[每日信息流] 2025-12-24 #1092
Description
每日安全资讯(2025-12-24)
- SecWiki News
- Recent Commits to cve:main
- Doonsec's feed
- 短剧影视小程序平台juhecurl接口存在任意文件读取漏洞 附POC
- 俄新型反卫星武器研发引关注,全球反太空力量评估报告聚焦太空威慑博弈
- 三年之约已到
- 技术深析快手安全事件:为何大量违规直播“关不掉”?
- 【资料】美军打算从俄乌战争中汲取哪些经验教训?
- 某证书站绕过思路
- 斯坦福:《超越DeepSeek:中国多元化的开放权重AI生态系统及其政策影响》
- 快手事件时间线
- 【第五空间简史】第13节 第一个CERT的成立
- 【第五空间简史】第14节 第一个CERT的成立
- 【已复现】| 帆软export/excel sql注入
- 【周年纪念】极核安全二周年总结!
- 中原证券AI大模型投顾助手公开招标
- 重磅 | CertiK《2025 Skynet Hack3D Web3安全报告》(附报告全文链接)
- TA2101假冒政府向德国、意大利和美国进行网络攻击活动样本分析
- XXL-JOB的SSRF漏洞详细分析记录
- 【AI安全】炸穿热搜!快手直播涉黄40 分钟失守
- 每日课程更新
- AI-Vanguard:智能自动化安全测试平台
- “魔法”打败“魔法”!“快手事件”警示:全行业亟需升级AI防御
- 王小洪在全国公安科技工作会议上强调:深入实施科技兴警战略,全面提升公安机关新质战斗力
- 【AI安全】GPT-4也守不住了?这个“暴风雨”算法让AI防御秒变筛子!
- 一文搞懂前端加密和js逆向
- 颠覆认知!AWS Security Agent 全生命周期深度解读
- 某视频平台网络安全事件记
- 三未信安与上海CA签署战略合作协议丨共筑数字信任底座,共赢商用密码未来!
- 【2025 SCUCTF网络安全新生赛】战果出炉!新星闪耀,安全未来由你守护!
- 免费工具手撕2025平航杯,服务器取证,全部题目解说
- 人工报告
- 【大话工控安全】工业控制系统行业知识:电力行业通信安全标准IEC62351(GB/T 25320)-PART3数字认证证书系统
- AI 安全治理,正在悄悄拉开企业之间的差距
- 让rust帮你制作ms16-135洞洞
- 业务防御的“下半场”:前置防御是破解“蝗虫式攻击”的必然选择
- 当你的 AI 助手开始"阳奉阴违":一场你看不见的安全危机 —— 解读《AI Agent安全:架构、攻击面和防御》
- 快手1222大规模直播涉黄事件
- 又双叒叕平薪来初创公司了,Title 是安全运营专家...
- javaweb笔记2
- 【协会专享】学技术、探场景、促落地——数据要素产业应用加速营来了!
- 【工具分享】一款音频|视频转文字工具,免安装 单机版
- 【安全预警】泛微OA E-Cology WorkflowCenterTreeData SQL注入
- 专题·漏洞生态 | 推动漏洞治理从单点防御向生态协同演进
- 前沿 | 人工智能在电信行业安全应用的价值发挥——基于人工智能技术的数据分类分级及其应用实践分析
- 专家解读 | 申卫星:以数据可信销毁实现责任闭环、流转信任与产业创新——解读《基于数据销毁车间的公共数据流通安全技术应用案例》
- 观点 | 筑牢网络安全的法治防线
- 评论 | 别让公共Wi-Fi成为窃取数据的“盛宴”
- 继快手后 抖某可能要出事
- Private Feed for M09Ic
- mgeeky starred professor-moody/ludus_scorch
- bolucat released 202512231939 at bolucat/Archive
- kpcyrd contributed to kpcyrd/cargo-debstatus
- Ridter starred repplus/rep
- CHYbeta starred ARCANGEL0/EVA
- Mr-xn contributed to wgpsec/fofa_viewer
- goplus released v0.11.8 at goplus/llgo
- safedv starred klezVirus/ThreadPoolExecChain
- Ridter starred klezVirus/Moonwalk--
- huoji120 starred kokke/tiny-AES-c
- PrefectHQ released 3.6.8.dev2 at PrefectHQ/prefect
- gh0stkey starred sensepost/pipetap
- veo starred asaurusrex/Silent_Chrome
- esrrhs starred DayuanJiang/next-ai-draw-io
- zema1 starred xaitax/Chrome-App-Bound-Encryption-Decryption
- Rvn0xsy forked Rvn0xsy/arachne from MythicAgents/arachne
- FunnyWolf starred anthropics/skills
- WAY29 starred byJoey/cfnew
- pydantic released v1.38.0 at pydantic/pydantic-ai
- 安全客-有思想的安全新媒体
- Tenable Blog
- 奇安信攻防社区
- Armin Ronacher's Thoughts and Writings
- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
- 美团技术团队
- LevelBlue Blog
- obaby@mars
- CCC Event Blog
- Securelist
- Malware-Traffic-Analysis.net - Blog Entries
- Malwarebytes
- daniel.haxx.se
- Wallarm
- Checkmarx
- 奇客Solidot–传递最新科技情报
- 黑海洋Wiki | Web开发工具包 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台
- HackerNews
- 安全分析与研究
- 黑鸟
- 代码卫士
- 天黑说嘿话
- 安全内参
- 天御攻防实验室
- 先进攻防
- 奇安信 CERT
- 威胁棱镜
- 安全圈
- ChaMd5安全团队
- 中国信息安全
- 嘶吼专业版
- 安全牛
- 数世咨询
- 火绒安全
- 极客公园
- 恒脑与AI
- 情报分析师
- Beacon Tower Lab
- 表图
- Over Security - Cybersecurity news aggregator
- US insurance giant Aflac says hackers stole personal and health data of 22.6 million people
- More than 22 million Aflac customers impacted by June data breach
- WebRAT malware spread via fake vulnerability exploits on GitHub
- Hackers stole over $2.7B in crypto in 2025, data shows
- SEC sues crypto firms for defrauding investors out of $14 million
- US insurance giant Aflac says hackers stole personal and health data of 22.6 million
- US disrupts multimillion-dollar bank account takeover operation targeting Americans
- Vulnerabilità in GeoServer: un rischio sistemico per le infrastrutture critiche
- France’s postal and banking services disrupted by suspected DDoS attack
- GhostPairing, l’attacco che sfrutta i dispositivi collegati per compromettere WhatsApp
- RTO Scam Wave Continues: A Surge in Browser-Based e-Challan Phishing and Shared Fraud Infrastructure
- Scegliere il framework di sicurezza, dal NIST alla ISO 27001: guida strategica per il CISO
- Malicious extensions in Chrome Web store steal user credentials
- Vulnerabilità critica in n8n. Rischio elevato per istanze esposte in rete
- Microsoft Teams strengthens messaging security by default in January
- Anubis Ransomware: Inside the Mindset and Methods of a Modern Ransomware Group
- The Week in Vulnerabilities: More Than 2,000 New Flaws Emerge
- Cyberattack knocks offline France's postal, banking services
- Assessing SIEM effectiveness
- Italy fines Apple $116 million over App Store privacy policy issues
- Finta promozione Conad: come funziona la nuova campagna di Scam che sfrutta i punti fedeltà
- Baker University says 2024 data breach impacts 53,000 people
- Kaspersky: così funziona il mercato del lavoro nel dark web
- Sextortion e responsabilità delle piattaforme: quando il danno diventa prevedibile
- La necessaria revisione periodica delle misure di sicurezza di base per la conformità alla NIS 2
- From cheats to exploits: Webrat spreading via GitHub
- 迪哥讲事
- Securityinfo.it
- 国家互联网应急中心CNCERT
- D3Lab
- 看雪学苑
- Schneier on Security
- Full Disclosure
- Instapaper: Unread
- Kaspersky così funziona il mercato del lavoro nel dark web
- Corea del Nord, 2025 da record per gli hacker di Stato. Sottratti asset digitali per 3,4 miliardi di dollari
- World’s largest shadow library made a 300TB copy of Spotify’s most streamed songs
- Interpol-led action decrypts 6 ransomware strains, arrests hundreds
- Judge rules that NSO cannot continue to install spyware via WhatsApp pending appeal
- Is your iPhone missing This genius camera trick helps you find it - fast
- Comprehensive Ways to Fix iPhone Stuck on Restore Screen [Update]
- NetSPI
- The Hacker News
- Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites
- INTERPOL Arrests 574 in Africa; Ukrainian Ransomware Affiliate Pleads Guilty
- Passwd: A walkthrough of the Google Workspace Password Manager
- U.S. DoJ Seizes Fraud Domain Behind $14.6 Million Bank Account Takeover Scheme
- Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances
- FCC Bans Foreign-Made Drones and Key Parts Over U.S. National Security Risks
- Security Affairs
- Deeplinks
- The Register - Security
- TorrentFreak
- Dark Space Blogspot
- Security Weekly Podcast Network (Audio)