[每日信息流] 2026-01-21 #1124
Description
每日安全资讯(2026-01-21)
- SecWiki News
- CXSECURITY Database RSS Feed - CXSecurity.com
- Private Feed for M09Ic
- anthropics released v2.1.14 at anthropics/claude-code
- PrefectHQ released 3.6.12 at PrefectHQ/prefect
- CHYbeta starred SeanHeelan/anamnesis-release
- mgeeky starred trailofbits/skills
- WAY29 starred InterceptSuite/ProxyBridge
- OpenAEV-Platform released 2.0.14 at OpenAEV-Platform/openaev
- CHYbeta starred vxcontrol/pentagi
- zema1 starred safedv/Rustic64
- agentscope-ai released v1.0.13 at agentscope-ai/agentscope
- OpenAEV-Platform released 2.0.13 at OpenAEV-Platform/openaev
- gh0stkey forked HACK-THE-WORLD/rust-template from rust-github/template
- bitsadmin starred synacktiv/Invoke-RunAsWithCert
- zema1 starred hickory-dns/resolv-conf
- wabzsy starred rulego/rulego
- gh0stkey starred GNOME/gimp
- PrefectHQ released 3.6.12.dev5 at PrefectHQ/prefect
- CHYbeta starred cclank/news-aggregator-skill
- su18 forked su18/shouganaiyo-loader from nccgroup/shouganaiyo-loader
- su18 starred nccgroup/shouganaiyo-loader
- gh0stkey starred C4illin/ConvertX
- timwhitez starred browser-use/agent-sdk
- Recent Commits to cve:main
- LevelBlue Blog
- 安全客-有思想的安全新媒体
- Doonsec's feed
- 【物理渗透】一个U盘,强制修改管理员密码
- G.O.S.S.I.P 特别推荐 2026-01-20 MCPZoo:可见、可测、开箱即用的MCP即服务平台
- 动态|世界经济论坛发布《2026年全球网络安全展望》报告·网络欺诈成全球数字经济最大威胁
- 一款完全由Ai编写的vibe coding式恶意软件
- S-APICONT V1.3 内测发布
- 今天面试问了一个问题:为什么离职?他说:老板答应三个月内给我涨工资1500,但是四个月过去却不兑现,我就辞职了。我不喜欢画大饼的公司
- CF-Hero:尝试发现受Cloudflare CDN保护的网站真实IP
- 某次大型护网钓鱼样本分析
- 东胜物流软件GetPrintInfo接口存在敏感信息泄露漏洞 附POC
- 侧信道检测APatch Root
- 卫星信号被劫,反政府内容播 10 分钟u200b
- 一条命令部署!Uptime Kuma 新手也能玩转服务器宕机预警
- 机器人大脑深度催眠!BadVLA 攻击横空出世
- 那些大模型没有教会我的事
- 伊朗国家电视台的信号被劫持,播放反政府视频煽动暴乱
- 银狐木马攻击常用的高级进程注入方式
- opencode快速入门
- 长亭科技发布全免费 AI Code Review 机器人
- 2025均胜电子:全球汽车Tier1的技术外溢—从智能汽车到具身智能
- TOCTOU 与信任链断裂:DNS Rebinding
- VSCode 项目植入后门.vscode/tasks.json
- DeepAudit——代码漏洞挖掘多智能体ai系统
- 每日课程更新
- 记某edusrc证书站的挖掘
- 宣传一下
- 流量之眼 - 智能被动漏洞扫描平台
- 【AI安全】机器人大脑“深度催眠”!BadVLA 攻击横空出世
- Microsoft Security Blog
- 奇安信攻防社区
- 美团技术团队
- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
- Tenable Blog
- GuidePoint Security
- Ronnie's Blog
- blog.avast.com EN
- Malware-Traffic-Analysis.net - Blog Entries
- Hacking Dream
- Horizon3.ai
- Reverse Engineering
- This open-source Windows XP alternative finally gets a much-awaited speed boost
- Google Meet Reactions: Reverse Engineering the WebRTC Channel for Emoji
- frida-ipa-extract
- Conditions in the Intel 8087 floating-point chip's microcode
- On the Coming Industrialisation of Exploit Generation with LLMs
- I have made an app to collect, decompile apk with apktool and jadx to have a reference, recompile it, sign it, zipalign it and install it.
- Malwarebytes
- HackerNews
- 黑海洋Wiki | Web开发工具包 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台
- 奇客Solidot–传递最新科技情报
- 安全分析与研究
- 黑鸟
- 雷神众测
- 暗影安全
- 青山青吖
- 虎符智库
- 威努特安全网络
- 代码卫士
- 二道情报贩子
- 看雪学苑
- CT Stack 安全社区
- 天黑说嘿话
- 安全内参
- 信息安全国家工程研究中心
- 全频带阻塞干扰
- 青藤云安全
- 安全圈
- 中国信息安全
- 嘶吼专业版
- 极客公园
- 复旦白泽战队
- 安全牛
- 火绒安全
- 补天平台
- 吴鲁加
- 数世咨询
- 情报分析师
- TrustedSec
- 迪哥讲事
- NETRESEC Network Security Blog
- Qualys Security Blog
- ICT Security Magazine
- T00ls安全
- SEI Blog
- OnionSec
- Schneier on Security
- 360数字安全
- Securityinfo.it
- Over Security - Cybersecurity news aggregator
- OpenAI rolls out age prediction model on ChatGPT to detect your age
- ACF plugin bug gives hackers admin on 50,000 WordPress sites
- Trump administration admits DOGE may have misused Americans’ Social Security data
- VoidLink cloud malware shows clear signs of being AI-generated
- Supreme Court to consider whether geofence warrants are constitutional
- EU plans cybersecurity overhaul to block foreign high-risk suppliers
- Simulare per difendersi: come i cyber digital twin rivoluzionano la sicurezza informatica
- Gemini AI assistant tricked into leaking Google Calendar data
- Minacce hi-tech e geopolitiche: nuove sfide per i cyber leader
- UK says it will consider banning social media for children
- Lawmakers move to extend two cyber programs (again) in funding proposal
- Hackers target Afghan government workers with fake correspondence from senior officials
- Microsoft PowerToys adds new CursorWrap mouse 'teleport' tool
- Sfruttato il logo di AdE per una campagna di phishing mirata al furto di credenziali SPID
- SCANT: A (kind-of-decent) Framework for Ethical Deepfake Creation & Distribution
- Make Identity Threat Detection your security strategy for 2026
- StackWarp: scoperta una nuova vulnerabilità nei processori AMD
- Webinar: Aligning cybersecurity purchases with what your SOC team needs
- AI agentica: l’intelligenza artificiale corre, ma serve una collaborazione sicura per mitigarne i rischi
- Il cyber rischio entra nel merito creditizio: l’indice Banca d’Italia
- Webinar: Why execs don’t buy SOC teams the tools they need
- Asset management: i sei pilastri del patching strategico
- UK launches landmark 'Report Fraud' service to tackle cybercrime and fraud
- UK warns of sustained cyberthreat from pro-Russian hacktivists
- Critical Infrastructure Attacks Became Routine for Hacktivists in 2025
- Releasing an Abuse.ch toolkit for threat intelligence
- Riorganizzazione del DIS: ecco i compiti dell’intelligence italiana
- Continuous Learning – Inside our Internal Security Training
- Prove forensi negli incidenti cyber: la nuova grammatica della responsabilità disegnata dalla NIS 2
- Malware Trends Overview Report: 2025
- WhisperPair: Hijacking Bluetooth Accessories Using Google Fast Pair
- Top 5 AI Security Risks in 2026
- Phishing & Email Security: An AI-Ready Playbook
- Real-World Examples of AI in Cybersecurity
- ChatGPT Go now unlocks unlimited access to GPT-5.2 Instant for $8
- You can get ChatGPT's $20 Plus subscription for free for a limited time
- Instapaper: Unread
- A 0-click exploit chain for the Pixel 9 Part 3 Where do we go from here
- A 0-click exploit chain for the Pixel 9 Part 2 Cracking the Sandbox with a Big Wave
- A 0-click exploit chain for the Pixel 9 Part 1 Decoding Dolby
- Internet voting is insecure and should not be used in public elections
- Supply chain perché un fornitore debole mette a rischio tutti
- Spy vs. Spy Predator Malware Now Hunts the Researchers
- Spyware in Europa e caso Paragon, c'è una nuova commissione d'inchiesta (informale) contro l'abuso
- The Hacker News
- North Korea-Linked Hackers Target Developers via Malicious VS Code Projects
- Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution
- Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading
- The Hidden Risk of Orphan Accounts
- Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto
- Cloudflare Fixes ACME Validation Bug Allowing WAF Bypass to Origin Servers
- Why Secrets in JavaScript Bundles are Still Being Missed
- Tudou Guarantee Marketplace Halts Telegram Transactions After Processing Over $12 Billion
- The Register - Security
- Cloudflare whacks WAF bypass bug that opened side door for attackers
- Remember VoidLink, the cloud-targeting Linux malware? An AI agent wrote it
- AI framework flaws put enterprise clouds at risk of takeover
- Anthropic quietly fixed flaws in its Git MCP server that allowed for remote code execution
- For the price of Netflix, crooks can now rent AI to run cybercrime
- Akamai CEO wants help to defeat piracy, reckons he can handle edge AI alone
- SANS Internet Storm Center, InfoCON: green
- Deeplinks
- netsecstudents: Subreddit for students studying Network Security and its related subjects
- Deep Web
- Computer Forensics
- Technical Information Security Content & Discussion
- Your Open Hacker Community
- Information Security
- Social Engineering
- Security Affairs
- PDFSIDER Malware – Exploitation of DLL Side-Loading for AV and EDR Evasion
- Access broker caught: Jordanian pleads guilty to hacking 50 companies
- Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems
- Telegram-based illicit billionaire marketplace Tudou Guarantee stopped transactions
- UK NCSC warns of Russia-linked hacktivists DDoS attacks
- Blackhat Library: Hacking techniques and research
- Security Weekly Podcast Network (Audio)