# 每日安全资讯(2026-07-10) - SecWiki News - [ ] [SecWiki News 2026-07-09 Review](http://www.sec-wiki.com/?2026-07-09) - Doonsec's feed - [ ] [【高危漏洞预警】GhostLock (CVE-2026-43499):Linux内核15年栈UAF漏洞,本地提权与容器逃逸风险通告](https://mp.weixin.qq.com/s/G_RQRM_k_MfkyOzHQW0eTQ) - [ ] [链上 AI 情报官 TrackAgent 正式接入 SlowMist 丢币公益评估](https://mp.weixin.qq.com/s/QHQd_oerS8Y5Pyqz9OSCeA) - [ ] [慢雾招募令 | AML 产品 GTM 市场负责人](https://mp.weixin.qq.com/s/qe08V3uUas_rtb_ypNmSiQ) - [ ] [数据泄露情报2026.7.9 - 800万gravatar数据被爬取,FBI档案新旧掺杂](https://mp.weixin.qq.com/s/HjS8jCp-Nf2sYD1GTbhVvg) - [ ] [【资料】运营超过500 个独立的信号情报平台的美国国家安全局(NSA)的组织架构及分支机构](https://mp.weixin.qq.com/s/F9oW8u-06_IhEaCaf33Kjg) - [ ] [微信小程序自动化反编译工具:e0e1-wx-gui](https://mp.weixin.qq.com/s/2ygMDQjc83QZsJZ-47JDOw) - [ ] [网络安全合规领域的“天眼查”,它来了!](https://mp.weixin.qq.com/s/as-1dmmgu44v4y02hR1OJQ) - [ ] [半价cursor会员](https://mp.weixin.qq.com/s/tOJDdq5Zf3vViDBefB6GHg) - [ ] [2026平航杯 手机取证题解析](https://mp.weixin.qq.com/s/FWkesuxTpUkDIXLhERfevw) - [ ] [零日漏洞引爆电信运营商千万级数据泄露事件](https://mp.weixin.qq.com/s/7qFQN--jUsZzd8vQswXS0g) - [ ] [【$7,000】HackerOne 平台最新高危漏洞披露](https://mp.weixin.qq.com/s/mT2eOMJYfkcpviZmNbK4sA) - [ ] [为什么厉害的红队er都有自己的“小圈子”?](https://mp.weixin.qq.com/s/K8GsDq5obcXGiu43EkW_VQ) - [ ] [一句话套走你的快递:某电商AI助手提示注入漏洞全复盘,我把别人的订单看了个遍](https://mp.weixin.qq.com/s/ZW1T-3HlEcXjC-nU-ionNw) - [ ] [银狐病毒应急响应方案](https://mp.weixin.qq.com/s/NC0noq9THGT1Aje1ykdeuw) - [ ] [G.O.S.S.I.P 阅读推荐 2026-07-09 MirrorShield](https://mp.weixin.qq.com/s/RnLS_DwWQPUuY5TTK-gGFA) - [ ] [从上海低价等保引发的行业担忧](https://mp.weixin.qq.com/s/oZG0nHFkk1pty2JtxvEp2w) - [ ] [Wireshark抓包解析:TCP三次握手](https://mp.weixin.qq.com/s/6GlktOwz2n5nHKpc2t8t6g) - [ ] [覆盖三大系统,90+危险后缀:一份可直接套用的邮件网关拦截清单](https://mp.weixin.qq.com/s/ML-7TL4CdvN8DADp2BcxBQ) - [ ] [腾讯WorkBuddy等Agent产品通过信通院首批智能体治理评估](https://mp.weixin.qq.com/s/guy3XfCE4HKpXtDUuOyJbw) - [ ] [AI干不了的3件事,Windows自己就能搞定](https://mp.weixin.qq.com/s/DRDs9ItoC_jItsHqs48rYg) - [ ] [好的](https://mp.weixin.qq.com/s/jCsz3p_OkJeT3gYCvp9x_A) - [ ] [商品页,不该只有功能介绍](https://mp.weixin.qq.com/s/UbUyRYgHhVw2hX7LHL65PQ) - [ ] [头部网安公司已经不讲高增长了:股权激励计划里的 5% 增长预期](https://mp.weixin.qq.com/s/5YvOxVq0qJefVJ5Ra0lKnA) - [ ] [习近平出席国家科学技术奖励大会两院院士大会中国科协第十一次全国代表大会并发表重要讲话](https://mp.weixin.qq.com/s/fnyCiQeHUIShy_mZwwjXfg) - [ ] [hvv 2026 - 今年攻防演练的新变量:WAF 看不见,后端却执行了](https://mp.weixin.qq.com/s/c5GQePJVfgBZ8OVP9mPTeg) - [ ] [正式开源!美团 LongCat-2.0 同步开放国产卡推理代码](https://mp.weixin.qq.com/s/iCq4jVlTdKOt74zAMYIIdw) - [ ] [直播回放·含 ACL\'26 杰出论文 | 美团 AI 顶会论文 32 篇精讲](https://mp.weixin.qq.com/s/cl6RA755nWKtmGtRv983kA) - [ ] [HalluSquatting攻击使黑客能够将AI编码助手变成僵尸网络安装程序](https://mp.weixin.qq.com/s/LGAw7X4HwnKtXz3JndVYkA) - [ ] [EN 18223 深度解读——如何让不同系统“读懂”同一份产品数字护照](https://mp.weixin.qq.com/s/beq0dSnp3VgWcz8TPMUr4Q) - [ ] [大圆实测 : 你真的需要一个长在企业微信中的AI](https://mp.weixin.qq.com/s/rP23Vjdk33GloywgTuYRMg) - [ ] [GitHub Copilot IDE 编码代理易受工作流级越狱攻击](https://mp.weixin.qq.com/s/yCXIa9DLooUskZ5ooke1rA) - [ ] [欧盟发布《网络安全与人工智能行动计划》](https://mp.weixin.qq.com/s/ofJ30T3y5RDrjvK09QbS0A) - [ ] [速查!72款移动应用违法违规收集使用个人信息](https://mp.weixin.qq.com/s/NYbKCzLSJrFSEljPLegkNQ) - [ ] [AI安全 | AI黑客都上桌了,你的防火墙准备好了吗?](https://mp.weixin.qq.com/s/MDUMceC6juXAivw7pmFnBA) - [ ] [npm 和 PyPI 恶意软件活动通过虚假支付 SDK 窃取 CI/CD 机密信息](https://mp.weixin.qq.com/s/Vf6wY5_kmdPXWUZVptUASg) - [ ] [AI 编程助手中发现了一个名为“GhostApproval”的新漏洞](https://mp.weixin.qq.com/s/kU75b2VwHaGfvSmizljhvw) - [ ] [1.5天完成2个月工作!这家银行彻底AI改造](https://mp.weixin.qq.com/s/xWLkvaazfooPEb2qIytVXQ) - [ ] [AI快讯:淘天AIGX体系再升级,智谱完成约314亿港元配售聚焦模型研发](https://mp.weixin.qq.com/s/QT8afdQD0fLUS_tsAx4Ysw) - [ ] [【安全圈】Google Dialogflow CX 漏洞可让攻击者劫持 AI 对话](https://mp.weixin.qq.com/s/H7El9UmBDr_QPgalT95Ukg) - [ ] [【安全圈】严重漏洞暴露 GitHub Agentic Workflows 面临提示注入风险](https://mp.weixin.qq.com/s/Qfhjhk-0i_1382cI--Fqwg) - [ ] [【安全圈】皇家山大学确认遭入侵,黑客声称对攻击负责](https://mp.weixin.qq.com/s/Db8Npg8iJPS0icP9rjq6mw) - [ ] [直播回顾 | 给AI安全框一个ISO 42001体系](https://mp.weixin.qq.com/s/eJaAWb5Ym2uQuaHq15upyA) - [ ] [安言咨询 |《网络数据安全风险评估报告》填写指南](https://mp.weixin.qq.com/s/gNYWYWXc5pcoNYfqjKvrWg) - [ ] [报名启动 | AI安全治理与智能体防护实践专场培训](https://mp.weixin.qq.com/s/n07KQEnDQw0ajtgQw9xkig) - [ ] [响应《人工智能时代内部审计行动共识》,这门AI审计课,让“人机协同”落了地](https://mp.weixin.qq.com/s/LpLcs2O3sZuvQCHY5Vjhwg) - [ ] [首个一键式Android 17漏洞利用链可使攻击者完全控制手机](https://mp.weixin.qq.com/s/f42pOrBBl7Ft8zmjw-OkZw) - [ ] [Claude等AI工具触发安全警报,凭据访问行为与黑客攻击高度相似](https://mp.weixin.qq.com/s/qq_lHOL5tmdVeT7IFKQQVw) - [ ] [AI双Agent攻击:利用Claude桌面版在目标机器上执行远程代码](https://mp.weixin.qq.com/s/9eoon5kEJF7Hp1EDs3Ehuw) - [ ] [SharePoint远程代码执行漏洞PoC及技术细节公开](https://mp.weixin.qq.com/s/0W37yYHwlsnqdeK3OD85KA) - [ ] [共解出18题,第五届\"钓鱼城杯\"网络安全大赛 Writeup 来了!](https://mp.weixin.qq.com/s/8OmAy_OZoBNnUnr52OFSBw) - [ ] [想靠挖漏洞赚赏金?别只会机械跑工具了!掌握这5大核心技术,进阶SRC实战](https://mp.weixin.qq.com/s/RH2n5i8uP_lh0JmPjKnD8A) - [ ] [1100 万份详细的美国原始简历(跨越 20 多年,总计 1TB)!](https://mp.weixin.qq.com/s/JdCWcTfArSvmQxsdMzq0RA) - [ ] [源码交付!全域感知,一网统飞,无人机 AI 巡检平台,适配大疆、极飞、普宙、纵横,引爆万亿低空经济市场](https://mp.weixin.qq.com/s/S-dRbZEb54SA-fAJtMcD5g) - [ ] [0184.并非真正的 403 错误:我如何最终访问了 10 万 Azure AD 用户:我的微软研究院故事](https://mp.weixin.qq.com/s/IKG0_5Vg09puHS1z1gBq1g) - [ ] [专题·原创 | 国家工业信息安全发展研究中心总工程师张格:人工智能时代软件供应链安全风险分析与治理对策](https://mp.weixin.qq.com/s/ne6SXUvwj6IoEFwZC93Dxg) - [ ] [公安部:深化网络空间安全综合治理 服务保障经济社会高质量发展](https://mp.weixin.qq.com/s/o0QGrF-NA1n21kmzpnWXHg) - [ ] [通知 | 国家文物局印发《国有文物资源数据管理办法》(附全文)](https://mp.weixin.qq.com/s/Iaq_Ws7YULuUO8v2ja4YPQ) - [ ] [聚焦 | 2026(第二十五届)中国互联网大会在京开幕](https://mp.weixin.qq.com/s/-hbnhhW9w8koUGJGo-MlxA) - [ ] [快自查!这72款移动应用违法违规收集使用个人信息](https://mp.weixin.qq.com/s/EyxEzlXbqt_r7U7937Qzcw) - [ ] [关注 | 6月全国网络举报1787.4万件](https://mp.weixin.qq.com/s/XU3HYpzwGudQjl_F9eSp_w) - [ ] [凌晨三点的警务值班室,你该不会还在……](https://mp.weixin.qq.com/s/rom3eud6GStRcB8KZdPFXQ) - [ ] [【漏洞通告】XWiki Platform Old Core 目录遍历漏洞(CVE-2026-34151)](https://mp.weixin.qq.com/s/JpLL8uahfDwGhaTDinUS7g) - [ ] [【漏洞通告】Linux Kernel GhostLock 权限提升漏洞(CVE-2026-43499)](https://mp.weixin.qq.com/s/MpebdOCePYUPgo-QBzhalA) - [ ] [网络安全信息与动态周报2026年第27期(6月29日-7月5日)](https://mp.weixin.qq.com/s/qjfI6iWPQDxVOmhvHemITQ) - [ ] [天翼安全深度参与编制的2项国家标准正式发布](https://mp.weixin.qq.com/s/4rCKSIR1ulOaAJyQtZ7G2w) - [ ] [即将截止 | 关于联合开展“大模型驱动的网络攻防课程改革”开源项目的邀请函](https://mp.weixin.qq.com/s/1om-KRqsWaJAIHQzLA6z8Q) - [ ] [人社部、国家发改委、工信部、国家数据局联合发布《关于加快推进“人工智能+人社”应用发展的实施意见》](https://mp.weixin.qq.com/s/PSjMKL0xpXYx_mKh-dvurw) - [ ] [奇安信发布AI加特林,推动渗透测试从“手工化”迈入“智能化”时代](https://mp.weixin.qq.com/s/OEqy7pILhyWEEyP47OFcCg) - [ ] [教育+AI创新成果发布:北京八中——奇安信集团青少年人工智能安全培养基地打造西城样本](https://mp.weixin.qq.com/s/UQvQcPU3KQWQPIpv0sjKvg) - [ ] [【AI安全】Llm-Vuln-Checker开源!金丝雀悄悄揪出LLM安全漏洞](https://mp.weixin.qq.com/s/pFH1fmJfTxweGR91iY3NPQ) - [ ] [赢战2026攻防 | 亚信“智能安服”重构AI时代实战防御超能力](https://mp.weixin.qq.com/s/Z1qle_i_2iE5bhHv9jY-5A) - [ ] [【已复现】用友U8cloud XChangeServlet SQL注入漏洞(QVD-2026-38848)安全风险通告](https://mp.weixin.qq.com/s/CIKNm78KOXbfkO_aXCcgIg) - [ ] [技术+法律+政策:构建模型认知偏见治理的三维防线](https://mp.weixin.qq.com/s/34FnGSnww6unmQtO4knTDQ) - [ ] [启明星辰发布天镜AI-PTS,破解漏洞验证自动化难题](https://mp.weixin.qq.com/s/Y_XDIUcv-_zYUg9udkNqkQ) - [ ] [AI赋能&&edusrc从前台到后台的简单挖掘案例分享](https://mp.weixin.qq.com/s/mAYZO1XZfft-1xyYICbGSA) - [ ] [【论文速读】| 隐蔽引爆:扫描器规避和代理技能恶意软件的动态检测](https://mp.weixin.qq.com/s/GM51DVKzWL8C9LPOOrVIEA) - [ ] [中国知识产权报报道我会知识产权相关工作成果](https://mp.weixin.qq.com/s/9JQs5R6XEFojfHX-mGoEtg) - [ ] [深化网络空间安全综合治理 服务保障经济社会高质量发展](https://mp.weixin.qq.com/s/y61gFaVrKQlW9qtluaPuIQ) - [ ] [《智能网联汽车 组合驾驶辅助系统安全要求》强制性国标发布](https://mp.weixin.qq.com/s/y-ezJd_7vnPR4wChFuo-Sg) - [ ] [会员动态 | 汽车信息化实训+就业专场讲座,金信润天为湖北汽车工业学院智能网联汽车学院学子双向赋能](https://mp.weixin.qq.com/s/yf9yc1C1R1tOllVwQKxQ-g) - [ ] [大模型平台集体关停自建智能体,360发布首份企业智能体安全运营指南](https://mp.weixin.qq.com/s/wab0zoc-uWm4gMakEFE7uQ) - [ ] [一行代码敲出“铁窗泪”?学网络安全千万别碰的3条红线,碰了毁一生!](https://mp.weixin.qq.com/s/2eraf-Ae7aqTR0-QccB87w) - [ ] [AI黑客以机器速度攻破防线,企业该如何重构网络安全预算?](https://mp.weixin.qq.com/s/jYlNlcthEWC3zpjkXHxabQ) - [ ] [行业认可 | 绿盟科技AI服务成果入选“CCIA网络安全新技术新产品新服务(第二批)”](https://mp.weixin.qq.com/s/siLACeOW82Ho2cVi78NNcg) - [ ] [安恒招聘 | 众多研发岗位招聘中!](https://mp.weixin.qq.com/s/_pfebdZnEYbNWtfUmzbmFQ) - [ ] [学员奖金全部到位!这波实战效果太强了](https://mp.weixin.qq.com/s/CJW_Bqr8AKDMTWdpGIf9DA) - [ ] [【免费领】HW护网行动经典面试题总结(含答案)](https://mp.weixin.qq.com/s/bRPLBUTJW5GWKDpV_qI63A) - [ ] [谁在装成“司令部工作汇报”,潜入印度军方电脑?](https://mp.weixin.qq.com/s/0xVt4GaRho7NcwuIgFNhug) - Private Feed for M09Ic - [ ] [bolucat released 202607092154 at bolucat/Archive](https://github.com/bolucat/Archive/releases/tag/202607092154) - [ ] [esrrhs contributed to esrrhs/fakelua](https://github.com/esrrhs/fakelua/pull/233) - [ ] [liamg contributed to infracost/go-proto](https://github.com/infracost/go-proto/pull/79) - [ ] [mgeeky starred secdev02/MSBuild-Monsters](https://github.com/secdev02/MSBuild-Monsters) - [ ] [liamg contributed to liamg/grabber](https://github.com/liamg/grabber/pull/27) - [ ] [FunnyWolf starred ermaozi/get_subscribe](https://github.com/ermaozi/get_subscribe) - [ ] [niudaii starred chAng-L19/codex-redteam-mode](https://github.com/chAng-L19/codex-redteam-mode) - [ ] [shmilylty starred ermaozi/get_subscribe](https://github.com/ermaozi/get_subscribe) - [ ] [pydantic released 0.0.19-beta.2 at pydantic/monty](https://github.com/pydantic/monty/releases/tag/0.0.19-beta.2) - [ ] [niudaii starred 0Chencc/clawgod](https://github.com/0Chencc/clawgod) - [ ] [gh0stkey starred pola-rs/polars](https://github.com/pola-rs/polars) - [ ] [LoRexxar contributed to LoRexxar/Lphply](https://github.com/LoRexxar/Lphply/pull/2) - [ ] [wh0amitz starred ssrsec/webstrike](https://github.com/ssrsec/webstrike) - [ ] [pydantic released v2.7.0 at pydantic/pydantic-ai](https://github.com/pydantic/pydantic-ai/releases/tag/v2.7.0) - [ ] [gh0stkey starred VectorCamp/vectorscan](https://github.com/VectorCamp/vectorscan) - [ ] [RuoJi6 released fork-v0.5.51-audit.1 at RuoJi6/dbx-audit](https://github.com/RuoJi6/dbx-audit/releases/tag/fork-v0.5.51-audit.1) - Microsoft Security Blog - [ ] [GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware](https://www.microsoft.com/en-us/security/blog/2026/07/09/gigawiper-anatomy-of-a-destructive-backdoor-assembled-from-multiple-malware/) - Der Flounder - [ ] [Slides from the “FileVault 101” session at Penn State MacAdmins 2026](https://derflounder.wordpress.com/2026/07/09/slides-from-the-filevault-101-session-at-penn-state-macadmins-2026/) - Recent Commits to cve:main - [ ] [Update Thu Jul 9 11:55:31 UTC 2026](https://github.com/trickest/cve/commit/1aa5e15658af22c72959d35f7dca14db7fe017b7) - GuidePoint Security - [ ] [Ransomware Insights from Q2 2026: More Threat Groups. More Victims. More Sophisticated Operations.](https://www.guidepointsecurity.com/blog/ransomware-insights-q2-2026/) - Toooold - [ ] [The Model Chooses a Future Before It Says a Token](https://toooold.com/2026/07/09/icml_recap.html) - VMRay - [ ] [June 2026 Detection Highlights: AdaptixC2 Config Extractor, 5 new VTIs, and 30+ New YARA Rules](https://www.vmray.com/june-2026-detection-highlights-adaptixc2-config-extractor-5-new-vtis-and-30-new-yara-rules/) - Malwarebytes - [ ] [How World Cup crypto prediction sites take your money](https://www.malwarebytes.com/blog/threat-intel/2026/07/how-world-cup-crypto-prediction-sites-take-your-money) - [ ] [6.9 million driver’s license numbers stolen from AssuranceAmerica](https://www.malwarebytes.com/blog/data-breaches/2026/07/6-9-million-drivers-license-numbers-stolen-from-assuranceamerica) - [ ] [Microsoft fixes RoguePlanet zero-day in Defender](https://www.malwarebytes.com/blog/news/2026/07/microsoft-fixes-rogueplanet-zero-day-in-defender) - [ ] [Turn off this Meta setting before someone generates AI images of you](https://www.malwarebytes.com/blog/ai/2026/07/turn-off-this-meta-setting-before-someone-generates-ai-images-of-you) - PortSwigger Blog - [ ] [Heading to Vegas? Meet PortSwigger at Black Hat, BSides, and DEF CON 34.](https://portswigger.net/blog/heading-to-vegas-meet-portswigger-at-black-hat-bsides-and-def-con-34) - Hacking Dream - [ ] [Advanced SQL Injection Cheatsheet : Payloads & RCE](https://www.hackingdream.net/2026/07/advanced-sql-injection-database-attacks-cheatsheet.html) - [ ] [Advanced Web Application Attacks Cheatsheet](https://www.hackingdream.net/2026/07/advanced-web-application-attacks-cheatsheet.html) - HackerNews - [ ] [Google Dialogflow CX 漏洞可让攻击者劫持 AI 对话](http://0.0.0.0:8080/post/64446) - [ ] [严重漏洞暴露 GitHub Agentic Workflows 面临提示注入风险](http://0.0.0.0:8080/post/64445) - [ ] [皇家山大学确认遭入侵,黑客声称对攻击负责](http://0.0.0.0:8080/post/64444) - [ ] [电信巨头 KDDI 称数据泄露影响超过 1200 万人](http://0.0.0.0:8080/post/64443) - [ ] [AI 编码助手触发端点安全规则,被误判为攻击行为](http://0.0.0.0:8080/post/64442) - 奇客Solidot–传递最新科技情报 - [ ] [父母的手机上瘾影响与子女的关系](https://www.solidot.org/story?sid=84795) - [ ] [继父用 11 岁继女的照片生成数千张 CSAM 图像](https://www.solidot.org/story?sid=84794) - [ ] [中国使用无人机救助被洪灾困住的灾民](https://www.solidot.org/story?sid=84793) - [ ] [美国部分地区居民多达三成对红肉过敏](https://www.solidot.org/story?sid=84792) - [ ] [Euclid 望远镜发现已知最遥远的类星体](https://www.solidot.org/story?sid=84791) - [ ] [2026 年二季度 PC 出货量下滑 5%](https://www.solidot.org/story?sid=84790) - [ ] [OpenMandriva 项目发生破坏事件](https://www.solidot.org/story?sid=84789) - [ ] [Cinnamon 下个版本将支持 Wayland](https://www.solidot.org/story?sid=84788) - 绿盟科技技术博客 - [ ] [行业认可 | 绿盟科技AI服务成果入选“CCIA网络安全新技术新产品新服务(第二批)”](https://blog.nsfocus.net/%e8%a1%8c%e4%b8%9a%e8%ae%a4%e5%8f%af-%e7%bb%bf%e7%9b%9f%e7%a7%91%e6%8a%80ai%e6%9c%8d%e5%8a%a1%e6%88%90%e6%9e%9c%e5%85%a5%e9%80%89ccia%e7%bd%91%e7%bb%9c%e5%ae%89%e5%85%a8%e6%96%b0%e6%8a%80/) - 黑鸟 - [ ] [安卓17 IonStack全链路0day漏洞利用链](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451187608&idx=1&sn=d0397197cbc8664d3cdba598ba15c196) - 安全内参 - [ ] [IT咨询巨头埃森哲35GB机密数据疑泄露:涉源代码、密钥、访问凭证等](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247516244&idx=1&sn=7d6c39a33e787ae14b5757237538b5a7) - [ ] [英国拟打造AI驱动的“网络盾牌”以强化国家级网络防御](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247516244&idx=2&sn=edc25abc6c13d5690ef05136a15c0bfd) - 代码卫士 - [ ] [GhostLock:已存在15年的内核 UAF 漏洞,影响 Linux 所有发行版](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247526586&idx=1&sn=19edacadf8bc184c678b7e5c5ce9ac6b) - [ ] [优倍快:注意这个CVSS满分的 UniFi OS 漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247526586&idx=2&sn=3757390c1aa4853a8fbc99be4bb1c55b) - 威努特安全网络 - [ ] [筑牢政务数据安全底座:威努特数据备份与恢复系统,守护数字政府生命线。](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651142927&idx=1&sn=de433a5beec67bdd1c8d32b1d9ce5bb3) - [ ] [WinClaw新版本即将发布 10000个超级VIP限时开抢!](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651142927&idx=2&sn=b13db1f0b786595b4e7875d211f340a4) - 安全客 - [ ] [630GB机密挂上暗网:苹果二十年供应链铁幕一夜崩塌](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649790201&idx=1&sn=1f1b91e06b9ef03a243dbee709b9a5c1) - 我的安全视界观 - [ ] [【AI复盘】AI资产首次成为勒索组织攻击目标](https://mp.weixin.qq.com/s?__biz=MzI3Njk2OTIzOQ==&mid=2247487791&idx=1&sn=41558c359ae7d0e2aefe012f2d408fa6) - 安全学术圈 - [ ] [即将截止 | 关于联合开展“大模型驱动的网络攻防课程改革”开源项目的邀请函](https://mp.weixin.qq.com/s?__biz=MzU5MTM5MTQ2MA==&mid=2247495621&idx=1&sn=458079db7307e5459be7de750a54d45b) - XCTF联赛 - [ ] [「霄元杯」星域安全之战,等你入局!](https://mp.weixin.qq.com/s?__biz=MjM5NDU3MjExNw==&mid=2247516579&idx=1&sn=a4010d9b6f13e49b4c0a7208fd90d000) - 安全研究GoSSIP - [ ] [G.O.S.S.I.P 阅读推荐 2026-07-09 MirrorShield](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247501856&idx=1&sn=766f99c8e7752e194abed727809fcca7) - 天黑说嘿话 - [ ] [本周漏洞速递|13个高危漏洞预警+漏洞复现](https://mp.weixin.qq.com/s?__biz=MzI5NTQ5MTAzMA==&mid=2247486213&idx=1&sn=5ebbcaa6debb1eb23b13260f2489eb62) - 微步在线 - [ ] [网商银行:AI Agent重构威胁运营,打造数字银行智能安全体系](https://mp.weixin.qq.com/s?__biz=MzI5NjA0NjI5MQ==&mid=2650187038&idx=1&sn=0fcbb8fc7964063a08e58aa936d9d56d) - 中国信息安全 - [ ] [专题·原创 | 国家工业信息安全发展研究中心总工程师张格:人工智能时代软件供应链安全风险分析与治理对策](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664264470&idx=1&sn=2ee8bb85031c546b6a1b7b80fcc38378) - [ ] [公安部:深化网络空间安全综合治理 服务保障经济社会高质量发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664264470&idx=2&sn=68d3a6b8dab2757b4ab178558f7c8af5) - [ ] [通知 | 国家文物局印发《国有文物资源数据管理办法》(附全文)](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664264470&idx=3&sn=62c867d5709799b8398a4d207eb66d49) - [ ] [聚焦 | 2026(第二十五届)中国互联网大会在京开幕](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664264470&idx=4&sn=f6876f60e7534e04a914fb0b6fbe42dc) - [ ] [快自查!这72款移动应用违法违规收集使用个人信息](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664264470&idx=5&sn=d94ec2b7e5e3577ba1c5d06243b1dd8c) - [ ] [关注 | 6月全国网络举报1787.4万件](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664264470&idx=6&sn=db91725a2fde737168a964613c069c57) - 奇安信 CERT - [ ] [【已复现】用友U8cloud XChangeServlet SQL注入漏洞(QVD-2026-38848)安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247506571&idx=1&sn=c291af83bbb50b32b4cefb969edf12c5) - 数世咨询 - [ ] [CoT(思维链)伪造攻击让大模型说出可卡因配方](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247543471&idx=1&sn=fcf842baddfd8c4611d8a06f1552a806) - 长亭科技 - [ ] [再次登顶!长亭雷池 WAF 软硬件市场总营收规模国内安全厂商第一](https://mp.weixin.qq.com/s?__biz=MzIwNDA2NDk5OQ==&mid=2651390556&idx=1&sn=20f561b00599c4b6004cc0e762e35eb0) - 极客公园 - [ ] [原力灵机发布具身 MaaS、OS,破解模型规模化进入场景](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653110141&idx=1&sn=24dac72d9e86d5d4d9f1b525723a9f02) - [ ] [不登顶,只刷新:大疆珠峰十七年](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653110058&idx=1&sn=0f0057efda9f58a65fbff62183edbaa9) - [ ] [OpenAI 发布新语音模型 GPT-Live;粉笔张小龙辞任董事长、CEO;《恋与深空》致歉并宣布退出 BW 展会 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653110045&idx=1&sn=82b3c445871262b4442fbb930f2445d0) - 漏洞战争 - [ ] [AI时代下对安全攻防演进的思考(上篇)](https://mp.weixin.qq.com/s?__biz=MzU0MzgzNTU0Mw==&mid=2247486092&idx=1&sn=f2966b6cadd0258e85b69ffe06c7dee8) - [ ] [AI时代下对安全攻防演进的思考(中篇)](https://mp.weixin.qq.com/s?__biz=MzU0MzgzNTU0Mw==&mid=2247486092&idx=2&sn=c494c0340d1a05ef458bec7584c994bf) - [ ] [AI时代下对安全攻防演进的思考(下篇)](https://mp.weixin.qq.com/s?__biz=MzU0MzgzNTU0Mw==&mid=2247486092&idx=3&sn=1fdedc10e9db976f0d01304dd4490da7) - 网络空间安全科学学报 - [ ] [2026年 第4卷 第3期](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247507887&idx=1&sn=baa18db40841dbb7c849cbc17315b4f8) - [ ] [【会议通知】第二届系统工程与电子技术大会](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247507887&idx=2&sn=c0b0fec026db54c12365e73bb2d1b2a7) - 补天平台 - [ ] [秋启蓉城,技燃川蜀丨 补天沙龙成都站议题征集启动](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247510852&idx=1&sn=c0b53062e976f82d5a382fcf58365d50) - 字节跳动技术团队 - [ ] [Mythos 对企业安全架构影响的思考](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247520712&idx=1&sn=9797b24f86ed53691b75dd9968918496) - 复旦白泽战队 - [ ] [追了一年 AI 安全动态, 我们决定把它们做成一套情报系统](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247499141&idx=1&sn=6d98c706934d800ca6636b5fa65f10c5) - 京东安全应急响应中心 - [ ] [号角吹响!2026京麒CTF决赛战队集结完毕,谁能问鼎巅峰?](https://mp.weixin.qq.com/s?__biz=MjM5OTk2MTMxOQ==&mid=2727851000&idx=1&sn=33a1ec4eacf34e973ad1944aa1e1b7b9) - 深信服千里目安全技术中心 - [ ] [【漏洞通告】XWiki Platform Old Core 目录遍历漏洞(CVE-2026-34151)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247526036&idx=1&sn=b6c55cfbcccaf3a13fe0dddbfabab1cb) - [ ] [【漏洞通告】Linux Kernel GhostLock 权限提升漏洞(CVE-2026-43499)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247526036&idx=2&sn=2a1b3160d6537cece6ed63bf95562c47) - [ ] [网络安全信息与动态周报2026年第27期(6月29日-7月5日)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247526036&idx=3&sn=cbae3904b7baf5f0f76154973b673724) - 安全行者老霍 - [ ] [暴露面不等于防御:安全团队为何必须从风险识别转向攻击阻断](https://mp.weixin.qq.com/s?__biz=Mzg3NjU4MDI4NQ==&mid=2247486831&idx=1&sn=329aaa0bd191595fbcd13fd562fa9ae0) - 天融信阿尔法实验室 - [ ] [【风险提示】天融信关于防范AI编程工具Claude Code安全后门隐患的风险提示](https://mp.weixin.qq.com/s?__biz=Mzg3MDAzMDQxNw==&mid=2247496951&idx=1&sn=20eb03bc0168453f0541829356828612) - 美团技术团队 - [ ] [正式开源!美团 LongCat-2.0 同步开放国产卡推理代码](https://mp.weixin.qq.com/s?__biz=MjM5NjQ5MTI5OA==&mid=2651783022&idx=1&sn=9c28dd11a4d95d5eebbb097e0a1aace0) - [ ] [直播回放·含 ACL'26 杰出论文 | 美团 AI 顶会论文 32 篇精讲](https://mp.weixin.qq.com/s?__biz=MjM5NjQ5MTI5OA==&mid=2651783022&idx=2&sn=70a24a57f04f2b5246afba77d455df8e) - 表图 - [ ] [头部网安公司已经不讲高增长了:股权激励计划里的 5% 增长预期](https://mp.weixin.qq.com/s?__biz=MzUzOTI4NDQ3NA==&mid=2247485089&idx=1&sn=17cb9b1d8461f1808d582df78acf12dc) - 情报分析师 - [ ] [气球在平流层里看着你,美国如何用一只"球"锁定德黑兰与我们](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650568558&idx=1&sn=f4961bc2c1aba5df4f9c4aa4b29e9ff0) - [ ] [【深度研判】日本通过立法集中情报资源应对我出口限制与网络威胁,警惕我周边情报环境恶化](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650568558&idx=2&sn=1c21f28a0114d60665f97a65e102d95a) - TrustedSec - [ ] [Vulnify: Giving Your Agents a CVE Brain](https://trustedsec.com/blog/vulnify-giving-your-agents-a-cve-brain) - Qualys Security Blog - [ ] [How to Meet a 3-Day Remediation SLA & Comply with CISA BOD 26-04](https://blog.qualys.com/category/qualys-insights) - 青藤智库 - [ ] [给CIO的Agentic AI落地路线图](https://mp.weixin.qq.com/s?__biz=MzUyOTkwNTQ5Mg==&mid=2247489480&idx=1&sn=54615d32a694f04cb937a136129c6937) - 安全419 - [ ] [安全419|一周国际网安资讯:AI平台漏洞集中爆发 勒索软件向内核演进](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247553966&idx=1&sn=413030cb70038a4d60cca431a407d085) - [ ] [从语意转化到AI推理 烽台科技智能数据网关助力工业互联网实现数据智能闭环](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247553966&idx=2&sn=5c2b7f8c1ad9f6dc4707475ef8891a5f) - D3Lab - [ ] [Fake Banking Rewards, Telegram Delivery and Albiriox: Anatomy of an Android Malware Campaign](https://www.d3lab.net/fake-banking-rewards-telegram-delivery-and-albiriox-anatomy-of-an-android-malware-campaign/) - 悬镜安全 - [ ] [AI原生安全标杆|数说安全发布《2026AI 安全产业报告》,悬镜安全入选代表厂商!](https://mp.weixin.qq.com/s?__biz=MzA3NzE2ODk1Mg==&mid=2647799968&idx=1&sn=546ed97800c1bea0fe60d85d634b9006) - Schneier on Security - [ ] [The Language of AI Could Change How Humans Speak](https://www.schneier.com/blog/archives/2026/07/the-language-of-ai-could-change-how-humans-speak.html) - 看雪学苑 - [ ] [获取SYS加载方源头进程的方案-基于ETW技术](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458617429&idx=1&sn=578c7e0dcc4f440035ea6e8770b8d22a) - [ ] [安全审计反中招!Claude/GPT-5.5 AI代理遭供应链注入](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458617429&idx=2&sn=3e3854e481dc46bdeee63e1bad144fbf) - [ ] [非虫出品!体系化打通:安卓软件开发与安全逆向全链路能力](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458617429&idx=3&sn=6d793dd350f3f04bb713f12cb4d34017) - SANS Internet Storm Center, InfoCON: green - [ ] [ISC Stormcast For Thursday, July 9th, 2026 https://isc.sans.edu/podcastdetail/10000, (Thu, Jul 9th)](https://isc.sans.edu/diary/rss/33140) - [ ] [_HELP_ME_ESCAPE_FROM_BELARUS_PLEASE_ [Guest Diary], (Tue, Jul 7th)](https://isc.sans.edu/diary/rss/33130) - ICT Security Magazine - [ ] [Attacco ransomware ASL 1 Abruzzo e violazione dati: analisi GDPR e gestione del rischio informatico](https://www.ictsecuritymagazine.com/articoli/attacco-ransomware-asl-1-abruzzo/) - [ ] [STIX e TAXII: il linguaggio e il trasporto della threat intelligence](https://www.ictsecuritymagazine.com/cyber-security/stix-e-taxii/) - Instapaper: Unread - [ ] [Going beneath NTFS — USN Journal, dfir_ntfs, and artefact-driven investigations](https://andreafortuna.org/2026/07/06/ntfs-forensics-deep-dive/) - [ ] [Exploratores, la mia cassetta degli attrezzi OSINT](https://osintops.com/exploratores-toolkit-osint/) - [ ] [Mastering the NTFS $DATA Attribute From Resident Data to Complex Runlists and ADS in Digital Investigations](https://digitalinvestigator.blogspot.com/2026/07/mastering-ntfs-data-attribute-from.html) - [ ] [Comprehensive Waze Forensic Parsing for Android](https://djangofaiola.blogspot.com/2026/07/comprehensive-waze-forensic-parsing-for.html) - [ ] [How to Buy a Reliable SSD, Continued](https://blog.elcomsoft.com/2026/07/how-to-buy-a-reliable-ssd-continued/) - Deeplinks - [ ] ["We Want Texans to Know Their Rights": Q&A with Mayday Health on the Impact of Surveillance on Abortion Care](https://www.eff.org/deeplinks/2026/07/we-want-texans-know-their-rights-qa-mayday-health-impact-surveillance-abortion) - [ ] [The House Passed The KIDS Act—The Senate Should Reject It](https://www.eff.org/deeplinks/2026/07/house-passed-kids-act-senate-should-reject-it) - [ ] [European Commission Chooses to Keep EU Users Locked Up Behind Big Tech’s Gates](https://www.eff.org/deeplinks/2026/07/european-commission-chooses-keep-eu-users-locked-behind-big-techs-gates) - [ ] [Google's New Remote Attestation Scheme is As Bad As Its Old One](https://www.eff.org/deeplinks/2026/07/googles-new-remote-attestation-scheme-every-bit-terrible-its-old-remote) - 娜璋AI安全之家 - [ ] [[AI安全论文] (50)TDSC23 T-Trace:基于多源系统日志关联的APT溯源图构建](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247503008&idx=1&sn=965d8161033a5d8ecffbcecddedb1e55) - TG Soft Software House - News - [ ] [<strong>Vir.IT eXplorer PRO</strong><strong> </strong>supera con il massimo risultato, l'ultimo <strong>test</strong> effettuato a<strong> maggio 2026</strong> da <strong>AppEsteem </strong>per i <strong>prodotti AV DeceptorFighters</strong>](http://www.tgsoft.it/italy/news_archivio.asp?id=1754) - GRAHAM CLULEY - [ ] [Invited to a “job interview” with Netflix or OpenAI? Beware! Your Google password could be at risk](https://www.bitdefender.com/en-us/blog/hotforsecurity/invited-job-interview-netflix-openai-beware-google-password) - Full Disclosure - [ ] [[REVIVE-SA-2026-003] Revive Adserver Vulnerabilities](https://seclists.org/fulldisclosure/2026/Jul/19) - TaoSecurity Blog - [ ] [I Wrote a New Book for Corelight](https://taosecurity.blogspot.com/2026/07/i-wrote-new-book-for-corelight.html) - Security Affairs - [ ] [INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million](https://securityaffairs.com/195056/security/interpol-operation-first-light-nets-5811-arrests-and-seizes-293-million.html) - [ ] [GodDamn Ransomware Uses PoisonX to Blind Security Software](https://securityaffairs.com/195042/malware/goddamn-ransomware-uses-poisonx-to-blind-security-software.html) - [ ] [AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack](https://securityaffairs.com/195027/data-breach/assuranceamerica-breach-exposes-7-million-drivers-licenses-after-employee-account-hack.html) - [ ] [Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)](https://securityaffairs.com/195016/security/microsoft-fixed-defender-flaw-rogueplanet-cve-2026-50656.html) - [ ] [Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes](https://securityaffairs.com/194990/malware/fake-vpn-and-7-zip-apps-turn-victims-into-residential-proxy-nodes.html) - www.theregister.com - Articles - [ ] [An unnamed US county – perhaps in Ohio – paid $1M extortion demand to cybercriminals](https://www.theregister.com/cyber-crime/2026/07/09/an-unnamed-us-county-perhaps-in-ohio-paid-1m-extortion-demand-to-cybercriminals/5269575) - [ ] [EU 'Chat Control' snoopfest returns after vote to kill it falls short](https://www.theregister.com/security/2026/07/09/meps-fail-to-prevent-chat-control-snoopfest-revival/5269379) - [ ] [Microsoft closes book on Nightmare Eclipse's RoguePlanet zero-day](https://www.theregister.com/security/2026/07/09/microsoft-closes-book-on-nightmare-eclipses-rogueplanet-zero-day/5269280) - [ ] [Thief posed as Wi-Fi fixing hero, then stole priceless trophy](https://www.theregister.com/security/2026/07/09/thief-posed-as-wi-fi-fixing-hero-then-stole-priceless-trophy/5268750) - The Hacker News - [ ] [Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs](https://thehackernews.com/2026/07/dormant-github-accounts-help-attackers.html) - [ ] [New GigaWiper Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware](https://thehackernews.com/2026/07/new-gigawiper-windows-backdoor-bundles.html) - [ ] [npm 12 Disables Install Scripts by Default to Reduce Supply Chain Risk](https://thehackernews.com/2026/07/npm-12-disables-install-scripts-by.html) - [ ] [ThreatsDay: Cloud Bucket Hijacking, Windows LPE Chain, Global Fraud Bust + 17 More Stories](https://thehackernews.com/2026/07/threatsday-cloud-bucket-hijacking.html) - [ ] [AI Attacks Move in Minutes. Join This Webinar on Building a Defense That Keeps Up](https://thehackernews.com/2026/07/ai-attacks-move-in-minutes-join-this.html) - [ ] [Summer of Clearinghouses](https://thehackernews.com/2026/07/summer-of-clearinghouses.html) - [ ] [GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses](https://thehackernews.com/2026/07/goddamn-ransomware-uses-poisonx-driver.html) - [ ] [Microsoft Patches RoguePlanet Defender Flaw That Can Grant SYSTEM Privileges](https://thehackernews.com/2026/07/microsoft-patches-rogueplanet-defender.html) - [ ] [Meta's New AI Image Tool Lets Others Use Your Public Instagram Photos in AI Images](https://thehackernews.com/2026/07/metas-new-ai-image-tool-lets-others-use.html) - [ ] [Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It](https://thehackernews.com/2026/07/friendly-fire-ai-agents-built-to-catch.html) - [ ] [GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents](https://thehackernews.com/2026/07/ghostapproval-symlink-flaws-could-let.html) - [ ] [Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes](https://thehackernews.com/2026/07/fake-7-zip-installers-turn-devices-into.html) - Daniel Miessler - [ ] [AGI Just Happened](https://danielmiessler.com/blog/agi-just-happened?utm_source=rss&utm_medium=feed&utm_campaign=website) - Security Weekly Podcast Network (Audio) - [ ] [AI Is Annoying & IoT Devices Still Get Hacked - PSW #934](http://sites.libsyn.com/18678/ai-is-annoying-iot-devices-still-get-hacked-psw-934)
每日安全资讯(2026-07-10)