# 每日安全资讯(2026-05-01) - Private Feed for M09Ic - [ ] [safedv starred rootsecdev/cve_2026_31431](https://github.com/rootsecdev/cve_2026_31431) - [ ] [safedv starred assetnote/cpanel2shell-scanner](https://github.com/assetnote/cpanel2shell-scanner) - [ ] [freqtrade released 2026.4 at freqtrade/freqtrade](https://github.com/freqtrade/freqtrade/releases/tag/2026.4) - [ ] [kpcyrd contributed to AspectUnk/russh-sftp](https://github.com/AspectUnk/russh-sftp/pull/84) - [ ] [kpcyrd forked kpcyrd/russh-sftp from AspectUnk/russh-sftp](https://github.com/kpcyrd/russh-sftp) - [ ] [kpcyrd contributed to kpcyrd/rebuilderd](https://github.com/kpcyrd/rebuilderd/pull/228) - [ ] [liamg contributed to infracost/go-proto](https://github.com/infracost/go-proto/pull/50) - [ ] [liamg starred entireio/git-sync](https://github.com/entireio/git-sync) - [ ] [mgeeky starred Percivalll/Copy-Fail-CVE-2026-31431-Kubernetes-PoC](https://github.com/Percivalll/Copy-Fail-CVE-2026-31431-Kubernetes-PoC) - [ ] [safedv starred Crihexe/copy-fail-tiny-elf-CVE-2026-31431](https://github.com/Crihexe/copy-fail-tiny-elf-CVE-2026-31431) - [ ] [WAY29 starred yaojingang/yao-open-skills](https://github.com/yaojingang/yao-open-skills) - [ ] [CHYbeta starred china-qijizhifeng/agentic-harness-engineering](https://github.com/china-qijizhifeng/agentic-harness-engineering) - [ ] [gh0stkey starred mesonbuild/meson](https://github.com/mesonbuild/meson) - [ ] [joaoviictorti starred watchtowrlabs/watchTowr-vs-cPanel-WHM-AuthBypass-to-RCE.py](https://github.com/watchtowrlabs/watchTowr-vs-cPanel-WHM-AuthBypass-to-RCE.py) - [ ] [LoRexxar contributed to LoRexxar/Kunlun-M](https://github.com/LoRexxar/Kunlun-M/pull/318) - [ ] [niudaii starred polyipseity/obsidian-show-hidden-files](https://github.com/polyipseity/obsidian-show-hidden-files) - Microsoft Security Blog - [ ] [What’s new, updated, or recently released in Microsoft Security](https://www.microsoft.com/en-us/security/blog/2026/04/30/whats-new-updated-or-recently-released-in-microsoft-security/) - [ ] [Email threat landscape: Q1 2026 trends and insights](https://www.microsoft.com/en-us/security/blog/2026/04/30/email-threat-landscape-q1-2026-trends-and-insights/) - Doonsec's feed - [ ] [墨思AI AGENT监测发现 PyTorch Lightning 训练框架被投毒,月下载量超1000万](https://mp.weixin.qq.com/s/yftKWsKCaZvk0GVb5HlVrw) - [ ] [追觅CEO下令:全员开社媒、日更3条、涨粉10万奖10万,AI时代要逼出“复合能力”?](https://mp.weixin.qq.com/s/c5z-tU6i8phyvt3kr-utPA) - [ ] [【情报报告】2026年4月全球恐怖主义态势及战略预测](https://mp.weixin.qq.com/s/_lxHrzhmkPqoTqnxflKwNQ) - [ ] [【资料】民间社会视角:西非的恐怖主义与反恐行动](https://mp.weixin.qq.com/s/6EVZHoptYYuQLH4bNWCJtQ) - [ ] [CVE-2026-31431:我用 DeepSeek 复现了 AI 发现Copy Fail 提权的全过程](https://mp.weixin.qq.com/s/eMCDye1A-LfO6gMsTTvNSQ) - [ ] [Hermes的应用(五):分析CopyFail(CVE-2026-31431)高危漏洞Poc](https://mp.weixin.qq.com/s/yChwE7QVLGdrTCSi0-jSNg) - [ ] [静刃-助力安服工具](https://mp.weixin.qq.com/s/dx8aejQJ25cymNwMjqOvaQ) - [ ] [WordPress WooCommerce Designer Pro存在任意文件读取CVE-2025-10897 附POC](https://mp.weixin.qq.com/s/RJG_ZSZGDJj3v2HHPunfog) - [ ] [CVE-2026-31431(Copy Fail)漏洞FAQ(上)——漏洞的基本情况、影响范围与处置篇](https://mp.weixin.qq.com/s/MMeMCSPJ_IO4peFb94fXbw) - [ ] [国际刑警DDoS蜜罐意外曝光:安全研究员意外逼停执法行动](https://mp.weixin.qq.com/s/MwkZTTSEvMfhFnZnlvOg-Q) - [ ] [25家网安上市公司2019~2025人员数量一览](https://mp.weixin.qq.com/s/0ZFj5E8q31Qhky2GAW73ZA) - [ ] [CVE-2026-31431](https://mp.weixin.qq.com/s/TW7FFvx7SXWsHRrqgY-v4w) - [ ] [网警严查“斗狠”类直播,13人被行拘!](https://mp.weixin.qq.com/s/XK7NvWkqiesOhoXM-26OCQ) - [ ] [我的父亲是黑客](https://mp.weixin.qq.com/s/8GswpOMhCW44Jl3qj_4Z3g) - [ ] [每周网络安全简讯 ( 2026年 第18周 )](https://mp.weixin.qq.com/s/8VF8zKzPVGTlXCkmn1NccQ) - [ ] [Android so逆向分析工具](https://mp.weixin.qq.com/s/uYLXhnbUBJ6SnlTkSFKRXw) - [ ] [AI与安全的5个鬼故事,真的吗?我不信](https://mp.weixin.qq.com/s/USB5VX-QiqrI1mxAkru8Ew) - [ ] [《穿普拉达的女王2》缩影](https://mp.weixin.qq.com/s/vuoL8PW8gY_S7PYvWNyPeQ) - [ ] [五一活动,夯爆了](https://mp.weixin.qq.com/s/jjWjB2WXaJrhJ9B8EzEH-w) - [ ] [网络设备通用漏洞挖掘由黑到白](https://mp.weixin.qq.com/s/-Q2r9raSwKhD5ST-_iE9cQ) - [ ] [关于 CTF 中 Bcrypt 考点的思考](https://mp.weixin.qq.com/s/FrPWBaK8cw50zb493AF8zQ) - [ ] [【已复现】CVE-2026-31431 Linux内核本地提权漏洞(Copy Fail)](https://mp.weixin.qq.com/s/cjO8jcq1Nm-t2SxWnoRGhw) - [ ] [Markdown 双哈希逃逸 (Bleach 清洗后 markdown2 SafeMode 的 Alt 属性 XSS 完整链路)](https://mp.weixin.qq.com/s/GcEmnucQDb5tOc8UO0O7Ig) - [ ] [XMCVE-WebRecon——一款好用的渗透测试辅助插件](https://mp.weixin.qq.com/s/JLlP1KwHtF1MG2bK8uVKlw) - [ ] [最新通杀全线Linux发行版的CVE漏洞解析](https://mp.weixin.qq.com/s/MKa_SLZZhFmlZFpw0yvjEg) - [ ] [SEH溢出+Egghunter双剑合璧!SyncBreeze漏洞EXP深度优化](https://mp.weixin.qq.com/s/XsxSBCyV0m6w5dHiPz5M_A) - [ ] [“学子聚汉”工程计算机类专场招聘活动顺利举办](https://mp.weixin.qq.com/s/oUPZwreCYqOCRuPXHk7qCw) - [ ] [个人信息保护政策法规问答(2026年4月)](https://mp.weixin.qq.com/s/FCCLEpJsrea--1XDyhCdwA) - [ ] [国家计算机病毒应急处理中心检测发现67款违法违规收集使用个人信息的移动应用](https://mp.weixin.qq.com/s/weMWGw1vpbrP61vLf8WKLA) - [ ] [从零开始安装/使用Claude Code,CCSwitch管理所有AI模型,绕过登录接入DeepSeek-v4模型](https://mp.weixin.qq.com/s/0fUrKq7zOOHKNjvydrsBKg) - [ ] [烽火狼烟丨Linux Kernel “Copy Fail” 提权漏洞 (CVE-2026-31431) 分析与安全声明](https://mp.weixin.qq.com/s/9_JXNh6oKFNSzikVepF97A) - [ ] [Copyfail提权漏洞(CVE-2026-31431)临时缓解措施](https://mp.weixin.qq.com/s/cFYqAUqjsbVwoNm2B4XCnw) - [ ] [新型 Linux 内核提权漏洞 CVE-2026-31431,安芯神甲提供实时检测与防护能力](https://mp.weixin.qq.com/s/rnzu7PL34onKAR1MS7Anow) - [ ] [安芯网盾五一假期服务公告](https://mp.weixin.qq.com/s/EkQx_eQu2JVAj4fsTmqgDQ) - [ ] [【已复现】cPanel 登录流程认证绕过漏洞(CVE-2026-41940)](https://mp.weixin.qq.com/s/BCDnQD0MY5vL_OG-qd0NEA) - [ ] [保护性安全措施与预防性安全措施](https://mp.weixin.qq.com/s/f3mctK7DzbDIIUWLAwsAAg) - [ ] [比特币不仅仅是一种加密货币(深入指南)](https://mp.weixin.qq.com/s/kuG-QkTl-dqHe2nqHCbvsg) - [ ] [第九届数字中国建设峰会丨三未信安签约汽车数字出海全链赋能一体化平台](https://mp.weixin.qq.com/s/UbfHaM3PPVgN885hM26YOw) - [ ] [DeepSeek新模型V4发布,美国各界反应如何?](https://mp.weixin.qq.com/s/2TYfvThCTEtXkBFWPJYnJg) - [ ] [CNVD:关于Linux内核存在本地权限提升漏洞的安全公告](https://mp.weixin.qq.com/s/X1HE9GQHfBKJrFin8aDf8Q) - [ ] [原创-10大性格不同的人](https://mp.weixin.qq.com/s/U23i3HbUk9rXGInD2m_LUg) - [ ] [AI并购红线来了:Meta收购Manus被叫停意味着什么?](https://mp.weixin.qq.com/s/_5-ja5a83ITL4QTGxIIRHw) - [ ] [WAF绕过新姿势实战怎么用?](https://mp.weixin.qq.com/s/-P7TTKtKqhdpF-A7M0prVg) - [ ] [CNNVD关于Linux安全漏洞的通报](https://mp.weixin.qq.com/s/MP8byaCpAvOtoI3nCXnLOg) - [ ] [CNNVD关于cPanel访问控制错误漏洞的通报](https://mp.weixin.qq.com/s/x7Wlh1kOcA-bQOHyXZBIDg) - [ ] [白宫禁止Anthropic扩员——这危险AI只能我独占,谁也别想抢算力!](https://mp.weixin.qq.com/s/xAGikqQBFoUK7qLFNBeeMg) - [ ] [安恒信息与来宾市政数局等达成合作,共建来宾市数据标注中心](https://mp.weixin.qq.com/s/9L30BwkuEU1w4Hg0WLfaKw) - [ ] [习近平在加强基础研究座谈会上强调 以更大力度更实举措加强基础研究 进一步打牢科技强国建设根基](https://mp.weixin.qq.com/s/7_uR1LwUX-Ym0Xvl-K7XHg) - [ ] [邬贺铨:发挥数据要素乘数效应,推动我国数字经济健康发展并服务全球](https://mp.weixin.qq.com/s/YtPOW1BEzy9K--xJr9HlBw) - [ ] [第九届数字中国建设峰会“可信数据空间分论坛”在福州召开](https://mp.weixin.qq.com/s/rzIh1Rv_v1lZAD8H4r88qg) - [ ] [第九届数字中国建设峰会“数字经济分论坛”在福州举办](https://mp.weixin.qq.com/s/hD4YSltv7yyRyV_LpH_Kpg) - [ ] [关注 | 中央网信办部署开展“清朗·整治AI应用乱象”专项行动](https://mp.weixin.qq.com/s/ZltQKhyjDaIiIwrR0jshAw) - [ ] [关注 | 英魂之刃、企查查……这67款App被通报!](https://mp.weixin.qq.com/s/ozTHhRpZcUwcccMOloxBPg) - [ ] [注意 | AI模型部署工具Xinference遭供应链投毒攻击](https://mp.weixin.qq.com/s/YKQGvbwSQfDK-OE8wqt28A) - [ ] [通知 | 《网络安全技术 基于多信道的证书申请和应用协议(征求意见稿)》等5项国家标准公开征求意见(附下载)](https://mp.weixin.qq.com/s/VhYqIBQSX767k-A6fUVJHA) - [ ] [上海银行加速布局全行级AI平台,已研发上百个智能体、AI专业人才三年增至200人](https://mp.weixin.qq.com/s/SBBhjv8OblCoen9i8hGxqg) - [ ] [AI快讯:阿里发布数字员工产品QoderWake,蚂蚁发布开源智能体支付框架AMP](https://mp.weixin.qq.com/s/Sw_aM21vZuAiR-cyRUnWvw) - [ ] [恒丰银行智能客服功能优化项目POC测试供应商征集](https://mp.weixin.qq.com/s/G4hJa4aZNQMlcGOrmwuXKA) - [ ] [🔥 你的隐私,正在被悄悄\"拼\"出来](https://mp.weixin.qq.com/s/4GLVOnHtxl7jzZ0sm_B_Pg) - [ ] [Linux曝出“核弹级”漏洞CVE-2026-31431:攻击者可瞬间提权](https://mp.weixin.qq.com/s/5Q_2Gs8PkH67gYsnMxP_dA) - [ ] [360本部红队直招,实习/社招皆可,速投!](https://mp.weixin.qq.com/s/-grA_rW39YX3Yx8c_otcRg) - [ ] [奇安信亮相第九届数字中国建设峰会](https://mp.weixin.qq.com/s/3raCu7P-9ehfYt2PF2kGJQ) - [ ] [Linux曝出“史诗级”本地提权漏洞,奇安信椒图、天擎EDR支持实时检测](https://mp.weixin.qq.com/s/V5fn25CICy1eN_LV1omcLA) - [ ] [AI 网关 LiteLLM 曝严重 SQL 注入漏洞](https://mp.weixin.qq.com/s/EXpa4Mlvj4jaXPW9fGLRmA) - [ ] [网络安全执法常态化!2025年美国隐私违规罚款突破230亿元](https://mp.weixin.qq.com/s/YYbPM2RnCUw7Qt6mCWPogw) - [ ] [朝鲜黑客组织利用人脸深度伪造技术分析](https://mp.weixin.qq.com/s/JkHQhee-RkaIXPk_6lMttA) - [ ] [江苏国保五一劳动节应急保障安排](https://mp.weixin.qq.com/s/mhdb5tJQsgcmoZhWjCPxcw) - [ ] [蒸发,为何从社会销声匿迹?](https://mp.weixin.qq.com/s/bzEACbAAPPwAzRqkrm1Auw) - [ ] [【漏洞预警】CVE-2026-31431 Linux内核crypto:algif_aead逻辑漏洞 本地权限提升分析](https://mp.weixin.qq.com/s/NGcvLQw38sVQPjZN2rU4fQ) - [ ] [CVE-2026-42167 允许绕过身份验证并远程代码执行 ProFTPD](https://mp.weixin.qq.com/s/OllLjqZcQJK6YAq1oBWPVA) - [ ] [黑客解决问题的方式,普通人学不会](https://mp.weixin.qq.com/s/qfJ8PAxCSvXHDQxuMBUK5w) - [ ] [🤖 AI被“禁止聊哥布林”?背后真相,比你想的更复杂](https://mp.weixin.qq.com/s/QM--pYJoJ0nJhzNNaNQVLA) - [ ] [战争,正在“击穿”AI底座:数据中心开始撤离中东](https://mp.weixin.qq.com/s/ntAYrVOZXAyd3ccpXAV0OA) - [ ] [【风险提示】天融信关于Java Ghost Bits 漏洞的风险提示](https://mp.weixin.qq.com/s/KI-n1SESpCUA4hqJQ78Oog) - [ ] [【风险提示】天融信关于Linux Kernel本地权限提升漏洞(CVE-2026-31431)的风险提示](https://mp.weixin.qq.com/s/B9xcSm5BGGFA4NQZK6QoIg) - [ ] [很不夸张,现在我用RTX 3090显卡煮鸡蛋,这样可以省油,不对,准确地讲可以省燃气](https://mp.weixin.qq.com/s/rtSrMNQ4n64uSaBYBlgzgg) - [ ] [ICSISIAP致敬所有守护工控安全的劳动者,节日快乐!](https://mp.weixin.qq.com/s/82wgvEhDNxwFItXtUd_mQA) - [ ] [第四届白帽赏金挑战赛正式开启!诚邀全网顶尖白帽,共探安全边界](https://mp.weixin.qq.com/s/8DkU7hcfjUFc32pERDiz4Q) - [ ] [安全守护 | 云弈科技五一放假通知与值班保障安排](https://mp.weixin.qq.com/s/PjFrKNJpmugCJYgs15pLHQ) - [ ] [第九届数字中国建设峰会数字技术赋能工业园区高质量发展专题会议成功举办,安恒信息专家受邀分享](https://mp.weixin.qq.com/s/odRWrzYKIVuqVQNwyXIDTQ) - [ ] [上海市通信管理局携手谋乐科技及四家运营商单位联合发布人工智能赋能安全监管试点项目](https://mp.weixin.qq.com/s/uGHkwc4sO9jKLQiO8iCFZQ) - Tenable Blog - [ ] [Bridging the gap: How to integrate Claude Security into the Tenable One Exposure Management Platform](https://www.tenable.com/blog/how-to-integrate-claude-security-into--tenable-one) - [ ] [Copy Fail (CVE-2026-31431): Frequently asked questions about Linux kernel privilege escalation vulnerability](https://www.tenable.com/blog/copy-fail-cve-2026-31431-frequently-asked-questions-about-linux-kernel-privilege-escalation) - ElcomSoft blog - [ ] [Elcomsoft Phone Breaker 11 Restores iCloud Access](https://blog.elcomsoft.com/2026/04/elcomsoft-phone-breaker-11-restores-icloud-access/) - Insinuator.net - [ ] [When paradigms are shifting: InfoSec in the age of AI](https://insinuator.net/2026/04/when-paradigms-are-shifting-infosec-in-the-age-of-ai/) - SecWiki News - [ ] [SecWiki News 2026-04-30 Review](http://www.sec-wiki.com/?2026-04-30) - Recent Commits to cve:main - [ ] [Update Thu Apr 30 11:26:31 UTC 2026](https://github.com/trickest/cve/commit/8adac04482a1fcdd64b7fbc3201ecac615a2cadc) - Cerbero Blog - [ ] [EROFS Format Package](https://blog.cerbero.io/erofs-format-package/) - Bug Bounty in InfoSec Write-ups on Medium - [ ] [Open Redirect Simple Bug, Powerful Chains: Phishing Se OAuth Bypass Tak! (Hinglish Mein)](https://infosecwriteups.com/open-redirect-simple-bug-powerful-chains-phishing-se-oauth-bypass-tak-hinglish-mein-7d1b9adf8dcb?source=rss----7b722bfd1b8d--bug_bounty) - GuidePoint Security - [ ] [Why Identity Fragmentation Continues to Drive Security Risk](https://www.guidepointsecurity.com/blog/why-identity-fragmentation-continues-to-drive-security-risk/) - Reverse Engineering - [ ] [Revealing NVIDIA Closed-Source Driver Command Streams for CPU-GPU Runtime Behavior Insight](https://www.reddit.com/r/ReverseEngineering/comments/1t01tyr/revealing_nvidia_closedsource_driver_command/) - [ ] [HexDig 1.0.0 a lightweight binwalk alternative working both on Windows and Linux, written in C++, give it a try!](https://www.reddit.com/r/ReverseEngineering/comments/1szpkpl/hexdig_100_a_lightweight_binwalk_alternative/) - [ ] [GitHub - iss4cf0ng/CVE-2026-31431-Linux-Copy-Fail: Rust implementation Exploit/PoC of CVE-2026-31431-Linux-Copy-Fail, allow executing customized shellcode (such as Meterpreter).](https://www.reddit.com/r/ReverseEngineering/comments/1szpk37/github_iss4cf0ngcve202631431linuxcopyfail_rust/) - Malwarebytes - [ ] [More PayPal emails hijacked to deliver tech support scams](https://www.malwarebytes.com/blog/news/2026/04/more-paypal-emails-hijacked-to-deliver-tech-support-scams) - [ ] [Hackers stole hundreds of thousands of Roblox accounts: Here’s what to do](https://www.malwarebytes.com/blog/news/2026/04/hackers-stole-hundreds-of-thousands-of-roblox-accounts-heres-what-to-do) - Securelist - [ ] [Silver Fox uses the new ABCDoor backdoor to target organizations in Russia and India](https://securelist.com/silver-fox-tax-notification-campaign/119575/) - Exploit-DB.com RSS Feed - [ ] [[webapps] FUXA 1.2.8 - Authentication Bypass + RCE Exploit](https://www.exploit-db.com/exploits/52544) - [ ] [[webapps] Python-Multipart 0.0.22 - Path Traversal](https://www.exploit-db.com/exploits/52543) - [ ] [[local] Google Chrome 145.0.7632.75 - CSSFontFeatureValuesMap](https://www.exploit-db.com/exploits/52542) - [ ] [[local] Windows 11 23H2 - Denial of Service (DoS)](https://www.exploit-db.com/exploits/52541) - [ ] [[webapps] Repetier-Server 1.4.10 - Path Traversal](https://www.exploit-db.com/exploits/52540) - [ ] [[webapps] HUSTOJ Zip-Slip v26.01.24 - RCE](https://www.exploit-db.com/exploits/52539) - [ ] [[webapps] BusyBox 1.37.0 - Path Traversal](https://www.exploit-db.com/exploits/52538) - [ ] [[local] Windows 11 25H2 - Heap Overflow](https://www.exploit-db.com/exploits/52537) - [ ] [[webapps] JUNG Smart Visu Server 1.1.1050 - Dos](https://www.exploit-db.com/exploits/52536) - [ ] [[webapps] SumatraPDF 3.5.2 - Remote Code Execution](https://www.exploit-db.com/exploits/52535) - [ ] [[webapps] NiceGUI 3.6.1 - Path Traversal](https://www.exploit-db.com/exploits/52534) - [ ] [[webapps] Frigate NVR 0.16.3 - Remote Code Execution](https://www.exploit-db.com/exploits/52533) - [ ] [[webapps] Js2Py 0.74 - RCE](https://www.exploit-db.com/exploits/52532) - [ ] [[webapps] Camaleon CMS v2.9.0 - Path Traversal](https://www.exploit-db.com/exploits/52531) - [ ] [[webapps] Cybersecurity AI (CAI) Framework 0.5.10 - Command Injection](https://www.exploit-db.com/exploits/52530) - [ ] [[webapps] Erugo 0.2.14 - Remote Code Execution (RCE)](https://www.exploit-db.com/exploits/52529) - [ ] [[webapps] deephas 1.0.7 - Prototype Pollution](https://www.exploit-db.com/exploits/52528) - [ ] [[webapps] SUSE Manager 4.3.15 - Code Execution](https://www.exploit-db.com/exploits/52527) - Intigriti - [ ] [Exploiting SQL injection vulnerabilities](https://www.intigriti.com/researchers/blog/hacking-tools/exploiting-sql-injection-sqli-vulnerabilities) - daniel.haxx.se - [ ] [Approaching zero bugs?](https://daniel.haxx.se/blog/2026/04/30/approaching-zero-bugs/) - [ ] [Inspired](https://daniel.haxx.se/blog/2026/04/30/inspired/) - 绿盟科技技术博客 - [ ] [抑制Angr模拟执行期间某些日志](https://blog.nsfocus.net/%e6%8a%91%e5%88%b6angr%e6%a8%a1%e6%8b%9f%e6%89%a7%e8%a1%8c%e6%9c%9f%e9%97%b4%e6%9f%90%e4%ba%9b%e6%97%a5%e5%bf%97/) - [ ] [WAF防线告急?绿盟科技已提前锁定“幽灵比特位”攻击](https://blog.nsfocus.net/waf%e9%98%b2%e7%ba%bf%e5%91%8a%e6%80%a5%ef%bc%9f%e7%bb%bf%e7%9b%9f%e7%a7%91%e6%8a%80%e5%b7%b2%e6%8f%90%e5%89%8d%e9%94%81%e5%ae%9a%e5%b9%bd%e7%81%b5%e6%af%94%e7%89%b9%e4%bd%8d/) - 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台 - [ ] [Netflix 在部分国家推出竖屏视频流](https://blog.upx8.com/Netflix-%E5%9C%A8%E9%83%A8%E5%88%86%E5%9B%BD%E5%AE%B6%E6%8E%A8%E5%87%BA%E7%AB%96%E5%B1%8F%E8%A7%86%E9%A2%91%E6%B5%81) - [ ] [Cloudflare 表示:AI现在可以代表用户创建 Cloudflare 帐户、开通付费订阅、注册域名和部署应用程序](https://blog.upx8.com/Cloudflare-%E8%A1%A8%E7%A4%BA-AI%E7%8E%B0%E5%9C%A8%E5%8F%AF%E4%BB%A5%E4%BB%A3%E8%A1%A8%E7%94%A8%E6%88%B7%E5%88%9B%E5%BB%BA-Cloudflare-%E5%B8%90%E6%88%B7-%E5%BC%80%E9%80%9A%E4%BB%98%E8%B4%B9%E8%AE%A2%E9%98%85-%E6%B3%A8%E5%86%8C%E5%9F%9F%E5%90%8D%E5%92%8C%E9%83%A8%E7%BD%B2%E5%BA%94%E7%94%A8%E7%A8%8B%E5%BA%8F) - [ ] [黑市货源枯竭,英伟达B300服务器在中国的售价翻倍至100万美元](https://blog.upx8.com/%E9%BB%91%E5%B8%82%E8%B4%A7%E6%BA%90%E6%9E%AF%E7%AB%AD-%E8%8B%B1%E4%BC%9F%E8%BE%BEB300%E6%9C%8D%E5%8A%A1%E5%99%A8%E5%9C%A8%E4%B8%AD%E5%9B%BD%E7%9A%84%E5%94%AE%E4%BB%B7%E7%BF%BB%E5%80%8D%E8%87%B3100%E4%B8%87%E7%BE%8E%E5%85%83) - [ ] [美国政府应申请公开MU5735航班数据](https://blog.upx8.com/%E7%BE%8E%E5%9B%BD%E6%94%BF%E5%BA%9C%E5%BA%94%E7%94%B3%E8%AF%B7%E5%85%AC%E5%BC%80MU5735%E8%88%AA%E7%8F%AD%E6%95%B0%E6%8D%AE) - [ ] [Linux内核曝漏洞:可使黑客攻破所有主流Linux发行版获取Root权限](https://blog.upx8.com/Linux%E5%86%85%E6%A0%B8%E6%9B%9D%E6%BC%8F%E6%B4%9E-%E5%8F%AF%E4%BD%BF%E9%BB%91%E5%AE%A2%E6%94%BB%E7%A0%B4%E6%89%80%E6%9C%89%E4%B8%BB%E6%B5%81Linux%E5%8F%91%E8%A1%8C%E7%89%88%E8%8E%B7%E5%8F%96Root%E6%9D%83%E9%99%90) - [ ] [美国调查爱彼迎等公司使用中国模型的情况](https://blog.upx8.com/%E7%BE%8E%E5%9B%BD%E8%B0%83%E6%9F%A5%E7%88%B1%E5%BD%BC%E8%BF%8E%E7%AD%89%E5%85%AC%E5%8F%B8%E4%BD%BF%E7%94%A8%E4%B8%AD%E5%9B%BD%E6%A8%A1%E5%9E%8B%E7%9A%84%E6%83%85%E5%86%B5) - [ ] [Copy Fail(CVE-2026-31431):一个潜伏近十年的 Linux 内核本地提权漏洞深度解析](https://blog.upx8.com/Copy-Fail-CVE-2026-31431-Linux) - [ ] [GPT-Image2 结构化提示词模板库,适合 AI 生图工作流参考](https://blog.upx8.com/GPT-Image2-AI) - [ ] [白宫反对Anthropic扩大Mythos模型用户群体的计划](https://blog.upx8.com/%E7%99%BD%E5%AE%AB%E5%8F%8D%E5%AF%B9Anthropic%E6%89%A9%E5%A4%A7Mythos%E6%A8%A1%E5%9E%8B%E7%94%A8%E6%88%B7%E7%BE%A4%E4%BD%93%E7%9A%84%E8%AE%A1%E5%88%92) - [ ] [空客获中国南航及厦航大额飞机订单](https://blog.upx8.com/%E7%A9%BA%E5%AE%A2%E8%8E%B7%E4%B8%AD%E5%9B%BD%E5%8D%97%E8%88%AA%E5%8F%8A%E5%8E%A6%E8%88%AA%E5%A4%A7%E9%A2%9D%E9%A3%9E%E6%9C%BA%E8%AE%A2%E5%8D%95) - 腾讯玄武实验室 - [ ] [每日安全动态推送(26/4/30)](https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651960466&idx=1&sn=a1a582f5ba533c196bb842c145401794) - 奇客Solidot–传递最新科技情报 - [ ] [Google 给你贴上的价格标签](https://www.solidot.org/story?sid=84196) - [ ] [亚洲多国加大燃煤发电以应对能源危机](https://www.solidot.org/story?sid=84195) - [ ] [活动邀请 | NVIDIA 开发者见面会:从基础设施到智能体,全链路专家深度解析](https://www.solidot.org/story?sid=84194) - [ ] [水产养殖的温室气体排放](https://www.solidot.org/story?sid=84191) - [ ] [微软公开 86-DOS 1.00 源代码](https://www.solidot.org/story?sid=84190) - [ ] [基因组学先驱 Craig Venter 去世,享年 79 岁](https://www.solidot.org/story?sid=84189) - [ ] [GCC 17 加入对海光 C86-4G CPU 的支持](https://www.solidot.org/story?sid=84188) - 威努特安全网络 - [ ] [教育部等五部门联合发布《“人工智能+教育”行动计划》](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651141494&idx=1&sn=eda09af64bfbcc8ec246ebca29d7ddbb) - 黑鸟 - [ ] [国际刑警DDoS蜜罐意外曝光:安全研究员意外逼停执法行动](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451186588&idx=1&sn=3e514339e3d45c42a379538fe33bd556) - 暗影安全 - [ ] [732 字节通杀 Linux内核 近 9 年!100% 稳定获取 root 权限。附Poc。](https://mp.weixin.qq.com/s?__biz=MzI2MzA3OTgxOA==&mid=2657165769&idx=1&sn=458df7885e2f72bea989f80e27528947) - 长亭安全应急响应中心 - [ ] [【已复现】732字节、1秒root、九年无人知——Linux近年最稳定提权漏洞](https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247493214&idx=1&sn=0bd0bf00dcf29c2419c42c454c82f1f5) - 虎符智库 - [ ] [一季度网安执法观察:穿透式监管加速落地,推动实质安全治理](https://mp.weixin.qq.com/s?__biz=MzIwNjYwMTMyNQ==&mid=2247493791&idx=1&sn=d9b1e3a0b4fbf0153367e52297275295) - 代码卫士 - [ ] [奇安信Qcode Agents亮相数字中国,以多智能体协同守护AI时代代码安全](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247525926&idx=1&sn=9cfe4c9d575f0c74ff2be7b722c7329b) - [ ] [Copy Fail: 仅732字节,通杀所有主流 Linux 发行版,隐藏9年的 root 提权漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247525926&idx=2&sn=487c60cb3cbc5568392caaeb46a3b33d) - [ ] [SAP 官方 npm 包受陷,被用于供应链攻击窃取凭据](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247525926&idx=3&sn=f176577fa7fbeba25d5c024f432e1ade) - 绿盟科技CERT - [ ] [【已复现】Linux内核权限提升漏洞(CVE-2026-31431)](https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247492097&idx=1&sn=718add4ed82d4ce779728a3ac56c09c7) - 青衣十三楼飞花堂 - [ ] [从.deb中析取单个文件](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247489370&idx=1&sn=deb23467c8dfc2fd915709a9eec59780) - 微步在线研究响应中心 - [ ] [Linux提权漏洞!10行代码直接root](https://mp.weixin.qq.com/s?__biz=Mzg5MTc3ODY4Mw==&mid=2247508662&idx=1&sn=41def071baa5eeadd5303f2ccb43cf01) - 看雪学苑 - [ ] [732字节,通杀所有Linux!一个潜伏十年的“隐形杀手”终曝光](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458614410&idx=1&sn=d11882328bfc4e427f1899a2a05cbb5a) - [ ] [利用导入表劫持实现DLL注入以干掉杀毒软件](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458614410&idx=2&sn=32ba6828c0749b23e39e2b802f151183) - [ ] [你的大模型应用,真的安全上线了吗?一次提示词越狱,就能让所有合规审查白费](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458614410&idx=3&sn=74de3a155f48b467a1a4fbf7540391f3) - 安全分析与研究 - [ ] [银狐(Silver Fox)黑产组织详细分析报告](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247496682&idx=1&sn=c87f1130dda484ed857c36d7045265d2) - 丁爸 情报分析师的工具箱 - [ ] [【情报报告】2026年4月全球恐怖主义态势及战略预测](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651155352&idx=1&sn=2fca4cb0b329fdbb6cbd1ecf7febaf7d) - [ ] [【资料】民间社会视角:西非的恐怖主义与反恐行动](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651155352&idx=2&sn=f9a402c065e97da47add63f8ea598c05) - 奇安信 CERT - [ ] [【已复现】Linux Kernel "Copy Fail" 本地权限提升漏洞(CVE-2026-31431)安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247505520&idx=1&sn=782f41f065f5b44a1724fe083a86f80e) - [ ] [【已复现】cPanel&WHM 身份认证绕过漏洞(CVE-2026-41940)安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247505520&idx=2&sn=17a49e5024765e8f6bd8b09c1f4719f8) - 安全内参 - [ ] [网络安全执法常态化!2025年美国隐私违规罚款突破230亿元](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515884&idx=1&sn=504f0612c3de24062f1b56cb640ce3ea) - [ ] [朝鲜黑客组织利用人脸深度伪造技术分析](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515884&idx=2&sn=e44b9051f96cdef509f09e363bc93d1a) - 黑哥虾撩 - [ ] [我的父亲是黑客](https://mp.weixin.qq.com/s?__biz=Mzg5OTU1NTEwMg==&mid=2247484526&idx=1&sn=7dc32c5246dc1171a6f704ee34ea3036) - 安全圈 - [ ] [【安全圈】Linux 内核潜伏 9 年漏洞披露:732 字节脚本攻破 Ubuntu 等发行版,提权至 root 最高权限](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652076090&idx=1&sn=955f8155ca08aea02fa3e25775c3bcf4) - [ ] [【安全圈】cPanel被曝惊天高危漏洞,千万级服务器面临“裸奔”,官方紧急发布补丁!](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652076090&idx=2&sn=e5ba8445daca48ad1bb3795002895e7c) - [ ] [【安全圈】朝鲜新一轮攻击:利用 AI 植入 npm 恶意软件、虚假公司和远程访问木马](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652076090&idx=3&sn=b893f03eaec33e9784fa1db8eeeaa637) - 慢雾科技 - [ ] [慢雾出品|链接真实世界资产:从协议族解析到安全实践](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247504861&idx=1&sn=0f71a6b7fafe17ee9cd5e6cf07b83e41) - 默安科技 - [ ] [劳动节值守通知|假期也在岗,安全不打烊](https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247501826&idx=1&sn=ca4e9dc993dde86e3f7426ae2d40727b) - 安全牛 - [ ] [别让AI智能体沦为“失控猛兽”——企业落地AI Agent必建的数据治理与风险控制选项](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651141199&idx=1&sn=d5e226e73762e133a842a47cdb147633) - [ ] [恶意机器人占全网流量 40%,AI 驱动攻击暴增 12.5 倍;CNNVD 周报:本周新增漏洞 1447 个,超危 96 个需紧急修复| 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651141199&idx=2&sn=2665ad35bc0a3671c0a8b561063451f2) - 中国信息安全 - [ ] [人工智能重要漏洞 | CNNVD通报最新一批OpenClaw多个安全漏洞](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664262153&idx=1&sn=fd4a2110a6d3cf0e85ffb46c50f2db71) - [ ] [CNNVD | 人工智能重要漏洞通报(2026年第六期)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664262153&idx=2&sn=ae790fc7924edd4d34893a1bddc2c839) - 数世咨询 - [ ] [OT系统的零信任应该从边界开始而不是锅炉房](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247542765&idx=1&sn=b859faff85a30e3b41979f689b2cdc86) - [ ] [Copy Fail:横扫所有Linux,成为最危险的提权漏洞](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247542765&idx=2&sn=fb4be51e89b2c51a565c30835320a5eb) - 极客公园 - [ ] [魔法原子进军硅谷背后:世界模型野望与生态卡位](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653105061&idx=1&sn=ef0361a7db105a4d67a8cefb4afbff8b) - [ ] [实测纳逗 Pro:能做专业影视级内容的智能平台长啥样](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653105061&idx=2&sn=c7a5e14e84adc593f3f801e4c19b4c08) - [ ] [平头哥发布首款智能网卡「磐脉 920」,补齐 AI 算力最后一块短板](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653104984&idx=1&sn=dc42411b03a4365b9d390640bb35848e) - [ ] [马斯克:OpenAI 是我的创意,Altman 是小偷;Claude Code 使用成本翻倍;Image 2 登顶视觉模型榜|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653104975&idx=1&sn=e87d1f6c4eeea5a3e12499114fa05e0d) - 微步在线 - [ ] [人工验真!Linux提权漏洞,影响这么多信创!(附稳定验证PoC)](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650186347&idx=1&sn=a62188947f420de663dfc428891b361b) - 火绒安全 - [ ] [火绒在岗 轻松过节 | 这份终端安全防护提示请您收好](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247532540&idx=1&sn=57c207cc6b611c8a406216d74d22c1b6) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247532540&idx=2&sn=711b5a17688617fa9721ec9052fcd18d) - 深信服千里目安全技术中心 - [ ] [【漏洞通告】Linux Kernel Copy Fail 本地权限提升漏洞(CVE-2026-31431)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247525464&idx=1&sn=8acda386bfbde5ad1c91b714adbca8f2) - 天融信阿尔法实验室 - [ ] [【风险提示】天融信关于Java Ghost Bits 漏洞的风险提示](https://mp.weixin.qq.com/s?__biz=Mzg3MDAzMDQxNw==&mid=2247496705&idx=1&sn=f6b76bcbd3beb393983e7cb3b4c0eea4) - [ ] [【风险提示】天融信关于Linux Kernel本地权限提升漏洞(CVE-2026-31431)的风险提示](https://mp.weixin.qq.com/s?__biz=Mzg3MDAzMDQxNw==&mid=2247496705&idx=2&sn=2f53fc8a4a3695c13f1ea7fc09bb1b9c) - 软件安全与逆向分析 - [ ] [最新通杀全线Linux发行版的CVE漏洞解析](https://mp.weixin.qq.com/s?__biz=MzU3MTY5MzQxMA==&mid=2247485140&idx=1&sn=46a3b04ac859dd1c8adc3ac08459a719) - Tide安全团队 - [ ] [记某SRC高危漏洞挖掘](https://mp.weixin.qq.com/s?__biz=Mzg2NTA4OTI5NA==&mid=2247522091&idx=1&sn=9c38b02b19e5f211a6d6c9fd10f009cc) - 补天平台 - [ ] [补天平台五一放假通知,假期愉快!](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247510698&idx=1&sn=12fcc2e1993c020511608792170d07bf) - 虾说AI道 - [ ] [CVE-2026-31431 漏洞原理、缓解和修复](https://mp.weixin.qq.com/s?__biz=MzI1MTE3MDAwMw==&mid=2650436281&idx=1&sn=1c92351b2a2947a1a2d0ae9808a49a50) - OPPO安全中心 - [ ] [五一开启!|第四届白帽赏金挑战赛正式开启!诚邀全网顶尖白帽,共探安全边界](https://mp.weixin.qq.com/s?__biz=MzUyNzc4Mzk3MQ==&mid=2247494908&idx=1&sn=351ee463b435e656d9ce272fe73dd4f2) - [ ] [【CVE-2026-22070】ColorOS助手的路径穿越漏洞的致谢公告](https://mp.weixin.qq.com/s?__biz=MzUyNzc4Mzk3MQ==&mid=2247494908&idx=2&sn=fadace1e79c4554fecf7e51ec930333b) - 安全行者老霍 - [ ] [每家企业都应了解的七款AI合规工具](https://mp.weixin.qq.com/s?__biz=Mzg3NjU4MDI4NQ==&mid=2247486561&idx=1&sn=ac02a6c39129a014410251c1bc6a515a) - 枇杷熟了 - [ ] [1秒root、九年无人知——Linux近年最屌提权漏洞](https://mp.weixin.qq.com/s?__biz=MzU0MzkzOTYzOQ==&mid=2247490029&idx=1&sn=fc9c3feee41b708f86dab16be4154af5) - Desync InfoSec - [ ] [Copy Fail:732字节通杀所有Linux的史诗级LPE漏洞复现](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247490274&idx=1&sn=b1d1c3aa8c892bdd85567321081a0bca) - [ ] [微软Sentinel UEBA扩展AWS:用二元特征堆叠重定义云安全检测](https://mp.weixin.qq.com/s?__biz=MzkzMDE3ODc1Mw==&mid=2247490274&idx=2&sn=89bd4f79d4d56893e7f32db5c949de25) - 云鼎实验室 - [ ] [Linux Kernel "Copy Fail" 漏洞预警,可本地稳定提权至 root](https://mp.weixin.qq.com/s?__biz=MzU3ODAyMjg4OQ==&mid=2247497528&idx=1&sn=bd11cb8bf23b2ae520fc1723d37cf85b) - Tails - News - [ ] [Tails 7.7.1](https://tails.net/news/version_7.7.1/) - 白泽安全实验室 - [ ] [伊朗APT组织MuddyWater升级其攻击战术策略,利用第三方MaaS平台展开攻击活动](https://mp.weixin.qq.com/s?__biz=MzI0MTE4ODY3Nw==&mid=2247492925&idx=1&sn=5e0b1bbfde6029935517adbe30201918) - Krypt3ia - [ ] [Threat Intelligence Report: IRGC-Affiliated OT/IoT Malware Evolution](https://krypt3ia.wordpress.com/2026/04/30/threat-intelligence-report-irgc-affiliated-ot-iot-malware-evolution/) - TrustedSec - [ ] [ARP Around and Find Out: Hijacking GPO UNC Paths for Code Execution and NTLM Relay](https://trustedsec.com/blog/arp-around-and-find-out-hijacking-gpo-unc-paths-for-code-execution-and-ntlm-relay) - CNVD漏洞平台 - [ ] [关于Linux内核存在本地权限提升漏洞的安全公告](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247496881&idx=1&sn=563b3c5245be0c633987b1613867773c) - Securityinfo.it - [ ] [Mini Shai-Hulud: la supply chain SAP colpita da un simil-worm](https://www.securityinfo.it/2026/04/30/mini-shai-hulud-la-supply-chain-sap-colpita-da-un-simil-worm/?utm_source=rss&utm_medium=rss&utm_campaign=mini-shai-hulud-la-supply-chain-sap-colpita-da-un-simil-worm) - 墨菲安全 - [ ] [墨思AI AGENT监测发现 PyTorch Lightning 训练框架被投毒,月下载量超1000万](https://mp.weixin.qq.com/s?__biz=MzkwOTM0MjI5NQ==&mid=2247488392&idx=1&sn=d843e35ff7562a959b77d8d732c5d36d) - IT Service Management News - [ ] [Incontro ACN e Clusit](http://blog.cesaregallotti.it/2026/04/incontro-acn-e-clusit.html) - 迪哥讲事 - [ ] [由一个反序列化问题所想到的通用思路](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247499380&idx=1&sn=de9ee1908ac799dac70ffac10ecf3c77) - 360数字安全 - [ ] [360漏洞挖掘智能体亮相DEFCON 中国AI安全能力实现关键突破](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247585876&idx=1&sn=0148a95dc5e3b15e4a02b10fffa551de) - [ ] [360亮相数字中国:“以模治模”构建智能体时代安全底座](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247585876&idx=2&sn=fcfd8d2dafac60d70e3d0641094dc9fe) - Forensic Focus - [ ] [Magnet Forensics Honors 2026 Agency Impact And Scholarship Award Recipients](https://www.forensicfocus.com/news/magnet-forensics-honors-2026-agency-impact-and-scholarship-award-recipients/) - [ ] [Detego Global Stands Out As Sole Digital Forensics Finalist At UK Security & Policing Awards](https://www.forensicfocus.com/news/detego-global-stands-out-as-sole-digital-forensics-finalist-at-uk-security-policing-awards/) - Blog on Shielder - [ ] [Inspektor Gadget Security Audit](https://www.shielder.com/blog/2026/04/inspektor-gadget-security-audit/) - Schneier on Security - [ ] [Fast16 Malware](https://www.schneier.com/blog/archives/2026/04/fast16-malware.html) - LockBoxx - [ ] [Book Review: "The Infosec Survival Guides"](http://lockboxx.blogspot.com/2026/04/book-review-infosec-survival-guides.html) - Javvad Malik - [ ] [The Slop Problem Isn’t What You Think](https://javvadmalik.com/2026/04/30/the-slop-problem-isnt-what-you-think/) - SANS Internet Storm Center, InfoCON: green - [ ] [ISC Stormcast For Thursday, April 30th, 2026 https://isc.sans.edu/podcastdetail/9912, (Thu, Apr 30th)](https://isc.sans.edu/diary/rss/32938) - [ ] [Danger of Libredtail [Guest Diary], (Wed, Apr 29th)](https://isc.sans.edu/diary/rss/32936) - Lenny Zeltser - [ ] [Plant Honeytokens to Detect Intrusions](https://zeltser.com/plant-honeytokens) - ICT Security Magazine - [ ] [La nuova geopolitica dei cavi sottomarini nell’Indo-Pacifico: infrastrutture digitali tra conflitti e sicurezza globale](https://www.ictsecuritymagazine.com/articoli/geopolitica-dei-cavi-sottomarini/) - [ ] [Confidential computing: proteggere i dati anche durante l’elaborazione](https://www.ictsecuritymagazine.com/articoli/confidential-computing/) - [ ] [Brad Parscale, Israele e l’AI: il contratto da 9 milioni per orientare le risposte di ChatGPT, Claude e Gemini](https://www.ictsecuritymagazine.com/notizie/brad-parscale-israele/) - 娜璋AI安全之家 - [ ] [AI红队实战攻防指南来袭](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247502854&idx=1&sn=1485f42b9ac26eac6cd43947ae6109b5) - Arturo Di Corinto - [ ] [Threat actors, APT, cybergangs: l’economia del cybercrime](https://dicorinto.it/formazione/threat-actors-apt-cybergangs-leconomia-del-cybercrime/) - Deeplinks - [ ] [Utah’s New Law Targeting VPNs Goes Into Effect Next Week](https://www.eff.org/deeplinks/2026/04/utahs-new-law-regulating-vpns-goes-effect-next-week) - [ ] [Open Records Laws Reveal ALPRs’ Sprawling Surveillance. Now States Want to Block What the Public Sees.](https://www.eff.org/deeplinks/2026/04/open-records-laws-reveal-alprs-sprawling-surveillance-now-states-want-block-what) - [ ] [Digital Hopes, Real Power: From Connection to Collective Action](https://www.eff.org/deeplinks/2026/04/digital-hopes-real-power-connection-collective-action) - GRAHAM CLULEY - [ ] [Iran-linked Handala hackers leak US Marines data, send chilling WhatsApp threats](https://www.bitdefender.com/en-us/blog/hotforsecurity/iran-handala-hackers-leak-us-marines-data-chilling-whatsapp-threats) - The Register - Security - [ ] [The never-ending supply chain attacks worm into SAP npm packages, other dev tools](https://go.theregister.com/feed/www.theregister.com/2026/04/30/supply_chain_attacks_sap_npm_packages/) - [ ] [Bot her emails: most modern phishing campaigns are AI-enabled](https://go.theregister.com/feed/www.theregister.com/2026/04/30/modern_phishing_campaigns_ai/) - [ ] [FBI cyber boss: China's hacker-for-hire ecosystem 'out of control'](https://go.theregister.com/feed/www.theregister.com/2026/04/30/fbi_cyber_boss_chinas_hackerforhire/) - [ ] [Google's fix for critical Gemini CLI bug might break your CI/CD pipelines](https://go.theregister.com/feed/www.theregister.com/2026/04/30/googles_fix_for_critical_gemini/) - [ ] [French prosecutors link 15-year-old to mega-breach at state’s secure document agency](https://go.theregister.com/feed/www.theregister.com/2026/04/30/french_gov_mega_breach_suspect/) - [ ] [Nearly half of UK businesses pwned last year as phishing keeps doing the job like it's 2005](https://go.theregister.com/feed/www.theregister.com/2026/04/30/almost_half_of_uk_firms/) - [ ] [What type of 'C2 on a sleep cycle' do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia](https://go.theregister.com/feed/www.theregister.com/2026/04/30/chinese_spies_lurking_networks/) - [ ] [Bug of the year (so far): Nasty cPanel vulnerability probably exploited as a 0-day](https://go.theregister.com/feed/www.theregister.com/2026/04/30/cpanel_whn_cves/) - [ ] [Britain's £6B armoured sickener Ajax cleared for duty despite injuring troops](https://go.theregister.com/feed/www.theregister.com/2026/04/30/ajax_armored_vehicle_cleared/) - [ ] [Finance company stores DB credentials in helpfully labeled spreadsheet](https://go.theregister.com/feed/www.theregister.com/2026/04/30/finance_company_stored_their_db_pwned_column/) - [ ] [Linux cryptographic code flaw offers fast route to root](https://go.theregister.com/feed/www.theregister.com/2026/04/30/linux_cryptographic_code_flaw/) - Krebs on Security - [ ] [Anti-DDoS Firm Heaped Attacks on Brazilian ISPs](https://krebsonsecurity.com/2026/04/anti-ddos-firm-heaped-attacks-on-brazilian-isps/) - Deep Web - [ ] [Finding IDMASTER21](https://www.reddit.com/r/deepweb/comments/1sznyga/finding_idmaster21/) - [ ] [Isn't this the beginning of SPA?](https://www.reddit.com/r/deepweb/comments/1szrn6o/isnt_this_the_beginning_of_spa/) - [ ] [has the internet ever hurt you?](https://www.reddit.com/r/deepweb/comments/1szost8/has_the_internet_ever_hurt_you/) - Computer Forensics - [ ] [How do teams preserve and verify evidence from existing security logs before/during incident response?](https://www.reddit.com/r/computerforensics/comments/1szw5sb/how_do_teams_preserve_and_verify_evidence_from/) - [ ] [Blu View 5 Pro-LOCKED. Extraction capabilities](https://www.reddit.com/r/computerforensics/comments/1szt2iw/blu_view_5_prolocked_extraction_capabilities/) - Information Security - [ ] [Need help figuring out if my husband is accessing my password keepers. Also a concern for our 50/50 business upcoming when and if I file.](https://www.reddit.com/r/Information_Security/comments/1t0c5gs/need_help_figuring_out_if_my_husband_is_accessing/) - [ ] [BlueNoroff Deepfake Zoom Attack: 100 Crypto CEOs Compromised](https://www.reddit.com/r/Information_Security/comments/1szv0oq/bluenoroff_deepfake_zoom_attack_100_crypto_ceos/) - [ ] [Gen AI Governance- what's your strategy?](https://www.reddit.com/r/Information_Security/comments/1szsc0a/gen_ai_governance_whats_your_strategy/) - [ ] [How to learn Gap assessments, risk assessments, cloud security assessments, app security assessments and cyber maturity assessments.](https://www.reddit.com/r/Information_Security/comments/1szj8kn/how_to_learn_gap_assessments_risk_assessments/) - [ ] [보너스 어뷰징 대응을 위한 다중 계정 식별 로직의 실무적 과제](https://www.reddit.com/r/Information_Security/comments/1szlc92/보너스_어뷰징_대응을_위한_다중_계정_식별_로직의_실무적_과제/) - netsecstudents: Subreddit for students studying Network Security and its related subjects - [ ] [i built a game to practice web vulnerability exploits](https://www.reddit.com/r/netsecstudents/comments/1szlbh4/i_built_a_game_to_practice_web_vulnerability/) - Social Engineering - [ ] [Be Genuine, so People can Genuinely Hate You?](https://www.reddit.com/r/SocialEngineering/comments/1t0cq4t/be_genuine_so_people_can_genuinely_hate_you/) - Tor Project blog - [ ] [Tor Project Statement on the Abrupt Cancellation of RightsCon 2026](https://blog.torproject.org/rightscon2026-statement-Tor-Project/) - Blackhat Library: Hacking techniques and research - [ ] [90,000 Screenshots of One Celebrity's Phone Were Exposed Online](https://www.reddit.com/r/blackhat/comments/1szuu3r/90000_screenshots_of_one_celebritys_phone_were/) - Security Affairs - [ ] [Copy Fail: New Linux bug enables Root via page‑cache corruption](https://securityaffairs.com/191519/hacking/copy-fail-new-linux-bug-enables-root-via-page-cache-corruption.html) - [ ] [Agent’s claims on WhatsApp access spark security concerns](https://securityaffairs.com/191515/social-networks/agents-claims-on-whatsapp-access-spark-security-concerns.html) - [ ] [Meta accused of violating DSA by failing to safeguard minors](https://securityaffairs.com/191511/laws-and-regulations/meta-accused-of-violating-dsa-by-failing-to-safeguard-minors.html) - [ ] [Large-scale Roblox hacking operation shut down by Ukrainian authorities](https://securityaffairs.com/191500/cyber-crime/large-scale-roblox-hacking-operation-shut-down-by-ukrainian-authorities.html) - Your Open Hacker Community - [ ] [[REQUEST] NetHunter Kernel for Xiaomi Redmi 15 5G (spring) — Kernel Source Available](https://www.reddit.com/r/HowToHack/comments/1szsatv/request_nethunter_kernel_for_xiaomi_redmi_15_5g/) - Technical Information Security Content & Discussion - [ ] [High Fidelity Check for the cPanel Authentication Bypass (CVE-2026-41940)](https://www.reddit.com/r/netsec/comments/1szqnax/high_fidelity_check_for_the_cpanel_authentication/) - [ ] [Seventeen vulnerabilities in Omi, fourteen days of silence](https://www.reddit.com/r/netsec/comments/1sztfun/seventeen_vulnerabilities_in_omi_fourteen_days_of/) - The Hacker News - [ ] [PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials](https://thehackernews.com/2026/04/pytorch-lightning-compromised-in-pypi.html) - [ ] [ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories](https://thehackernews.com/2026/04/threatsday-bulletin-sms-blaster-busts.html) - [ ] [New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials](https://thehackernews.com/2026/04/new-python-backdoor-uses-tunneling.html) - [ ] [EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades](https://thehackernews.com/2026/04/etherrat-distribution-spoofing.html) - [ ] [New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions](https://thehackernews.com/2026/04/new-linux-copy-fail-vulnerability.html) - [ ] [Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution](https://thehackernews.com/2026/04/google-fixes-cvss-10-gemini-cli-ci-rce.html) - Security Weekly Podcast Network (Audio) - [ ] [FIRESTARTER - PSW #924](http://sites.libsyn.com/18678/firestarter-psw-924) - TorrentFreak - [ ] [MPA Renews Push for U.S. Site-Blocking Legislation, Citing Live Sports Piracy](https://torrentfreak.com/mpa-renews-push-for-u-s-site-blocking-legislation-citing-live-sports-piracy/)
每日安全资讯(2026-05-01)