026/06/18/cyber-offenses-now-account-for-around-a-third-of-all-crime-across-asia-and-south-pacific/5257716) - Krebs on Security - [ ] [‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm](https://krebsonsecurity.com/2026/06/popa-botnet-linked-to-publicly-traded-israeli-firm/) - Tor Project blog - [ ] [New Release: Tails 7.9](https://blog.torproject.org/new-release-tails-7_9/) - Instapaper: Unread - [ ] [Spying Via Your Mobile Phone Companies Can Locate Any Device at Any Time](https://citizenlab.ca/spying-via-your-mobile-phone-companies-can-locate-any-device-at-any-time/) - [ ] [GreatXML e BitLocker cosa sappiamo davvero sul presunto zero-day che aggira la cifratura di Windows](https://www.cybersecurity360.it/nuove-minacce/greatxml-e-bitlocker-cosa-sappiamo-davvero-sul-presunto-zero-day-che-aggira-la-cifratura-di-windows/) - [ ] [Email aziendale cosa rischia chi conserva o monitora troppo](https://www.agendadigitale.eu/sicurezza/privacy/email-aziendale-cosa-rischia-chi-conserva-o-monitora-troppo/) - [ ] [Downloading iOS 26 iCloud Backups](https://blog.elcomsoft.com/2026/06/downloading-ios-26-icloud-backups/) - [ ] [Evidence of Execution FeatureUsage Forensics](https://digitalinvestigator.blogspot.com/2026/06/evidence-of-execution-featureusage.html) - [ ] [Evidence of Execution SRUM Forensics](https://digitalinvestigator.blogspot.com/2026/06/evidence-of-execution-srum-forensics.html) - [ ] [Investigating File Knowledge In Windows](https://digitalinvestigator.blogspot.com/2026/06/investigating-file-knowledge-in-windows.html) - [ ] [SQLite Forensics How To Get More Evidence From Your Investigations](https://www.forensicfocus.com/articles/sqlite-forensics-how-to-get-more-evidence-from-your-investigations/) - [ ] [Investigating User File and Folder Activity with the Windows RecentDocs Registry Key](https://digitalinvestigator.blogspot.com/2026/06/investigating-user-file-and-folder.html) - [ ] [Explainer Disk encryption](https://eclecticlight.co/2026/06/13/explainer-disk-encryption/) - Deeplinks - [ ] [Canada Is Forging Ahead with Its Dangerous Surveillance Bill](https://www.eff.org/deeplinks/2026/06/canada-forging-ahead-its-dangerous-surveillance-bill) - [ ] [EFF Thanks SerpApi For Helping Us Protect Free Speech Online](https://www.eff.org/deeplinks/2026/06/eff-thanks-serpapi-helping-us-protect-free-speech-online) - [ ] [Call for Submissions: Digital Pride](https://www.eff.org/deeplinks/2026/06/call-submissions-digital-pride) - [ ] [A New Bill Takes Aim at Government Pressure to Silence Lawful Online Speech](https://www.eff.org/deeplinks/2026/06/new-bill-takes-aim-government-pressure-silence-lawful-online-speech) - [ ] [Court Records Should Be Free](https://www.eff.org/deeplinks/2026/06/court-records-should-be-free) - [ ] [Field Notes from a Year of OPSEC Training](https://www.eff.org/deeplinks/2026/06/field-notes-year-opsec-training) - [ ] [AI Regulation Should Be Rational, Not Retaliatory](https://www.eff.org/deeplinks/2026/06/ai-regulation-should-be-rational-not-retaliatory) - Security Weekly Podcast Network (Audio) - [ ] [GPS, PCI, ARCH, OH MY! - PSW #931](http://sites.libsyn.com/18678/gps-pci-arch-oh-my-psw-931)
每日安全资讯(2026-06-19)