today.md

每日安全资讯（2025-10-22）

• SecWiki News
  • SecWiki News 2025-10-21 Review
• 奇安信攻防社区
  • 一文带你看懂fastjson2下的反序列化调用链完整过程
• CXSECURITY Database RSS Feed - CXSecurity.com
  • Fedora Gnome Privilege Escalation
  • greenlife-Copyright©2025-Multiple-SQLi
  • Student Record System 3.20 - 'id' Parameter Time-based Blind SQL Injection
• Tenable Blog
  • Oracle October 2025 Critical Patch Update Addresses 170 CVEs
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • 重要公告：更名为“国投智能信息科技股份有限公司”
  • 巅峰将至丨第九届XCTF国际网络攻防联赛总决赛即将开启！
  • 行业唯一！360大模型安全卫士斩获IDC五星评价，稳居中国AI安全第一梯队
  • 梆梆安全发布《2025年Q3移动应用安全风险报告》，超七成应用抽检存隐私不合规，警惕APP成“隐私刺客”
  • 窃取加密货币的恶意 VSCode 插件在 OpenVSX 平台再度出现
  • 国家安全机关破获美国国家安全局重大网络攻击案
• Doonsec's feed
  • 英国魔菇贩子用假手套骗过指纹追踪，却栽在史上最大暗网扫荡行动上
  • 【人物挖掘】美国网络安全和基础设施安全局局长
  • Basic GNN Code Learning
  • 25年度网安圈最大吃瓜，过于夸张，以至于难辨内容真假。
  • 丝滑之swagger未授权到oss存储接管
  • 【高危漏洞预警】金和OA BookUpdate.aspx SQL注入漏洞
  • 【高危漏洞预警】用友NC OAUserQryServlet反序列化漏洞
  • 望月塔 - 资产侦察平台
  • “雅努斯计划”背景下，美大型科技公司在台民用核反应堆的战时军事化风险分析
  • XSS括号与分号绕过高阶思路解析
  • 中美稀土战争如何取胜?
  • 内部专用-高级lnk快捷方式新技术
  • 火锅小队WRITEUP
  • u200bu200b10秒，5000美金：如何“秒破”银行AppPIN码
  • 一名合格红队的成长之路
  • 活动 | 2025上海企业AI & 数据安全创新实践研讨会
  • 网安星播客 | 新形势下网络安全的困境与革新
  • 免费赠送 | 诸子云星球福利大放送 · 个信隐私保护报告合集
  • 熬过无人问津的日子，才有诗和远方
  • 极思|10年进化史-从道理的信徒到人心的行者
  • G.O.S.S.I.P 特别推荐 2025-10-21 海边的苹果安全会议：OBTS v8
  • 2025强网杯S9WP
  • JS逆向入门学习及靶场练习
  • 在上海想做等保一级，应该怎么做？
  • EDR对抗从入门到入狱之二: 回调机制
  • edu证书站挖掘之学员分享案例
  • 代码审计还在硬看？IAST动态扫描让甲方代码审计提效三倍！
  • 最大化收集Vue框架(SPA类型)下的js
  • “星火标识×”贯通应用案例07 | 标识助力线缆行业全链路转型升级
  • Java源码，软硬件一体交付，包含大田灌溉、作物监控、虫害识别，轻松搞定智慧农业物联网项目
  • DefenderWrite: 利用白名单程序实现任意文件写入
  • 【工具分享】AutoCMD+ 安卓自动化工具
  • 强推一个永久的攻防演练、渗透攻防知识库
  • Powered by China Original！万径安全获国家级“小巨人”称号！
  • 我中心首批获得个人信息保护合规审计服务专业机构认证
  • 聚焦国改
  • 网络安全培训圣经
  • 国家授时中心遭受攻击的背后：核心风险与防范
  • 专题·网络靶场 | 基于软件定义网络靶场构建的欺骗防御体系
  • 专家解读 | 《国家能源局关于加强用户侧涉网安全管理的通知》
  • 发布 | 中国移动发布《智慧城市低空应用人工智能安全白皮书》
  • 评论 | “授时战”拉响网络空间安全新警报
  • 专家解读 | 我国生成式人工智能用户规模实现翻一番
  • 记一次edusrc超级简单的rce挖掘
  • 数据无影 取证有痕 | 第二届“数证杯”电子数据取证分析大赛启动报名
  • 从“策略对抗”到“模型对抗”：朴智平台如何重塑金融风控新范式？
  • AWS服务大规模中断，基础设施故障影响全球企业
  • Windows SMB漏洞遭野外利用（CVE-2025-33073），可导致权限提升
  • 金融监管总局副局长肖远企谈AI与金融
  • AI快讯：DeepSeek开源新模型，华为招募全球顶尖AI人才
  • 宁波银行个人掌银AI工作台功能测试项目供应商召集
  • 南天软件、科大讯飞、泰岳数科中标价公布！长城资管AI大模型应用平台及通用智能体建设采购项目
  • 【安全圈】50万IP疯狂轰炸南美RDP服务
  • 【安全圈】AWS核心云服务陆续恢复，部分地区仍不稳定
  • 【安全圈】设计巨头Canva全球瘫痪数百万用户被迫停工
  • 【安全圈】BitLocker启用再惹争议：用户重装系统后3TB数据被锁
  • 无印良品等零售巨头被迫临时关停电商：因关键供应商遭勒索攻击
  • 美国为破案强令OpenAI交用户数据：AI提示词锁定暗网罪犯
  • 【已复现】Linux Kernel本地提权漏洞（CVE-2025-39682）
  • Gartner观点：2026年十大战略技术趋势
  • 多模态文本智能大模型前沿技术与应用论坛召开，合合信息推出多模态文本智能技术方案
  • 启信宝数据透视电影行业“冰与火”：观影人次跌23%，企业数量增25%
  • 2025年“互联网之光”博览会“网络安全主题展”报名攻略
  • PMP双十一省钱攻略！
  • DPO&CISSP只要1w元，这波优惠别家真的比不了
  • 每周论文分享-5
  • 国家授时中心遭受APT攻击背后：政企安全防护亟需体系化、全链路
  • 泄露22万余人个人信息，知名医学检测机构被罚2700万元
  • ConnectWise 修复 Automate RMM 工具中的严重漏洞
• Trustwave Blog
  • API Security: Challenges for a Secure Digital Frontier
• Recent Commits to cve:main
  • Update Tue Oct 21 11:28:14 UTC 2025
• Private Feed for M09Ic
  • github released v0.0.77 at github/spec-kit
  • joaoviictorti starred 3a1/Elysium
  • bolucat released 202510212035 at bolucat/Archive
  • github released v0.0.73 at github/spec-kit
  • killeven starred jedisct1/libsodium
  • CHYbeta starred allegro/allegro-api
  • Ridter forked Ridter/Hikari from KomiMoe/Hikari
  • Rvn0xsy starred Meckazin/ChromeKatz
  • LoRexxar starred yinkaisheng/Python-UIAutomation-for-Windows
  • DVKunion starred mrexodia/ida-pro-mcp
  • PrefectHQ released 3.4.25.dev4 at PrefectHQ/prefect
  • Ascotbe starred zorgiepoo/Bit-Slicer
  • su18 starred 0x7556/wolfshell
  • esrrhs starred deepseek-ai/DeepSeek-OCR
  • kyxiaxiang starred tandasat/HyperPlatform
  • lz520520 forked lz520520/rust-ping from aisk/rust-ping
  • Ascotbe starred 42arch/pokemon-dataset-zh
  • joaoviictorti starred ekzhang/sshx
  • Ridter starred TheWover/donut
• Armin Ronacher's Thoughts and Writings
  • Regulation Isn’t the European Trap — Resignation Is
• Microsoft Security Blog
  • The new Microsoft Security Store unites partners and innovation
• 罗朝辉（飘飘白云）
  • 3D Tiles 格式详解
• Cerbero Blog
  • AI Assistant Package (Beta)
• Horizon3.ai
  • The Quiet Attack Path
• Securelist
  • The evolving landscape of email phishing attacks: how threat actors are reusing and refining established techniques
  • PassiveNeuron: a sophisticated campaign targeting servers of high-profile organizations
• GuidePoint Security
  • CTEM is only as strong as your data: Why asset intelligence is the prerequisite
• Malwarebytes
  • Windows update breaks USB support in recovery mode
  • You can poison AI with just 250 dodgy documents
• daniel.haxx.se
  • A royal gold medal
• VMRay
  • Why Automated Threat Detection & Analysis Must Integrate with a Best-of-Breed Sandbox
• Reverse Engineering
  • How a fake AI recruiter delivers five staged malware disguised as a dream job
• Wallarm
  • AWS Outage: Lessons Learned
  • Key API Security Takeaways from the Postman 2025 State of API Report
• Inside Stormshield
  • A la rencontre des collaborateurs de Stormshield
• 奇客Solidot–传递最新科技情报
  • SpaceX 进度滞后 NASA 可能选择其它公司开发月球着陆器
  • 美国客机疑与气象气球发生碰撞
  • KDE Plasma 6.5 释出
  • 中国东南沿海同时遭遇海平面加速上升和下沉
  • 被切断大脑区域的脑电图与深度睡眠脑电图相似
  • SpaceX 发射了第 1 万颗 Starlink 卫星
  • Steam 平台一款游戏的愿望单数字越高是否销量越多？
  • 零工正在训练会取代他们的技术
  • 冰岛发现野外蚊子
• 看雪学苑
  • SDC2025 精彩议题预告 | SCPGA：自认同CoT渐进式泛化攻击
  • tt x-gorgon分析
  • SDC2025 倒计时2天！
• 绿盟科技CERT
  • 【漏洞通告】Windows Server Update Service(WSUS) 远程代码执行漏洞
• 威努特安全网络
  • 威努特应用交付系统助力政企算力中心高效安全运行
• 安全分析与研究
  • 银狐黑产组织ValleyRAT远控样本分析
• 天黑说嘿话
  • 一款巨好用挖洞辅助神器—GodEyes
• 代码卫士
  • ConnectWise 修复 Automate RMM 工具中的严重漏洞
  • 杜比解码器存在高危漏洞，可用于零点击攻击
• 天御攻防实验室
  • 美国公司是我们需要重视的下一个网络威胁
• 安全内参
  • 无印良品等零售巨头被迫临时关停电商：因关键供应商遭勒索攻击
  • 美国为破案强令OpenAI交用户数据：AI提示词锁定暗网罪犯
• 丁爸 情报分析师的工具箱
  • 【人物挖掘】美国网络安全和基础设施安全局局长
• 安全学术圈
  • 特文特大学 | HoneyKube：微服务架构 Web 蜜罐的设计与部署
• 中国信息安全
  • 专题·网络靶场 | 基于软件定义网络靶场构建的欺骗防御体系
  • 专家解读 | 《国家能源局关于加强用户侧涉网安全管理的通知》
  • 发布 | 中国移动发布《智慧城市低空应用人工智能安全白皮书》
  • 评论 | “授时战”拉响网络空间安全新警报
  • 专家解读 | 我国生成式人工智能用户规模实现翻一番
• 安全牛
  • 从概念炒作走向真实应用！《企业级AI大模型落地实战技术应用指南（2025版）》报告发布（附下载二维码）
  • AWS突发宕机事故重创全球互联网，一种常见故障竟引发巨大混乱；Gartner发布十大战略技术趋势，涉多个新兴安全领域 | 牛览
• 微步在线
  • 微步任政：全域化钓鱼威胁下，以协同治理筑牢安全防线
• 信息安全国家工程研究中心
  • 会前温馨提示｜第22届中国信息和通信安全学术会议即将召开
• 知道创宇404实验室
  • 404新书再上新：《Web漏洞分析与防范实战（卷2）》
• 虎符智库
  • 国家授时中心遭受攻击的背后：核心风险与防范
• Checkmarx
  • When the AI Lies: A New Threat Emerges for “Human-in-the-Loop” Security
• 情报分析师
  • 蒙古国新任总理被罢免了？
  • 特朗普授权CIA在委内瑞拉开展秘密行动，分析美委军事对峙与情报博弈
• 极客公园
  • 这个技能转换 Agent 平台，想帮你积累「睡后收入」｜AI 上新
  • 宇树发布 H2 仿生人形机器人；DeepSeek 开源新视觉模型；国航公布「锂电池自燃事件」赔偿标准｜极客早知道
• 数世咨询
  • 《全球数据泄露态势月度报告》（2025年9月）| 附下载地址
  • 2025年度（第九届）中国网络安全与信息产业“金智奖”评选活动即将璀璨启幕
• 安全研究GoSSIP
  • G.O.S.S.I.P 特别推荐 2025-10-21 海边的苹果安全会议：OBTS v8
• 墨菲安全
  • 墨菲安全受邀参展 SSC 大会！直播+专属展位等你来！
• Beacon Tower Lab
  • 【1021】重保演习每日情报汇总
• 嘶吼专业版
  • 窃取加密货币的恶意VSCode插件在OpenVSX平台再度出现
• 专注安管平台
  • 浅析SecOps中的AI Agent和Agentic AI，以及SOC自主化水平模型
• 迪哥讲事
  • 最大化收集Vue框架(SPA类型)下的js
• 安全419
  • 网络攻击应急三大核心要素
• 纽创信安
  • 芯片安全设计及应用技术研讨会上海站--“破局芯片安全：技术 · 标准 · 产业”
• 国家互联网应急中心CNCERT
  • 通过个人信息保护合规审计服务认证的专业机构名单（第一批）
• 网安国际
  • CCF网络与系统安全专业委员会首批执行委员名单发布
• 安全圈
  • 【安全圈】50万IP疯狂轰炸南美RDP服务
  • 【安全圈】AWS核心云服务陆续恢复，部分地区仍不稳定
  • 【安全圈】设计巨头Canva全球瘫痪数百万用户被迫停工
  • 【安全圈】BitLocker启用再惹争议：用户重装系统后3TB数据被锁
• Over Security - Cybersecurity news aggregator
  • Vidar Stealer 2.0 adds multi-threaded data theft, better evasion
  • Over 108,000 Patients Affected by Ransomware Attack on Western Orthopaedics in Early September
  • TP-Link warns of critical command injection flaw in Omada gateways
  • Cursor, Windsurf IDEs riddled with 94+ n-day Chromium vulnerabilities
  • CISA confirms hackers exploited Oracle E-Business Suite SSRF flaw
  • Synthient Stealer Log Threat Data - 182,962,095 breached accounts
  • Google finds Russian state hackers replacing burned malware with new tools
  • Hackers exploit 34 zero-days on first day of Pwn2Own Ireland
  • Microsoft: Recent Windows updates cause login issues on some PCs
  • Russia pressures Apple to make Russian search engines default on locally-sold iPhones
  • Russian hackers evolve malware pushed in "I am not a robot" captchas
  • Apple alerts exploit developer that his iPhone was targeted with government spyware
  • WhatsApp aziendale e privacy: perché serve il consenso per aggiungere dipendenti nei gruppi
  • Maximizing gateway security: Beyond the basic configuration
  • Conflitti CIO-CISO: quando il budget di sicurezza diventa ostaggio della trasformazione digitale
  • Microsoft fixes bug preventing users from opening classic Outlook
  • CISA Adds Oracle, Microsoft, Apple, Kentico Bugs to KEV Catalog
  • Oltre il rilevamento e la risposta
  • Tykit Analysis: New Phishing Kit Stealing Hundreds of Microsoft Accounts in Finance & Construction
  • Videocamere di sorveglianza: un buco nero per la security?
  • The evolving landscape of email phishing attacks: how threat actors are reusing and refining established techniques
  • Reducing abuse of Microsoft 365 Exchange Online’s Direct Send
  • Windows 11 KB5070773 emergency update fixes Windows Recovery issues
  • Fusion Fireside #13: Insights from the Frontlines of Security with Keith Gordon
  • Cyberattacchi: estorsioni e ransomware dietro la metà delle campagne malevole
  • PassiveNeuron: a sophisticated campaign targeting servers of high-profile organizations
  • La geopolitica nel report Acn di settembre: ritornano gli attacchi hacktivisti filorussi e pro-Hamas
  • L’architettura della sicurezza: senza gestione degli asset non c’è cyber security
  • Decoding UserAuthenticationMethod in Microsoft 365 audit logs: the bitfield mapping
  • bRPC-Web: A Burp Suite Extension for gRPC-Web
  • Exposing the Immediate Era Fraud in Singapore
• bellingcat
  • How a Former Political Hopeful Helps Russian Neo-Nazi Group Rusich Sell its Online Merch
• TrustedSec
  • Detecting Password-Spraying in Entra ID Using a Honeypot Account
• Securityinfo.it
  • Cyberattacchi: estorsioni e ransomware dietro la metà delle campagne malevole
• ICT Security Magazine
  • Sicurezza nelle applicazioni di analisi video: Deepfake Detection, Blockchain Authentication e Performance Gap Operativi
  • Cyber risk: dalla percezione al dato oggettivo. La sfida delle imprese italiane
• 360数字安全
  • 智能体见招拆招！钓鱼邮件“包解决的”
  • 强强联合！360携手东吴证券荣膺2025年IDC中国未来企业大奖
• XCTF联赛
  • 第九届XCTF国际网络攻防联赛总决赛｜倒计时5天！
• SANS Internet Storm Center, InfoCON: green
  • What time is it? Accuracy of pool.ntp.org., (Tue, Oct 21st)
• Have I Been Pwned latest breaches
  • Synthient Stealer Log Threat Data - 182,962,095 breached accounts
• Troy Hunt's Blog
  • Inside the Synthient Threat Data
• Graham Cluley
  • The AI Fix #73: Google Gemini is a gambling addict, and how to poison an AI
  • John Bolton charged over classified emails after Iranian hack of his AOL account
• Trend Micro Research, News and Perspectives
  • Fast, Broad, and Elusive: How Vidar Stealer 2.0 Upgrades Infostealer Capabilities
• The Register - Security
  • Restructuring risk operations: building a business-aligned cyber strategy
  • Muji's minimalist calm shattered as ransomware takes down logistics partner
  • Feds flag active exploitation of patched Windows SMB vuln
  • How malware vaccines could stop ransomware's rampage
  • Zero Trust Everywhere: a new era in cybersecurity for European organizations
  • Anti-fraud body leaks dozens of email addresses in invite mishap
• Security Affairs
  • Japanese retailer Muji halted online sales after a ransomware attack on logistics partner
  • U.S. CISA adds Oracle, Windows, Kentico, and Apple flaws to its Known Exploited Vulnerabilities catalog
  • China-Linked Salt Typhoon breaches European Telecom via Citrix exploit
• TorrentFreak
  • DISH Identifies Lemo/Kemo Pirate IPTV Operators & Sues U.S. Reseller for $27M
• Schneier on Security
  • A Cybersecurity Merit Badge
• Computer Forensics
  • GCFA Exam Ready
  • Wanting to get into digital/ computer forensics. Feel like I wasted my time getting my masters
  • How a fake AI recruiter delivers five staged malware disguised as a dream job
• Full Disclosure
  • SEC Consult SA-20251021-0 :: Multiple Vulnerabilities in EfficientLab WorkExaminer Professional (CVE-2025-10639, CVE-2025-10640, CVE-2025-10641)
  • [SYSS-2025-017]: Verbatim Store 'n' Go Secure Portable HDD (security update v1.0.0.6) - Offline brute-force attack
  • [SYSS-2025-016]: Verbatim Store 'n' Go Secure Portable SSD (security update v1.0.0.6) - Offline brute-force attack
  • [SYSS-2025-015]: Verbatim Keypad Secure (security update v1.0.0.6) - Offline brute-force attack
  • Malvuln - MISP compatible malware vulnerability intelligence feed now live
  • BSidesSF 2026 CFP still open until October 28th
  • Google Firebase hosting suspension / "malware distribution" bypass
• Information Security
  • Checkpoint for individual
  • Third-Party Risks Are the New Zero-Day: You Can’t Patch What You Don’t Control
  • 🚫 Passwordless ≠ Problem Solved: Why Identity Security Needs More Than Just Passkeys
  • Stealth BGP Hijacks with uRPF Filtering
  • ✨ Diwali just got brighter!
• Technical Information Security Content & Discussion
  • Microsoft 365 Copilot - Arbitrary Data Exfiltration Via Mermaid Diagrams
  • Stealth BGP Hijacks with uRPF Filtering
  • Casting a Net(ty) for Bugs, and Catching a Big One (CVE-2025-59419)
  • [Article] Kerberos Security: Attacks and Detection
  • CVE-2025-9133: ZYXEL Configuration Exposure via Authorization Bypass
  • CVE-2025-8078: ZYXEL Remote Code Execution via CLI Command Injection
• Instapaper: Unread
  • Amazon Aws, il caso ci dice che la dipendenza dalle grandi piattaforme è un rischio sistemico
• The Hacker News
  • Meta Rolls Out New Tools to Protect WhatsApp and Messenger Users from Scams
  • PolarEdge Targets Cisco, ASUS, QNAP, Synology Routers in Expanding Botnet Campaign
  • Securing AI to Benefit from AI
  • Google Identifies Three New Russian Malware Families Created by COLDRIVER Hackers
  • Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network
• Deeplinks
  • It’s Time to Take Back CTRL
  • Opt Out October: Daily Tips to Protect Your Privacy and Security
• Blackhat Library: Hacking techniques and research
  • CTF RECOMMENDAIOTNS ?
• Your Open Hacker Community
  • recommendation
  • What should I study?
  • DedSec Project in making.
  • URGENT HACK REQUEST: Someone stole my van that I live in. I have an old Iphone 7 in there. How do I locate/hack it when "find my" is not enabled??
  • Upgrade user account to admin account
  • help me pls
• Deep Web
  • Does anyone have a legi financial service om the darknet/tor?
  • How can I find someone using dark web whose name and cred. I’m not 100% sure about
• Security Weekly Podcast Network (Audio)
  • The Afterlife, AWS, ClickFix, Agentic AI, Robot Lumberjacks, Robocalls, Aaran Leyland - SWN #522
  • Reacting to Ransomware and Setting Secure Defaults - Rob Allen - ASW #353
• 字节跳动技术团队
  • NeurIPS 2025｜火山引擎多媒体实验室联合南开大学推出TempSamp-R1强化学习新框架，视频时序理解大模型SOTA！