[每日信息流] 2026-02-12 #1146
Description
每日安全资讯(2026-02-12)
- SecWiki News
- Doonsec's feed
- 日益杂谈的一道几何题
- 波兰电网攻击曝光工控设备砖化致命威胁
- 5岁孩子的画作一家三口
- 从 SQL 注入到文件上传:Upload-Labs 前必须掌握的核心理论基础
- Frida 恶意软件分析实战教程
- 狂撒近100亿!腾讯、阿里、字节、京东春节AI红包大战
- 羽毛球
- 2026 新春杯 域渗透 WP
- 【已复现】最新版微信v4.1出现远程命令执行漏洞:one-click RCE on Linux WeChat
- 炸翻全网!爱泼斯坦大瓜疯涨:多国权贵塌房、黑客助攻,自杀疑云更黑了
- R-TPT 暴力对抗攻击,CLIP 越狱成为历史!
- 美国西北大学 | PentestAgent:将LLM代理融入自动化渗透测试
- 【工信动态】工业和信息化部举行2026年迎新春团拜会
- appId和appSecret利用方法
- kubernetes面试问题大全,建议收藏
- 麻省理工科技评论发布2026年“十大突破性技术”
- Redbud 战队 2025 年终总结
- 逆向工具箱
- 去年有deepseek,今年有seedance
- 2026汽车数据安全出境指引
- 开年王炸!字节Seedance 2.0刷屏,AIGC拐点(文末使用方法)
- 公安部第一研究所某员工25年总收入
- 2026丹麦国情局FE - 恶猿行动 Writeup
- 【开源】XSAST-Python:AI代码审计工具
- 快手:万人组织AI研发范式跃迁之路
- 锦岳智慧:2026年春节安全保障,守护同行!
- 彭博报道援引CertiK创始人顾荣辉观点:稳定币成传统银行转型关键
- 【AI安全】R-TPT 暴力击穿对抗攻击,CLIP 越狱从此成为历史!
- 【高危漏洞预警】WeChat/Linux版本命令执行漏洞
- 每周羽毛球
- 网络安全缺口300万人,大家赶紧进
- Claude 高级技巧与安全配置CLAUDE.md、MCP、命令、技能与钩子 (Skills & Hooks)
- 【通知】信科2026年春节应急保障安排
- 985证书漏洞越权成为教授 + EDU/RCE漏洞实战解析|湘安内部平台月榜 TOP3 案例
- 爆火背后:OpenClaw 开源AI智能体应用攻击面与安全风险系统剖析
- 关于RCtea僵尸网络大范围传播的风险提示
- 微信 Linux版本命令执行漏洞
- Shannon——全自动 AI 渗透测试工具
- 你家摄像头背后,可能藏着1万双眼睛
- 八部门发文 进一步防范和处置虚拟货币等相关风险
- AI入局政企销售场景!光大银行推出TO B/TO G AI销售智能体
- 可利邦116.7万最低价第一!河南农商银行AI算力池建设项目(标段五:寒武纪算力设备采购)
- “面向可信数据空间的密码技术与应用”专刊征稿
- 【安全圈】CVE-2026-1868:GitLab AI Gateway 严重漏洞(CVSS 9.9),可致远程代码执行
- 【安全圈】假 AI 助手暗藏木马:恶意“ClawdBot”插件潜伏 VS Code
- 【安全圈】印度最高法院裁定:WhatsApp 不得以数据共享侵蚀用户隐私
- 【安全圈】法国全面弃用 Zoom 和 Teams:主权视频平台“Visio”落地,数字主权进入实战阶段
- 渊亭科技入选「2025 AI智能体服务商TOP100」
- 【已复现】微信 Linux版本命令执行漏洞(QVD-2026-7687)安全风险通告
- 从公安部典型案例,看无人机司法鉴定如何破局“黑飞”乱象
- U0001f9e7马年限定,速来领取你的新年好彩头!U0001f970
- 全领域覆盖 奇安信霸榜信通院第四期《数字安全护航技术能力全景图》
- 勒索攻击致使美国商户电子支付大面积中断逾3天
- 互动有奖 | 滴滴技术新春年货派送中!
- 开源库 Libpng 漏洞已存在30年,可导致数百万系统遭代码执行攻击
- 微软2月补丁星期二值得关注的漏洞
- 马跃新春享趣味 驭风逐梦启新程 ——中资网安举办2026年职工迎新春游艺活动
- 国家数据局综合司发布《关于做好公共数据资源授权运营信息披露工作的通知》
- 已修复 | 微信Linux版本远程命令执行漏洞
- AI大战!秒领取16.8元支付宝现金红包!
- 沃尔沃发生数据泄露:因供应商被黑
- 2025年全球国防网络空间情况综述(武器技术篇)
- 沃尔沃集团北美公司客户数据遭泄露!
- 荣耀共此时,同心向未来|西安四叶草2025年度表彰大会
- 关于Notepad++更新服务遭攻击组织定向投毒事件的安全通告
- 云上安全态势报告-2026年1月
- 云枢杯CTF-HW技能挑战赛
- AI生成恶意软件利用React2Shell漏洞攻击Docker,低门槛威胁激增
- SandboxJS四大高危漏洞可完全突破沙箱控制宿主系统
- 从勒索软件到持久驻留,数字寄生时代的悄然崛起
- CISO面临的首要网络攻击目标与新兴风险载体
- SOME/IP协议入门
- AutoSec 10周年大咖确认 | 大众酷翼VSOC平台负责人:面向智能网联汽车的先进安全运维中心架构构建
- 先知安全技术社区
- 奇安信攻防社区
- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
- Recent Commits to cve:main
- Private Feed for M09Ic
- github released v0.0.94 at github/spec-kit
- mgeeky starred hakwerk/labca
- strands-agents released v1.26.0 at strands-agents/sdk-python
- bolucat released 202602112011 at bolucat/Archive
- joaoviictorti starred joaoviictorti/rustbof
- ManassehZhou forked ManassehZhou/tailscale from tailscale/tailscale
- kpcyrd starred dtolnay/bootstrap
- niudaii starred chushuai/wscan
- LoRexxar starred hangwin/mcp-chrome
- Y4er contributed to nikkinikki-org/OpenWrt-nikki
- gh0stkey starred zai-org/GLM-OCR
- Y4er forked Y4er/OpenWrt-nikki from nikkinikki-org/OpenWrt-nikki
- PrefectHQ released 3.6.17.dev5 at PrefectHQ/prefect
- gh0stkey starred pydantic/monty
- Rvn0xsy starred lbjlaq/Antigravity-Manager
- zema1 starred kyxiaxiang/360WFP_Exploit
- gh0stkey starred rebornix/Agmente
- pydantic released v1.58.0 at pydantic/pydantic-ai
- Microsoft Security Blog
- ElcomSoft blog
- Insinuator.net
- Bug Bounty in InfoSec Write-ups on Medium
- Horizon3.ai
- Securelist
- Malwarebytes
- Exploit-DB.com RSS Feed
- Wallarm
- HackerNews
- 安全分析与研究
- Dhole Moments
- 奇客Solidot–传递最新科技情报
- 黑鸟
- vivo千镜
- 威努特安全网络
- Black Hills Information Security, Inc.
- 代码卫士
- 微步在线研究响应中心
- 安全内参
- 天御攻防实验室
- 阿里云应急响应
- 奇安信 CERT
- 中国信息安全
- 安全圈
- 天黑说嘿话
- 网络空间安全科学学报
- 安全牛
- NOVASEC
- 火绒安全
- 数世咨询
- 恒脑与AI
- 嘶吼专业版
- 极客公园
- 吴鲁加
- 深信服千里目安全技术中心
- 情报分析师
- 谛听ditecting
- 迪哥讲事
- 看雪学苑
- 360数字安全
- 安全行者老霍
- Tails - News
- 国家互联网应急中心CNCERT
- 安全419
- 吾爱破解论坛
- D3Lab
- Yak Project
- ICT Security Magazine
- Over Security - Cybersecurity news aggregator
- Windows 11 Notepad flaw let files execute silently via Markdown links
- Patch Tuesday febbraio 2026: 59 bug corretti, sei zero-day e un segnale chiaro per i CISO
- Microsoft Store Outlook add-in hijacked to steal 4,000 Microsoft accounts
- Interim CISA chief: ‘When the government shuts down, cyber threats do not’
- 40 state AGs warn House KOSA bill falls short of protecting children online
- Georgia healthcare company data breach impacts more than 620,000
- Crazy ransomware gang abuses employee monitoring tool in attacks
- Police arrest seller of JokerOTP MFA passcode capturing tool
- DOJ says Trenchant boss sold exploits to Russian broker capable of accessing ‘millions of computers and devices’
- Proactive strategies for cyber resilience with Wazuh
- LummaStealer infections surge after CastleLoader malware campaigns
- Report Acn sugli infostealer: ecco le raccomandazioni contro il vettore fantasma dei cyber attacchi
- Evoluzione delle campagne malevole in Italia: i numeri nel 2025
- Kimwolf Botnet Swamps Anonymity Network I2P
- Moscow moves to throttle Telegram as Kremlin pushes its own messaging app
- Breaking Down ZeroDayRAT - New Spyware Targeting Android and iOS
- N-Day Vulnerability Trends: The Shrinking Window of Exposure and the Rise of “Turn-Key” Exploitation
- Cyber security, l’abbondanza di formazione online fa cadere ogni alibi
- Il GDPR davanti ai giudici: cosa cambia dopo la sentenza della CGUE su WhatsApp
- Lummastealer risorge dalle ceneri: ancora una volta lo stop è momentaneo
- The game is over: when “free” comes at too high a price. What we know about RenEngine
- When Paychecks Become the Prize: A Deeper Look at the Rise of Direct…
- The US False Claims Act Becomes a Cybersecurity Enforcement Engine
- A “Safe Browsing Blocker” in a Phishing Kit: Technical Analysis and Why It Fails
- SMS & OTP Bombing Campaigns: Evolving API Abuse Targeting Multiple Regions
- BforeAI Named by Gartner® for Predictive Threat Intelligence Use Cases in Preemptive Cyber Defense
- Spam and phishing in 2025
- Manualetto di sicurezza digitale per giornalisti e attivisti
- 12 Lakh SIM Cards Cancelled, over 3 Lakh IMEI Numbers Blocked as Centre Intensifies Crackdown on Cybercrime
- India Rolls Out AI-on-Wheels to Bridge the Digital Divide
- How to Install OpenClaw on an Android Phone and Control It via WhatsApp
- Emerging Ransomware BQTLock & GREENBLOOD Disrupt Businesses in Minutes
- Come proteggere i dati biometrici
- Romance, Fake Platforms, $73M Lost: Crypto Scam Leader Gets 20 Years
- Microsoft Patch Tuesday February Update Flags Exchange and Azure Vulnerabilities as High-Priority Risks
- Microsoft releases Windows 11 26H1 for select and upcoming CPUs
- Microsoft Patch Tuesday for February 2026 — Snort rules and prominent vulnerabilities
- New threat actor, UAT-9921, leverages VoidLink framework in campaigns
- Securityinfo.it
- Lenny Zeltser
- Schneier on Security
- Future of Tech and Security: Strategy & Innovation with Raffy
- Dark Space Blogspot
- 赛博昆仑CERT
- SANS Internet Storm Center, InfoCON: green
- Instapaper: Unread
- The Hacker News
- First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials
- APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities
- Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms
- Exposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud Environments
- Microsoft Patches 59 Vulnerabilities Including Six Actively Exploited Zero-Days
- SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits
- North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations
- The Register - Security
- Devilish devs spawn 287 Chrome extensions to flog your browser history to data brokers
- Posting AI-generated caricatures on social media is risky, infosec killjoys warn
- Were telcos tipped off to that ancient Telnet bug? Cyber pros say the signs stack up
- Payroll pirates are conning help desks to steal workers' identities and redirect paychecks
- Notepad's new Markdown powers served with a side of remote code execution
- Legacy systems blamed as ministers promise no repeat of Afghan breach
- TorrentFreak
- Deeplinks
- Krebs on Security
- Daniel Miessler
- Security Affairs
- Volvo Group hit in massive Conduent data breach
- Reynolds ransomware uses BYOVD to disable security before encryption
- SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning
- U.S. CISA adds Microsoft Office and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog
- Security Weekly Podcast Network (Audio)