[每日信息流] 2025-12-21

# 每日安全资讯（2025-12-21）

- Private Feed for M09Ic
  - [ ] [memN0ps starred AceDataCloud/Nexior](https://github.com/AceDataCloud/Nexior)
  - [ ] [bolucat released 202512201933 at bolucat/Archive](https://github.com/bolucat/Archive/releases/tag/202512201933)
  - [ ] [mgeeky starred Pinperepette/MacPersistenceChecker](https://github.com/Pinperepette/MacPersistenceChecker)
  - [ ] [mgeeky starred cailllev/Decondition-Enumerator](https://github.com/cailllev/Decondition-Enumerator)
  - [ ] [zema1 starred komimoe/Hikari](https://github.com/komimoe/Hikari)
  - [ ] [veo starred Rinzler1011/PixelStream](https://github.com/Rinzler1011/PixelStream)
  - [ ] [PrefectHQ released 3.6.8.dev1 at PrefectHQ/prefect](https://github.com/PrefectHQ/prefect/releases/tag/3.6.8.dev1)
  - [ ] [WAY29 starred zpano/Sapling](https://github.com/zpano/Sapling)
  - [ ] [pydantic released v1.37.0 at pydantic/pydantic-ai](https://github.com/pydantic/pydantic-ai/releases/tag/v1.37.0)
- Doonsec's feed
  - [ ] [13种打印安全风险，就在你身边，每天都在发生](https://mp.weixin.qq.com/s?__biz=MzI3OTkxNTE0OA==&mid=2247484730&idx=1&sn=b35e58e0e11083e072f29d235a0c5c00)
  - [ ] [直播间“开盲盒”背后：新型网络赌博揭秘](https://mp.weixin.qq.com/s?__biz=MzIxOTM2MDYwNg==&mid=2247521215&idx=1&sn=4be4c20d3df4542ec197424b1d0bd10c)
  - [ ] [“缓存欺骗第三章第四节”缓存规则中的另一个特殊规则--分隔符差异（续）](https://mp.weixin.qq.com/s?__biz=MjM5MzM0MTY4OQ==&mid=2447797551&idx=1&sn=c669f588738928e4a74285879a5dc082)
  - [ ] [主流主板新的BIOS漏洞攻陷某些游戏反作弊系统](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451184338&idx=1&sn=5fe0fd68cae5c63312da8c6f69d8dd1d)
  - [ ] [0100.WhatsApp 的一项功能让我在 Meta Bug Bounty Program 中获得了两笔 500 美元的赏金](https://mp.weixin.qq.com/s?__biz=MzA4NDQ5NTU0MA==&mid=2647691538&idx=1&sn=0f8c5fafaa9cee326bdb534a9a100c06)
  - [ ] [HackMyVm靶场之ll104567](https://mp.weixin.qq.com/s?__biz=Mzg3MjgxMzkzMg==&mid=2247486282&idx=1&sn=e0ef379e41183eeccc0b9f155b3b86ac)
  - [ ] [创建了一个网络安全交流群](https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247489800&idx=1&sn=28846bff93705cfed7e8431a669e2916)
  - [ ] [抱歉，确实没提前准备永州进决赛的稿子](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247525683&idx=1&sn=6e178a45716c4b186ad631ff91ddd4ad)
  - [ ] [致远互联V5公文事件监听：16个接口让公文流程\"活\"起来](https://mp.weixin.qq.com/s?__biz=MzkyMzY0MTk2OA==&mid=2247487157&idx=1&sn=10540b1ab4e0daddbaa8fba0bd922755)
  - [ ] [每天一个网络知识：什么是光猫？](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247532580&idx=1&sn=79b19f7f471ae94925464b569899162d)
  - [ ] [美国启动“科技力量”计划，打造AI人才培养新模式](https://mp.weixin.qq.com/s?__biz=MzUzODYyMDIzNw==&mid=2247522874&idx=1&sn=095fad57716f0823f7c379a81ff78f8f)
  - [ ] [冬至将至 | 这种“陷阱饺”可要不得](https://mp.weixin.qq.com/s?__biz=MzU0MTA3OTU5Ng==&mid=2247571278&idx=1&sn=83eb8d18c0d39008e3c44e210ec04bba)
  - [ ] [分享图片](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247497147&idx=1&sn=cc9e9c7db55c3ade9c52085950d7d819)
  - [ ] [告别SecureCRT！这些SSH工具更强大、更好用，网络工程师必备！](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649473074&idx=1&sn=3c9568db067fa3afa3e01e779646c9f7)
  - [ ] [2025年汽车行业研究报告：重塑之局 AI智驱决策新引擎](https://mp.weixin.qq.com/s?__biz=MzkyOTMwMDQ5MQ==&mid=2247522540&idx=1&sn=f977558e4f2abdaaa7602aeb56ff6a1b)
  - [ ] [信安世纪出席“人工智能+”新质生产力发展大会，共探AI时代安全新生态](https://mp.weixin.qq.com/s?__biz=MjM5NzgzMjMwNw==&mid=2650665816&idx=1&sn=8747fabb72fdb338aa760ccb66ad0e09)
  - [ ] [【大话工控安全】工业控制系统行业知识：电力行业通信安全标准IEC62351（GB/T 25320）-PART1](https://mp.weixin.qq.com/s?__biz=MzI0MzM3NTQ5MA==&mid=2247485878&idx=1&sn=ebb1a04147d37e13eae47d6d92bcf2d9)
  - [ ] [在看 | 周报：航天骨干炒股亏空向间谍泄密获刑；警方破获为无人机“黑飞”提供破解服务案件](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247649590&idx=1&sn=eb768c4ea1c1eb96aa23d24003397f39)
  - [ ] [在看 | 厂商：本周热门网络安全产业动态](https://mp.weixin.qq.com/s?__biz=MzU5ODgzNTExOQ==&mid=2247649590&idx=2&sn=f12eca05cd8c3c1b322a25e8864e6b03)
  - [ ] [【钓鱼攻防】浅谈攻防实战中的钓鱼小技巧](https://mp.weixin.qq.com/s?__biz=Mzg5NTU2NjA1Mw==&mid=2247505051&idx=1&sn=d6a0f4afaddae7753f6eed695c7d472f)
  - [ ] [前沿阵地高阶硬货版（放价优惠中）](https://mp.weixin.qq.com/s?__biz=MzA3MTM0NTQzNA==&mid=2455780533&idx=1&sn=bb0ba3d8d1a1b84f67889d4a528cb848)
  - [ ] [python自学8大免费网站！](https://mp.weixin.qq.com/s?__biz=Mzk0NTc2MTMxNQ==&mid=2247485138&idx=1&sn=f101a131a4ef42e2bb2f59b0e8e8060c)
  - [ ] [南京导航集体失灵，原因公布](https://mp.weixin.qq.com/s?__biz=MzI5NTM4OTQ5Mg==&mid=2247638400&idx=1&sn=011c1beb4efbe750949e487105544731)
  - [ ] [校企合作谱新篇 | 郑州软件职业技术学院&信安世纪协同育人成果入选全国产教融合典型案例](https://mp.weixin.qq.com/s?__biz=MzIzMzA4OTE3NQ==&mid=2652259917&idx=1&sn=bcb2dbe30b1f49191f1b63d706be3a31)
  - [ ] [推荐一款开源Web组态软件，搭建SCADA/HMI工业过程可视化，支持OPC UA、Modbus、BACnet工业协议](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454943546&idx=1&sn=5d2606eceebb05a3fd6e1809464d33ac)
  - [ ] [[AI安全论文] (46)大佬团队探索 IDS-Agent: 一种用于物联网可解释入侵检测的大模型Agent](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247502307&idx=1&sn=14bbf074e2b5960e7164a53db463f5ca)
  - [ ] [LinkedIn如何构建支撑万级仓库的现代化SAST流水线](https://mp.weixin.qq.com/s?__biz=MzkzMTY0MDgzNg==&mid=2247485235&idx=1&sn=c4dee56d0b257028a55f3d1a59678159)
  - [ ] [Microsoft DNN NTLM暴露(CVE-2025-52488)](https://mp.weixin.qq.com/s?__biz=MzkzMTcwMTg1Mg==&mid=2247493604&idx=1&sn=61a2e89683248aa440ff4654ac54a497)
  - [ ] [3家企业中标吉林银行AI技术开发服务项目，工程师报价最高4.2万/人月](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653933255&idx=1&sn=e88e011922158333a4f1c411be7626f1)
  - [ ] [交通银行无锡分行“AI财务智能平台”合作项目](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653933255&idx=2&sn=7a349cb803be58bebf3ed7866a79b3c2)
  - [ ] [世纪东凌中，艾特思、全鑫达候选！中信证券统一源代码审计平台AI研判能力开发服务及代码审计策略优化驻场服务采购项目](https://mp.weixin.qq.com/s?__biz=MzIxMDIwODM2MA==&mid=2653933255&idx=3&sn=92380f3cc2089c9cdaa392442fa06f61)
  - [ ] [CyberStrikeAI 知识库功能上线：安全专家随时在身边](https://mp.weixin.qq.com/s?__biz=Mzg5MjcxMDA4OQ==&mid=2247483824&idx=1&sn=9df4e1dd0a53e41876262ad5f45cbd79)
  - [ ] [AI 大模型平台安全风险评估合集](https://mp.weixin.qq.com/s?__biz=MzkxMDE5NTIyMA==&mid=2247485365&idx=1&sn=7f4b2a6987aa188d629e111810cf418b)
  - [ ] [【AI安全】细思极恐！大模型推理陷阱 = 定时炸弹？](https://mp.weixin.qq.com/s?__biz=MzkxNzU2NDgxNQ==&mid=2247484365&idx=1&sn=83a73ad6a34834a33407507d4f43a9c5)
  - [ ] [2026年我国网络安全发展形势展望](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655295627&idx=1&sn=830411c64e62f5c85e706cabec5abc27)
  - [ ] [国家发展改革委、市场监管总局、国家网信办印发《互联网平台价格行为规则》](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649175356&idx=1&sn=b65ddea4a7555e21b1300e1b586c1cbe)
  - [ ] [数字政府统一基础运维框架（附15份数字政府文档）](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655295627&idx=2&sn=b5908ed86d1ab74172e89a3fa06571f4)
  - [ ] [数字化绿色化协同转型发展报告（2025）](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649175356&idx=2&sn=e2628ddf83bd7cef550546df7670ae32)
  - [ ] [揭秘！Gemini 越狱提示词的终极写法](https://mp.weixin.qq.com/s?__biz=MzkxNzU2NDgxNQ==&mid=2247484358&idx=1&sn=32ea7da96e4863177aa7e5509b43e3b7)
  - [ ] [强网杯2025-PolyEncryption之Vibe Reing的胜利](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458605813&idx=1&sn=5aaf757d9e44be5001110e1c73d1525b)
  - [ ] [30小时教你进阶CTF-密码学：顶尖硕博战队亲授，从古典密码到RSA攻击](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458605813&idx=2&sn=1544b92906faa55850d3f74922c5c4a0)
  - [ ] [攻击者利用PuTTY工具实现横向渗透与数据窃取双重目的](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651332621&idx=1&sn=9fdb586fc9fec395e96e49adaf799b06)
  - [ ] [Linux内核首个Rust漏洞CVE-2025-68260曝光](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651332621&idx=2&sn=c887e63995c76837b3cd9b9c5b5718d2)
  - [ ] [FreeBuf周报 | 2025年Chrome浏览器八大0Day漏洞；攻击者利用React2Shell漏洞部署Linux后门](https://mp.weixin.qq.com/s?__biz=MjM5NjA0NjgyMA==&mid=2651332621&idx=3&sn=6aff928a66bcd027a52142ceedc0bd25)
  - [ ] [一周回顾：关基设施深陷地缘对抗泥潭，AI隐私窃密揭露新型威胁](https://mp.weixin.qq.com/s?__biz=MzU0NDk0NTAwMw==&mid=2247630260&idx=1&sn=8258178eb95ff5d09e4092546e04c462)
  - [ ] [Solr任意文件读取-快速图形化利用工具](https://mp.weixin.qq.com/s?__biz=MzUzNDczNjQ2OQ==&mid=2247486022&idx=1&sn=2cdf31e0761c90588adf8425e251169a)
  - [ ] [Autosar存储-Fee](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247564745&idx=1&sn=3ba479c51bfd5743bb3519b49c4e29d0)
  - [ ] [什么是光通信？](https://mp.weixin.qq.com/s?__biz=MzIzOTc2OTAxMg==&mid=2247564745&idx=2&sn=ec164e3deffb332f324182caff17fcbf)
  - [ ] [市护没拿下的sql注入后续](https://mp.weixin.qq.com/s?__biz=MzAxODg2MDU0MA==&mid=2247483898&idx=1&sn=e14676a7a6293a12f5ea40b955f2f462)
  - [ ] [SQL特殊位置注入：order注入和limit注入](https://mp.weixin.qq.com/s?__biz=MzAxODg2MDU0MA==&mid=2247483898&idx=2&sn=9391b376c8500ef75a65e78bd20ce091)
  - [ ] [SQL注入-其他位置注入(一)](https://mp.weixin.qq.com/s?__biz=MzAxODg2MDU0MA==&mid=2247483898&idx=3&sn=efeaae514da5411fc27a46889f66c124)
  - [ ] [SQL注入-其他位置注入(二)](https://mp.weixin.qq.com/s?__biz=MzAxODg2MDU0MA==&mid=2247483898&idx=4&sn=0091155c2286e703257a1d30b832c6f4)
  - [ ] [面对监管压力，您选择持续应对，还是主动破局？](https://mp.weixin.qq.com/s?__biz=MzkzNjIzMjM5Ng==&mid=2247493504&idx=1&sn=682db5e2c4d325c3bad8b885e120e36c)
  - [ ] [告别“折扣原油”——新德里为何在俄罗斯石油问题上转向？](https://mp.weixin.qq.com/s?__biz=MzI1OTExNDY1NQ==&mid=2651622315&idx=1&sn=856484888a1912bb57e0f00b17e2d747)
  - [ ] [新课制作](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247508762&idx=1&sn=b53f6ab4fea3f0758dd6ebda299db961)
  - [ ] [漏洞复现|铜哨云用户中心/Fileopt.ashx存在文件上传漏洞](https://mp.weixin.qq.com/s?__biz=MzIzOTM2MzczNQ==&mid=2247485339&idx=1&sn=0122ace110f8c7e402ecc0f9dd9d892d)
  - [ ] [某盲盒交友平台前台SQL注入流程](https://mp.weixin.qq.com/s?__biz=MzkyMjM5NDM3NQ==&mid=2247487189&idx=1&sn=5176991705949bfe46c9266a17eb7648)
  - [ ] [从边缘系统获取身份信息](https://mp.weixin.qq.com/s?__biz=Mzk2NDcwNjU2MQ==&mid=2247484020&idx=1&sn=9c45ea68f8683dcc0115748fc6cfcd51)
  - [ ] [某企业src弱口令案例](https://mp.weixin.qq.com/s?__biz=Mzk1NzgzMjkxOQ==&mid=2247486361&idx=1&sn=dfb325c67dfbbfb2dc982240d1e4aae0)
  - [ ] [通知 | 三部门印发《互联网平台价格行为规则》（附全文）](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664255874&idx=1&sn=403985099c8568dcd108b98000f700f1)
  - [ ] [发布 | 《数字化绿色化协同转型发展报告（2025）》全文](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664255874&idx=2&sn=92d1d79ed0e4903f3d1048b0d81f2dfa)
  - [ ] [一图速览 | 《数字化绿色化协同转型发展报告（2025）》](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664255874&idx=3&sn=929622e0fa3476301179561d3348cf0b)
  - [ ] [关注 | 国家市场监督管理总局公布五起民生领域私域直播虚假宣传典型案例](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664255874&idx=4&sn=c5470e434e3df23b5e1f4ec3d6498442)
  - [ ] [应急分析溯源日志工具-功能强大的Web日志安全分析工具](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247576147&idx=1&sn=9b67e0df746e6bf30fb6432048680895)
  - [ ] [绿盟《安全知识图谱技术白皮书》.PDF](https://mp.weixin.qq.com/s?__biz=MzkxMzMyNzMyMA==&mid=2247576147&idx=2&sn=8a9dd5c5b9878f95191363c74988bab1)
  - [ ] [暗网Omertà Market上线仅两周，即因真实服务器IP泄露被迫关停](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247525677&idx=1&sn=ad59d75b8f4cb43b599826be8cc558f2)
  - [ ] [26考研开考！计算机专业读研三年VS工作三年，人生路径有何不同？](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247546441&idx=1&sn=2689fc5ecf74fa5661b4e60b9178f9fb)
  - [ ] [腾讯-微信事业群AI搜索薪资开奖](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247546441&idx=2&sn=9268c21011a1d00f50ec8312fb9b83b4)
  - [ ] [NXP: 共同防护未来安全](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247629552&idx=1&sn=550e5c4850576a4ef8b61b0ed0546fc3)
  - [ ] [智能网联汽车功能安全开发实战培训课程（基于ISO 26262:2025）](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247629552&idx=2&sn=ccec3b091f63726ed90e776e1cf98eed)
  - [ ] [自动驾驶系统模糊测试技术综述](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247629552&idx=3&sn=58709f8bbc7a59b6a7115d712bb3033e)
  - [ ] [中美卫星轨道“狗斗”：太空军事化新时代的隐秘战场](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247504887&idx=1&sn=9cb98b9238de8201df5848579333d8be)
  - [ ] [记录某系统实战内网K8S渗透](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247553584&idx=1&sn=71eb816ec2676f9401fa78a94f5211fc)
  - [ ] [linux环境下运行windows应用程序的免费方案](https://mp.weixin.qq.com/s?__biz=MzU3MDEwMjk2MQ==&mid=2247485436&idx=1&sn=4c197007cf7f0f59f41ad3d8eabf5042)
  - [ ] [美国司法部放出爱泼斯坦文件](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247504870&idx=1&sn=ccd12c56e96e4874857afc3a590e83fb)
  - [ ] [HTTPS证书工具实测1年！Certd vs httpsok核心差异大揭秘：平台上传vs脚本下载该怎么选？](https://mp.weixin.qq.com/s?__biz=MzAxMDM2OTg4NA==&mid=2247484686&idx=1&sn=e7c13a313a682090cec625fa199a5306)
  - [ ] [自学网安的九本神书，看完offer到手一半](https://mp.weixin.qq.com/s?__biz=Mzk0MzcyNjMyNg==&mid=2247488534&idx=1&sn=05e3825c53f51bb10b8a72e1ed13a38d)
  - [ ] [SAMDump 卷影复制dump hash绕过所有杀软](https://mp.weixin.qq.com/s?__biz=MzkxNjU2NjM4NA==&mid=2247483893&idx=1&sn=dd040a13011c68d8c2014067a84dd3a2)
  - [ ] [聊一聊《数据安全风险评估办法》征求意见稿](https://mp.weixin.qq.com/s?__biz=MzA5MTYyMDQ0OQ==&mid=2247494190&idx=1&sn=a82ea668b8c2163128970a42353c9871)
  - [ ] [【JAVA安全研究】鉴权绕过 %0a%0d 的 \"隐形陷阱\" Spring与Shrio中 Matcher的鉴权绕过 CVE-..](https://mp.weixin.qq.com/s?__biz=Mzk3NTE3MjU4Mg==&mid=2247484478&idx=1&sn=2c480dbb6cebd6b8326f1149655ca66a)
  - [ ] [【JAVA安全研究】鉴权绕过 shiro CVE-2010-3863 漏洞研究](https://mp.weixin.qq.com/s?__biz=Mzk3NTE3MjU4Mg==&mid=2247484478&idx=2&sn=d16a929844c24b43b5f82fd57c6dafaa)
  - [ ] [【JAVA安全研究】鉴权绕过 Spring中间件双重编码%25%32%66 绕过 CVE-2020-11989](https://mp.weixin.qq.com/s?__biz=Mzk3NTE3MjU4Mg==&mid=2247484478&idx=4&sn=45f69090997fd5ec2f11945e97c4b9ac)
  - [ ] [刘某某在护士办公室内偷拍并上传网络被公安机关抓获](https://mp.weixin.qq.com/s?__biz=MzU0MTA3OTU5Ng==&mid=2247571268&idx=1&sn=f0e9963e1e95b92341178857859bfdd0)
  - [ ] [行业资讯：国盾量子推举董事 应勇 先生暂代履行董事长](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247498886&idx=1&sn=dedab2349005fa676fc20ea2e0513d1e)
  - [ ] [行业资讯： 字节跳动加大人才投入放大招，2025年奖金投入提升35%](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247498886&idx=2&sn=c74187907e2fcad4f8cf1ad2c7504f23)
  - [ ] [行业资讯：格尔软件 终止收购 微品致远](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247498886&idx=3&sn=f0efb36cc371b3fa66359b63f681dd34)
  - [ ] [行业资讯：安恒信息 关于2025年第二期限制性股票激励计划(草案修订稿)及相关文件的修订说明](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247498886&idx=4&sn=a11510e5f85f020c7ff9efd87907cef4)
  - [ ] [行业资讯：格尔软件 叶枫减持390,000股，范峰减持112,600股，掌晓愚减持390,000股89,300股](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247498886&idx=5&sn=e8cf095ce59cbc4ef7cf5c7cb39d0c0b)
  - [ ] [【靶场470】某靶场平台竟惨遭攻击](https://mp.weixin.qq.com/s?__biz=Mzg4MDg5NzAxMQ==&mid=2247486960&idx=1&sn=642b89af5c930186415892ff04f5d86d)
  - [ ] [袁某在外滩直播影响游客，遭劝阻后煽动观众“人肉”保安，被行拘！](https://mp.weixin.qq.com/s?__biz=MzU0MTA3OTU5Ng==&mid=2247571263&idx=1&sn=ad07f5c5ac064a336e29e67683105a66)
  - [ ] [【安全预警】东胜物流软件 WmsZXFeeGridSource SQL注入](https://mp.weixin.qq.com/s?__biz=Mzk0ODYwNjI1NA==&mid=2247484171&idx=1&sn=733db8597cdc3a7ed74c6347496282ca)
  - [ ] [Google Authenticator Desktop](https://mp.weixin.qq.com/s?__biz=MzI3MzU5OTY0MQ==&mid=2247484669&idx=1&sn=bf533e3959f7390ac1dd514ce7de9e43)
  - [ ] [工业网络安全周报-2025年第48期](https://mp.weixin.qq.com/s?__biz=MzU3ODQ4NjA3Mg==&mid=2247567814&idx=1&sn=af2ac9c0bead796a742365e953c5fea1)
  - [ ] [俄罗斯APT组织Calisto玩起“钓鱼连续剧”！给无国界记者发空邮件，逼你主动要毒附件](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247487558&idx=1&sn=bc33a3eb532722acecbf5767d017dfd0)
  - [ ] [【漏洞脚本】WPS文档中心 多人实时协作的在线Office operate 未授权访问至远程代码执行](https://mp.weixin.qq.com/s?__biz=MzI4MjkxNzY1NQ==&mid=2247487504&idx=1&sn=eff6d3a74615e9eae681887280304ed8)
  - [ ] [记一次未授权访问到接管后台通杀漏洞](https://mp.weixin.qq.com/s?__biz=MzYyMzg3NDQ1Mw==&mid=2247486997&idx=1&sn=c3ea5a85ef34536fe746e51f3d593969)
  - [ ] [2025年物流无人车多场景应用分析报告](https://mp.weixin.qq.com/s?__biz=MzkyOTMwMDQ5MQ==&mid=2247522533&idx=1&sn=689fc747d79fc27bd183102d928fd939)
  - [ ] [永别了，deepseek！！！](https://mp.weixin.qq.com/s?__biz=MzU3MjU4MjM3MQ==&mid=2247491167&idx=1&sn=e5bade774f9c873953ebf92ffa0d6525)
  - [ ] [实用攻击面管理系统设计指南](https://mp.weixin.qq.com/s?__biz=MzI1MDA1MjcxMw==&mid=2649908793&idx=1&sn=eec5aca94507a6d0180e4203cfa2c042)
  - [ ] [原创 Paper | QEMU v10 适配 AFL：架构变更与 MIPS 延迟槽 Bug 分析](https://mp.weixin.qq.com/s?__biz=MzAwMDQwNTE5MA==&mid=2650247923&idx=1&sn=d70d4ed43b9db87611d922bed7e1eb37)
  - [ ] [推荐15款常见的C2框架](https://mp.weixin.qq.com/s?__biz=MzkzNTgzOTg4Mg==&mid=2247487145&idx=1&sn=80f4591dae8c0c714f5a6574a6268f36)
  - [ ] [免杀入门教程及新手常见问题解答](https://mp.weixin.qq.com/s?__biz=MzkzNTgzOTg4Mg==&mid=2247487145&idx=2&sn=9f13eaf78bb337f3549d38ab6b33cf89)
  - [ ] [攻防技战术动态一周更新 - 20251215](https://mp.weixin.qq.com/s?__biz=MzkzODc4NjE1OQ==&mid=2247484147&idx=1&sn=634ce02138616aed5859c88d4e9333e7)
  - [ ] [非典型SSRF漏洞详解](https://mp.weixin.qq.com/s?__biz=Mzg4NzgyODEzNQ==&mid=2247490130&idx=1&sn=5d7e0895711954457e9af592fe0d8b4b)
  - [ ] [CTF Pwn模块拆解（第10期·基础篇）：2025新手必学，3大核心技能搞定60%基础题](https://mp.weixin.qq.com/s?__biz=MzkzNzk5MjEyNg==&mid=2247487384&idx=1&sn=0cd7bada35bdb20f475410547498be01)
  - [ ] [安天AVL SDK反病毒引擎升级通告（20251220）](https://mp.weixin.qq.com/s?__biz=MjM5MTA3Nzk4MQ==&mid=2650213340&idx=1&sn=a63ed389cc2d00f3581d3e3ed32e750a)
  - [ ] [中科院权威发布：《2025研究前沿》——11大领域128个前沿趋势](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247535527&idx=1&sn=4f62828cb0e6434bdd3808d6db2d8d36)
  - [ ] [任正非最新讲话！1.4万字全文，信息量很大](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247535527&idx=2&sn=7ac999e64f52409352a7c4441aabd0bb)
  - [ ] [【一周安全资讯1220】《数据安全技术 公共数据开放安全要求》等6项国家标准公开征求意见；美国政府网站遭SEO污染攻击](https://mp.weixin.qq.com/s?__biz=MzIzMDQwMjg5NA==&mid=2247508569&idx=1&sn=3fe5484805cdd7859625ffc5686dfd45)
  - [ ] [DC-5900云取证工作站重构数证杯服务器网站](https://mp.weixin.qq.com/s?__biz=Mzg4MTcyMTc5Nw==&mid=2247490138&idx=1&sn=db79028d0b269954115237af4f750813)
  - [ ] [原创 | 如何让黑灰产“看不上”你的业务？](https://mp.weixin.qq.com/s?__biz=MzU2NDY2OTU4Nw==&mid=2247525671&idx=1&sn=0f2d728f77862c508cf7e712a5d35f63)
  - [ ] [最新Nessus2025.12.8版本主机漏洞扫描/探测工具Windows/Linux下载](https://mp.weixin.qq.com/s?__biz=MzI5NTQ5MTAzMA==&mid=2247485847&idx=1&sn=6ef507eb9b153ac69e514c65f72f5e6c)
- SecWiki News
  - [ ] [SecWiki News 2025-12-20 Review](http://www.sec-wiki.com/?2025-12-20)
- ArthurChiao's Blog
  - [ ] [[译][论文] P5 paper | 用语言模型做推荐：一种统一的预训练、个性化提示和预测范式（2022）](https://arthurchiao.github.io/blog/p5-paper-zh/)
- Recent Commits to cve:main
  - [ ] [Update Sat Dec 20 11:19:57 UTC 2025](https://github.com/trickest/cve/commit/f686abea459b757232eecdb26e8af95dc6f673ad)
- Didier Stevens
  - [ ] [Using a USB-C Trigger Cable To Power An FM Radio](https://blog.didierstevens.com/2025/12/20/using-a-usb-c-trigger-cable-to-power-an-fm-radio/)
- CCC Event Blog
  - [ ] [39C3: Congress Everywhere](https://events.ccc.de/2025/12/20/39c3-everywhere/)
- 黑海洋Wiki | Web开发工具包 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台
  - [ ] [冬瓜TV MAX：开源私有流媒体聚合平台，TMDb 智能刮削打造你的私人 Netflix](https://blog.upx8.com/4925)
- 奇客Solidot–传递最新科技情报
  - [ ] [Google 计划对通过外部内容链接成功完成的交易和下载收取 2-4 美元的服务费](https://www.solidot.org/story?sid=83110)
  - [ ] [2025 年可能是电视亮度之战的转折点](https://www.solidot.org/story?sid=83109)
  - [ ] [大部分停放域名会重定向到恶意内容](https://www.solidot.org/story?sid=83108)
- 安全分析与研究
  - [ ] [Donot(肚脑虫) APT组织攻击活动分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247494897&idx=1&sn=5d70506b8c6ae8fab1429afbd176e5b9)
- 黑鸟
  - [ ] [主流主板新的BIOS漏洞攻陷某些游戏反作弊系统](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451184338&idx=1&sn=5fe0fd68cae5c63312da8c6f69d8dd1d)
- 天黑说嘿话
  - [ ] [最新Nessus2025.12.8版本主机漏洞扫描/探测工具Windows/Linux下载](https://mp.weixin.qq.com/s?__biz=MzI5NTQ5MTAzMA==&mid=2247485847&idx=1&sn=6ef507eb9b153ac69e514c65f72f5e6c)
- 极客公园
  - [ ] [每天只学 2 小时，成绩却排全美前 1%？AI 正在重新定义「好学校」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653095109&idx=1&sn=add1c9e82a178f8b665db87c99b4b6af)
  - [ ] [传字节跳动今年利润将破 500 亿美元；Faker 回应马斯克英雄联盟AI挑战；《阿凡达 3》豆瓣开分系列最低 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653095168&idx=1&sn=e101053c119000d771e5a55235d72269)
- 先进攻防
  - [ ] [实用攻击面管理系统设计指南](https://mp.weixin.qq.com/s?__biz=MzI1MDA1MjcxMw==&mid=2649908793&idx=1&sn=eec5aca94507a6d0180e4203cfa2c042)
- 安全圈
  - [ ] [【安全圈】南京导航全崩，真相曝光！](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652073304&idx=1&sn=28d2a548889d6be66ceabac0c2832c0a)
  - [ ] [【安全圈】拳头游戏发现主板致命漏洞，多家厂商紧急修复](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652073304&idx=2&sn=b1c32749fab00f883b96ae2d3966a433)
  - [ ] [【安全圈】YouTube突发全球宕机](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652073304&idx=3&sn=958b7f3472c4e7a87c82d00aa58c868b)
- 情报分析师
  - [ ] [特定目标画像实战，情报分析师如何挖掘人物与企业背景](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650564491&idx=1&sn=d0f83958fa053619b8042a3809aea012)
- 看雪学苑
  - [ ] [强网杯2025-PolyEncryption之Vibe Reing的胜利](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458605813&idx=1&sn=5aaf757d9e44be5001110e1c73d1525b)
  - [ ] [30小时教你进阶CTF-密码学：顶尖硕博战队亲授，从古典密码到RSA攻击](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458605813&idx=2&sn=1544b92906faa55850d3f74922c5c4a0)
- 娜璋AI安全之家
  - [ ] [[AI安全论文] (46)大佬团队探索 IDS-Agent: 一种用于物联网可解释入侵检测的大模型Agent](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247502307&idx=1&sn=14bbf074e2b5960e7164a53db463f5ca)
- Over Security - Cybersecurity news aggregator
  - [ ] [RansomHouse upgrades encryption with multi-layered data processing](https://www.bleepingcomputer.com/news/security/ransomhouse-upgrades-encryption-with-multi-layered-data-processing/)
  - [ ] [ANNOUNCE: Survey about legal and criminal threats experienced by journalists and security researchers](https://www.suspectfile.com/announce-survey-about-legal-and-criminal-threats-experienced-by-journalists-and-security-researchers/)
- 迪哥讲事
  - [ ] [SRC中自动化查找目录遍历获取赏金](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247498821&idx=1&sn=44eb0ffb9c56d4b3cc0e5148ed996597)
- Instapaper: Unread
  - [ ] [Sicurezza informatica in Italia perché il 10% degli incidenti globali avviene nel nostro Paese](https://www.cybersecurity360.it/cybersecurity-nazionale/sicurezza-informatica-in-italia-perche-il-10-degli-incidenti-globali-avviene-nel-nostro-paese/)
  - [ ] [Attacchi informatici in crescita del 36% cosa racconta il nuovo Rapporto Clusit 2025](https://www.cybersecurity360.it/nuove-minacce/attacchi-informatici-in-crescita-del-36-cosa-racconta-il-nuovo-rapporto-clusit-2025/)
  - [ ] [QR malevoli, chiavette “trovate” e Wi-Fi gratis rischi cyber quotidiani](https://www.agendadigitale.eu/sicurezza/qr-malevoli-chiavette-trovate-e-wi-fi-gratis-lattacco-e-nel-quotidiano/)
  - [ ] [Perimetro cibernetico dell'Italia, chi difende davvero i confini cyber nazionali](https://www.wired.it/article/perimetro-cibernetico-italia-difesa-crosetto-guerini/)
  - [ ] [Your DFIR Tool Can’t Tell You Who Did It. FACT Tells You When You’re Allowed To.](https://brettshavers.com/brett-s-blog/entry/your-df-ir-tool-cant-tell-you-who-did-it-fact-tells-you-when-youre-allowed-to)
  - [ ] [France arrests Latvian for installing malware on Italian ferry](https://www.bleepingcomputer.com/news/security/france-arrests-latvian-for-installing-malware-on-italian-ferry/)
  - [ ] [Violence-as-a-Service, come i gruppi criminali esternalizzano i reati ai minorenni e il contrasto della Task Froce GRIMM dell’EUROPOL](https://www.cybersecitalia.it/violence-as-a-service-come-i-gruppi-criminali-esternalizzano-i-reati-ai-minorenni-e-il-contrasto-della-task-froce-grimm-delleuropol/57033/)
  - [ ] [Come estrarre i dati da una copia forense XRY per elaborarli con altri software di analisi](https://andrealazzarotto.com/2025/12/19/come-estrarre-i-dati-da-una-copia-forense-xry-per-elaborarli-con-altri-software-di-analisi/)
- Troy Hunt's Blog
  - [ ] [Weekly Update 483](https://www.troyhunt.com/weekly-update-483/)
- The Hacker News
  - [ ] [U.S. DOJ Charges 54 in ATM Jackpotting Scheme Using Ploutus Malware](https://thehackernews.com/2025/12/us-doj-charges-54-in-atm-jackpotting.html)
- TorrentFreak
  - [ ] [A DMCA “Bot War”: Google Search Processed 5 Billion Takedown Requests in 2025](https://torrentfreak.com/a-dmca-bot-war-google-search-processed-5-billion-takedown-requests-in-2025/)
- Security Affairs
  - [ ] [ATM Jackpotting ring busted: 54 indicted by DoJ](https://securityaffairs.com/185908/cyber-crime/atm-jackpotting-ring-busted-54-indicted-by-doj.html)
  - [ ] [U.S. CISA adds a flaw in WatchGuard Fireware OS to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/185896/hacking/u-s-cisa-adds-a-flaw-in-watchguard-fireware-os-to-its-known-exploited-vulnerabilities-catalog.html)
  - [ ] [Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says](https://securityaffairs.com/185885/hacking/russia-was-behind-a-destructive-cyber-attack-on-a-water-utility-in-2024-denmark-says.html)
- Dark Space Blogspot
  - [ ] [I Troll Più Famosi Della Storia: Usenet, Forum, Blog](http://darkwhite666.blogspot.com/2025/12/i-troll-piu-famosi-della-storia-usenet.html)
- 网安寻路人
  - [ ] [CPTPP 数字贸易现代化改革：对 PECC《现代化数字贸易》 报告的综述](https://mp.weixin.qq.com/s?__biz=MzIxODM0NDU4MQ==&mid=2247508047&idx=1&sn=bdf4de65adaedbdd0118dbc628f79a29)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[每日信息流] 2025-12-21 #1089

每日安全资讯（2025-12-21）

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[每日信息流] 2025-12-21 #1089

Description

每日安全资讯（2025-12-21）

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions