# 每日安全资讯(2026-07-14) - SecWiki News - [ ] [SecWiki News 2026-07-13 Review](http://www.sec-wiki.com/?2026-07-13) - 先知安全技术社区 - [ ] [基于 PIC Shellcode 的白程序 Patch 免杀技术实现](https://xz.aliyun.com/news/92515) - [ ] [BroncoCTF PWN WP](https://xz.aliyun.com/news/92510) - [ ] [JDK 21 虚拟线程模型下 Web 应用会话上下文串扰漏洞的挖掘与利用](https://xz.aliyun.com/news/92509) - Doonsec's feed - [ ] [Ghostcommit:Agent正在成为供应链攻击的新入口](https://mp.weixin.qq.com/s/19P8zmfi54v6lZoF3cop_Q) - [ ] [AI私人助手会被偷偷篡改记忆:揭秘隐形内存注入攻击](https://mp.weixin.qq.com/s/m8VeRpH_QMgbfv06l6Psfw) - [ ] [银狐也想来世界杯分一杯羹?新家族开始为“菠菜”平台增设广告位!](https://mp.weixin.qq.com/s/NNJm9glOfDbTemuGJnGEzA) - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s/6Zkxsq2ilev_NXFmEFvomA) - [ ] [0186.从报告重复到高额赏金](https://mp.weixin.qq.com/s/f06l4vLdDx64F6eQVqARLg) - [ ] [[译苑雅集 Vol. 14] Anthropic 最新论文:大语言模型没说出口的内心小秘密,藏在一个叫 J 空间的地方](https://mp.weixin.qq.com/s/Fd2x3WGsjppnvvcZwjU3VA) - [ ] [MCP从0到1 -- 生产级MCP服务器搭建](https://mp.weixin.qq.com/s/7-iiRk-6jnc-0Q00NOcm9A) - [ ] [赛事推荐——宁波市第九届网络安全大赛(火热报名中)](https://mp.weixin.qq.com/s/mdF5bwbX7Rkw9hdbxyvSZQ) - [ ] [关于开展网络和数据安全赛事平台能力检测服务的通知](https://mp.weixin.qq.com/s/ZyFnn68uPUcWfYYEPFA12A) - [ ] [从500个真正跑通的项目里看见数据要素、动态数据安全项目样本|第九届西湖论剑创新实践火热征集中!](https://mp.weixin.qq.com/s/6bxlQiJ1_ttpRX3P1laKYQ) - [ ] [关于入围2026年第二届“湾区杯”青少年网络安全知识比赛决赛的通知](https://mp.weixin.qq.com/s/gtrcP2BKVG9X6LYDGtKP1Q) - [ ] [2026年第二届湾区杯网络安全大赛青少年网络安全知识比赛奖项设置及奖励方法](https://mp.weixin.qq.com/s/96okAhyoZmOu5pmdGuf2nw) - [ ] [第十九届全国大学生信息安全竞赛(作品赛)暨第三届“长城杯”网数智安全大赛(作品赛)初赛团队名单公示](https://mp.weixin.qq.com/s/-flqryDOfGl6RWUumRrMKg) - [ ] [169所高校同场竞技!第十届“御网杯”网络安全大赛火热开场](https://mp.weixin.qq.com/s/ASBTWF3kNm76hRxFIjOAHA) - [ ] [公告丨2026雄安网络安全技术应用大赛决赛结果](https://mp.weixin.qq.com/s/v1l27VHZSvk1V3kYCMjgBA) - [ ] [2026FIC决赛(全解)](https://mp.weixin.qq.com/s/_0NId2s1NpdV_xAA3AI04w) - [ ] [数据泄露——江苏省第四届数据安全技术应用职业技能竞赛初赛](https://mp.weixin.qq.com/s/HALhDzzBmtegBNsT4AS1gQ) - [ ] [第四批UAP解密背后:美国真正公开的,不是UFO](https://mp.weixin.qq.com/s/wfaBUw2XCEwmPgUK0ip_Cw) - [ ] [DIDCTF 招聘专区正式上线|连接电子数据取证人才与企业](https://mp.weixin.qq.com/s/7WJVwms4Lq0Nr_-AEk6ziw) - [ ] [今天看到这台思科3850,瞬间破防了,8个千兆口 + 2个万兆上行模块,这配置放在企业网里就是“定海神针”,别看它长得像块铁疙瘩,跑起流](https://mp.weixin.qq.com/s/0mUHK4wcH5jp6jU6CpJVqA) - [ ] [【船舶网络安全系列】CBS 网络风险评估方法](https://mp.weixin.qq.com/s/2RwdPoEQuwc3Nktuhmrc2A) - [ ] [通过IMA知识库一键检索海量安全测试报告,助力安全测试提质增效](https://mp.weixin.qq.com/s/OBFRL9DdbIXddb8kprGu8Q) - [ ] [哎 出门老扎](https://mp.weixin.qq.com/s/UHCohcEkjvfntkl_uVSCXA) - [ ] [100%源码交付!7天搞定国产信创部署,老板最想要的智慧工地方案,内置国标 GB28181 摄像头 AI视频识别算法](https://mp.weixin.qq.com/s/YB7JwBuDi8x0L6zp7N2iow) - [ ] [200 台 5090 租赁资源](https://mp.weixin.qq.com/s/d_vyyqcLvQDQkiwF93z-Yg) - [ ] [支持向量机:寻找最优分界线的数学艺术,从几何直觉到核技巧的完整推导](https://mp.weixin.qq.com/s/nNEFOlc6l-okL0Hts1OaqA) - [ ] [警惕AI代理权限失控:六阶段成熟模型管住企业非人类身份](https://mp.weixin.qq.com/s/E4jC_7bfLVJeERHkFq1_-w) - [ ] [亚马逊Bedrock关联AI网关遭攻击,暴露新型云安全风险](https://mp.weixin.qq.com/s/9QwcK0uZJDaTKyqIlXsq5Q) - [ ] [CTFHub:第八十四关——JSON Web Token——弱密钥](https://mp.weixin.qq.com/s/aNjo_zzT0XBWM8sbxSfMEQ) - [ ] [SpyGlace攻击滥用受信任的开发人员服务来逃避网络检测](https://mp.weixin.qq.com/s/144sKUyaUhLjElG9bvUSPg) - [ ] [人工智能+⑤ | 楚天云公司项目获评工信部人工智能应用典型案例](https://mp.weixin.qq.com/s/CNY0NWDCRetlFTMsFNacVw) - [ ] [同心同行 驰援故土 以行动守护家乡](https://mp.weixin.qq.com/s/AhBD1dxRYKgrXtBMWqcSVA) - [ ] [为什么AVL Code敢把AI会话挂在官网上](https://mp.weixin.qq.com/s/Rzy1vP1qNv_gE6cvPYgp7w) - [ ] [苏商银行实现小微信贷全流程AI应用,算力上与英特尔明确三大合作方向](https://mp.weixin.qq.com/s/6roxiBnOVGJDcaRsQlMzog) - [ ] [AI快讯:中国31家企业签署智能体个人信息保护公约,Robinhood推加密AI Agent交易功能](https://mp.weixin.qq.com/s/639BRJ_hytI4AQ5f9En1zQ) - [ ] [【6月29日-7月5日】安全漏洞周报 | 523个高危漏洞急需关注](https://mp.weixin.qq.com/s/nDiZgxmuTvQncJH95tlOEw) - [ ] [直播预告 | 绿盟智能渗透测试系统2.0即将首发——绿盟科技AI安全创新成果发布会](https://mp.weixin.qq.com/s/VlLGWXUIxSkmJuJQDpWwLw) - [ ] [从攻击者视角思考 Detection Engineering](https://mp.weixin.qq.com/s/RGEBwAP5D9N9NRv0jWV0HQ) - [ ] [http.sys — UlpParseNextRequest 中连接数组容量整数溢出(CWE-190)导致内核池溢出](https://mp.weixin.qq.com/s/wZoarN6LLHU_s8U9vGZk-w) - [ ] [奇安信联合共建“可信决策人工智能技术北京市重点实验室”正式获批](https://mp.weixin.qq.com/s/CEIER_vGi05Msi4t3nTf0Q) - [ ] [抗议裁判偏袒!黑客入侵阿根廷足协,世界杯网络攻防再成焦点](https://mp.weixin.qq.com/s/mVB0LHctMN3qsc9ZltH3-w) - [ ] [Apache su EXEC 日志目录可写导致的 SUID 提权漏洞](https://mp.weixin.qq.com/s/YnJ08eUTx1_v2_RxDu7VuA) - [ ] [红日靶场官网挂了,备用网盘分享](https://mp.weixin.qq.com/s/K3W5oSFmfTGriz7l0rdIMw) - [ ] [攻克无人机改装走私大案](https://mp.weixin.qq.com/s/Hmc24SCc4Y08Ato-PA2Tyw) - [ ] [一个开源工具的逆袭:用真实浏览器指纹正面刚Cloudflare Turnstile](https://mp.weixin.qq.com/s/yMVuXyKMrs2GotpGvbudGQ) - [ ] [换AI安全工作,不是死磕技术,而是研究市场](https://mp.weixin.qq.com/s/XuehKOjQxaBBdq7OAYX8oA) - [ ] [一次性通过OSCP、OSCE³(OSEP + OSWE + OSED)的全过程](https://mp.weixin.qq.com/s/gu4d5gdt_TXcBu_wMa1CvA) - [ ] [观初科技InsightSec | 实力见证,荣登“数字安全护航技术能力全景图”19大核心板块](https://mp.weixin.qq.com/s/TgeNBEYXl66aDHGVylVwCA) - [ ] [聚焦 | 光合组织2026智能计算应用大会成功举办,携手生态伙伴共筑政法数智化安全底座](https://mp.weixin.qq.com/s/8W1AoWUeO4knYMhWep_9Dw) - [ ] [前沿 | 能源化工行业动态数据分类分级技术研究](https://mp.weixin.qq.com/s/7HWnFLlSoVKKk77siP2xMg) - [ ] [关注 | 明确16项任务!工信部等四部门发文推动互联网基础资源高质量发展](https://mp.weixin.qq.com/s/ymUETkGgNVgx4QaUqMZ7rw) - [ ] [关注 | 公安机关严厉打击编造传播涉汛等涉灾网络谣言,公布25起典型案例](https://mp.weixin.qq.com/s/NP_PNbgs5DoctxjXDSouXA) - [ ] [观点 | 谨防境外AI“后门”风险](https://mp.weixin.qq.com/s/0tshxEvimBwaWUS1gx4dCg) - [ ] [关注 | 犯罪不断迭代变异,世界杯期间赌球更趋活跃——网络赌博乱象如何根治](https://mp.weixin.qq.com/s/WI-wicz3_AfRXtboY_O-Pw) - [ ] [【活动】赛迪代表队在工业和信息化部直属机关第一届“活力杯”广播操比赛中荣获一等奖](https://mp.weixin.qq.com/s/Q7UGVjUN46V7U9_L5eRT9Q) - [ ] [【通知】国家市场监督管理总局技术创新中心(关键工业应用场景智能化检测)关于开放OTA检测实验室的通知](https://mp.weixin.qq.com/s/lvGicn9M8BuLN45Gl9M-KQ) - [ ] [美国议员提出《AI事件报告法案》 ,强制AI安全事件上报](https://mp.weixin.qq.com/s/bKEAM7_XsSUDpVSSzRQV_g) - [ ] [TrustAsia亮相NCSS 2026,共筑PQC与AI时代的数字信任底座](https://mp.weixin.qq.com/s/gaf0rysdbnDt3jWsoJl1GQ) - [ ] [TrustAsia亮相2026 Matter Open Day,助力智能家居生态可信发展](https://mp.weixin.qq.com/s/uODEDmgcKCXi6X_O5E8b8A) - [ ] [印度陆军、海军、空军人员数据泄露](https://mp.weixin.qq.com/s/L-UOxEu9KZMjTlMEgtWXtQ) - [ ] [让 Agent 成为音视频工作台:AI MediaKit CLI + Skill 发布](https://mp.weixin.qq.com/s/Kfrcbw91WY71XKD50vVEmg) - [ ] [不改一行代码!如何用大模型流量观测看清AI 成本黑洞?](https://mp.weixin.qq.com/s/YjPpyHKLQyxQ0lQO6AEItw) - [ ] [让搜索更懂用户:Viking AI 搜索如何用个性化提升转化](https://mp.weixin.qq.com/s/efVIe28C_Hwai21zPnQNWA) - [ ] [密评高风险判定指引系列(一):开篇总览与通用要求高风险判定](https://mp.weixin.qq.com/s/iwxZ8e1gYWDOPnUOKPgOMw) - [ ] [14大类93子类丨信安世纪实力入选第五期《数字安全护航技术能力全景图》](https://mp.weixin.qq.com/s/PjDpwu1M34nWNw9qG7ovcw) - [ ] [国家金融监督管理总局发布《银行业保险业网络安全管理办法(征求意见稿)》](https://mp.weixin.qq.com/s/Zqc4n4s7tbrXStpVSHTOKg) - [ ] [国家文物局印发《国有文物资源数据管理办法》](https://mp.weixin.qq.com/s/3QkXxb0o4NNDw5wDD3noPA) - [ ] [腾讯Ray团队实践:K8s + Ray如何支撑超大规模AI Workload](https://mp.weixin.qq.com/s/j1pq-Fus3Rr-9ATsIQYKwg) - [ ] [FlowiseAI 任意文件写入漏洞 CVE-2025–26319](https://mp.weixin.qq.com/s/n4rsvHShD2e7a8n_zD78vQ) - [ ] [【免费领】CISSP认证考试真题全解析(中文版)](https://mp.weixin.qq.com/s/A1en_2l9pOEzid-JEG3T3A) - [ ] [Gartner威胁态势图谱释放了哪些关键信号?](https://mp.weixin.qq.com/s/NGukPsBfNwCyUid81eRBeg) - [ ] [2026年\"数安之江\"专项行动来了!五大行业数据安全大考,这份详细解读材料请收好](https://mp.weixin.qq.com/s/eAbxDDrIKv0Jk88p528L4w) - [ ] [研究人员详细介绍了利用 OpenClaw 三个漏洞实现 WhatsApp 到主机攻击链的过程](https://mp.weixin.qq.com/s/Zk0WrX1Kaucq8a_PSlrnFQ) - [ ] [第152期 | GPTSecurity周报](https://mp.weixin.qq.com/s/oSGSM5EDjBxhwCo5lku1eQ) - [ ] [80万用户中招:ModHeader插件供应链攻击案例(附自查修复方案)](https://mp.weixin.qq.com/s/fHC71Gh4J0hvhnzwt4NTQQ) - [ ] [媒体报道xa0|xa0纳入国家顶层部署的“六张网”是什么?一图梳理→](https://mp.weixin.qq.com/s/L42-k2_UKxyq2UbKwvtoOA) - [ ] [事关互联网基础发展!工信部等四部门下发文件,16 项任务都有哪些?](https://mp.weixin.qq.com/s/srzwrxTL6db1mj-JVU3bhg) - [ ] [5步带你从0开局拿下漏洞赏金!1700讲透白帽src的所有核心基础和赏金思路!](https://mp.weixin.qq.com/s/aNwu1NP1vkLYk7YTkwVs-Q) - [ ] [鼎信安全xa0|xa0网络安全一周资讯](https://mp.weixin.qq.com/s/ztWsJBD-yxUxPd0FWwoJuw) - [ ] [新版网安法 + 等保 2380 新规落地|任子行数据安全分类分级,三件套搭建全生命周期合规防火墙](https://mp.weixin.qq.com/s/VN8L5Mds6ux6q6yyTIUOSQ) - [ ] [hvv 2026 - 不用 Cobalt Strike,照样控全域:攻击者如何把 GPO 变成天然 C2](https://mp.weixin.qq.com/s/bPsRkox07Q0vbzjq4_TB8Q) - [ ] [诚邀莅临|魔方安全焕新亮相粤网安大会,7月16日不见不散!](https://mp.weixin.qq.com/s/QCFvQs9JjkcSDyf4EmqsIQ) - [ ] [HackMyVm靶场之Type.](https://mp.weixin.qq.com/s/MexqdsHgsGy7ARzdEygi5g) - [ ] [【高危AI漏洞预警】CVE-2026-56271 Flowise硬编码JWT密钥认证绕过漏洞](https://mp.weixin.qq.com/s/yEj8oZe_sDhJBMkRRxK0og) - [ ] [广州网络安全等级保护工作小科普](https://mp.weixin.qq.com/s/i9klnNnKRklrJXMrQ9thlw) - [ ] [从参数到路径段:kennysql SQL 注入插件](https://mp.weixin.qq.com/s/TJCV37En1eoZ7xAqU9sidA) - Tenable Blog - [ ] [Why cloud security is mission-critical for federal civilian and defense agencies](https://www.tenable.com/blog/fedramp-high-il5-federal-government-cloud-security) - Recent Commits to cve:main - [ ] [Update Mon Jul 13 11:59:57 UTC 2026](https://github.com/trickest/cve/commit/34851454a7b07498072de47d56f63daa4a4f524d) - Microsoft Security Blog - [ ] [Defending SaaS-based applications against ShinyHunters OAuth abuse](https://www.microsoft.com/en-us/security/blog/2026/07/13/defending-saas-based-applications-against-shinyhunters-oauth-abuse/) - [ ] [Microsoft Entra ID security updates: Passkeys are the default authentication method in Entra ID](https://www.microsoft.com/en-us/security/blog/2026/07/13/microsoft-entra-id-security-updates-passkeys-are-the-default-authentication-method-in-entra-id/) - Hacking Articles - [ ] [Windows Privilege Escalation: SeTakeOwnershipPrivilege](https://www.hackingarticles.in/windows-privilege-escalation-setakeownershipprivilege/) - Private Feed for M09Ic - [ ] [bolucat released 202607132136 at bolucat/Archive](https://github.com/bolucat/Archive/releases/tag/202607132136) - [ ] [huoji120 starred zjunlp/EasyEdit](https://github.com/zjunlp/EasyEdit) - [ ] [ring04h starred keredson/wordninja](https://github.com/keredson/wordninja) - [ ] [Ascotbe starred VoltAgent/awesome-design-md](https://github.com/VoltAgent/awesome-design-md) - [ ] [kpcyrd contributed to kpcyrd/cargo-debstatus](https://github.com/kpcyrd/cargo-debstatus/pull/81) - [ ] [liamg contributed to infracost/actions](https://github.com/infracost/actions/pull/271) - [ ] [liamg contributed to infracost/lsp](https://github.com/infracost/lsp/pull/57) - [ ] [liamg contributed to infracost/cli](https://github.com/infracost/cli/pull/186) - [ ] [liamg contributed to infracost/config](https://github.com/infracost/config/pull/20) - [ ] [esrrhs contributed to esrrhs/fakelua](https://github.com/esrrhs/fakelua/pull/242) - [ ] [zema1 contributed to zema1/suo5](https://github.com/zema1/suo5/pull/114) - [ ] [niudaii starred mco-org/squad](https://github.com/mco-org/squad) - [ ] [modelcontextprotocol released v1.8.0 at modelcontextprotocol/registry](https://github.com/modelcontextprotocol/registry/releases/tag/v1.8.0) - [ ] [kpcyrd contributed to rustsec/rustsec](https://github.com/rustsec/rustsec/pull/1635) - [ ] [panjf2000 starred ForceInjection/AI-fundamentals](https://github.com/ForceInjection/AI-fundamentals) - 安全客-有思想的安全新媒体 - [ ] [Ghostcommit 攻击:恶意提示藏入图片,劫持Agent实施窃取](https://www.anquanke.com/post/id/315788) - Paper - 知道创宇404实验室 - [ ] [深度神经网络中统计上不可检测的后门](https://paper.seebug.org/3500) - Horizon3.ai - [ ] [What the ECB’s AI Cybersecurity Letter Means for Significant Institutions](https://horizon3.ai/intelligence/blogs/ecb-ai-cybersecurity-action-plan/) - [ ] [Meeting the ECB’s AI-Enabled Cybersecurity Mandate with NodeZero®](https://horizon3.ai/downloads/factsheets/meeting-the-ecbs-ai-enabled-cybersecurity-mandate-with-nodezero/) - Toooold - [ ] [Learning Is Selective Change](https://toooold.com/2026/07/13/icml_recap3.html) - The Trail of Bits Blog - [ ] [Rust-proof your code with our new Testing Handbook chapter](https://blog.trailofbits.com/2026/07/13/rust-proof-your-code-with-our-new-testing-handbook-chapter/) - Malwarebytes - [ ] [Trusting your kids online isn’t enough (Lock and Code S07E14)](https://www.malwarebytes.com/blog/podcast/2026/07/trusting-your-kids-online-isnt-enough-lock-and-code-s07e14) - [ ] [Ghostcommit attack hides malicious AI instructions in images](https://www.malwarebytes.com/blog/ai/2026/07/ghostcommit-attack-hides-malicious-ai-instructions-in-images) - [ ] [Fake crypto gift card sites are getting harder to spot](https://www.malwarebytes.com/blog/threat-intel/2026/07/fake-crypto-gift-card-sites-are-getting-harder-to-spot) - [ ] [A week in security (July 6 – July 12)](https://www.malwarebytes.com/blog/news/2026/07/a-week-in-security-july-6-july-12) - Wallarm - [ ] [AI Control Platform vs. AI Firewall vs. AI Gateway: Clearing Up The Terminology](https://lab.wallarm.com/clearing-up-the-terminology/) - 绿盟科技技术博客 - [ ] [直播预告 | 绿盟智能渗透测试系统2.0即将首发——绿盟科技AI安全创新成果发布会](https://blog.nsfocus.net/%e7%9b%b4%e6%92%ad%e9%a2%84%e5%91%8a-%e7%bb%bf%e7%9b%9f%e6%99%ba%e8%83%bd%e6%b8%97%e9%80%8f%e6%b5%8b%e8%af%95%e7%b3%bb%e7%bb%9f2-0%e5%8d%b3%e5%b0%86%e9%a6%96%e5%8f%91-%e7%bb%bf/) - 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台 - [ ] [秋田大学企业发布实时共享熊出没信息的手机应用](https://blog.upx8.com/%E7%A7%8B%E7%94%B0%E5%A4%A7%E5%AD%A6%E4%BC%81%E4%B8%9A%E5%8F%91%E5%B8%83%E5%AE%9E%E6%97%B6%E5%85%B1%E4%BA%AB%E7%86%8A%E5%87%BA%E6%B2%A1%E4%BF%A1%E6%81%AF%E7%9A%84%E6%89%8B%E6%9C%BA%E5%BA%94%E7%94%A8) - [ ] [任天堂Switch 2 OLED版可能正在研发中](https://blog.upx8.com/%E4%BB%BB%E5%A4%A9%E5%A0%82Switch-2-OLED%E7%89%88%E5%8F%AF%E8%83%BD%E6%AD%A3%E5%9C%A8%E7%A0%94%E5%8F%91%E4%B8%AD) - [ ] [苹果计划为三方配件提供类似AirPods的配对功能](https://blog.upx8.com/%E8%8B%B9%E6%9E%9C%E8%AE%A1%E5%88%92%E4%B8%BA%E4%B8%89%E6%96%B9%E9%85%8D%E4%BB%B6%E6%8F%90%E4%BE%9B%E7%B1%BB%E4%BC%BCAirPods%E7%9A%84%E9%85%8D%E5%AF%B9%E5%8A%9F%E8%83%BD) - [ ] [沙特成为台湾新兴无人机产业的最大买家](https://blog.upx8.com/%E6%B2%99%E7%89%B9%E6%88%90%E4%B8%BA%E5%8F%B0%E6%B9%BE%E6%96%B0%E5%85%B4%E6%97%A0%E4%BA%BA%E6%9C%BA%E4%BA%A7%E4%B8%9A%E7%9A%84%E6%9C%80%E5%A4%A7%E4%B9%B0%E5%AE%B6) - [ ] [研究人员担忧AI可能会使人类技能退化](https://blog.upx8.com/%E7%A0%94%E7%A9%B6%E4%BA%BA%E5%91%98%E6%8B%85%E5%BF%A7AI%E5%8F%AF%E8%83%BD%E4%BC%9A%E4%BD%BF%E4%BA%BA%E7%B1%BB%E6%8A%80%E8%83%BD%E9%80%80%E5%8C%96) - [ ] [欧盟将提出限制儿童访问社交媒体的计划](https://blog.upx8.com/%E6%AC%A7%E7%9B%9F%E5%B0%86%E6%8F%90%E5%87%BA%E9%99%90%E5%88%B6%E5%84%BF%E7%AB%A5%E8%AE%BF%E9%97%AE%E7%A4%BE%E4%BA%A4%E5%AA%92%E4%BD%93%E7%9A%84%E8%AE%A1%E5%88%92) - [ ] [大众汽车拟扩大裁员范围 或削减约5万岗位](https://blog.upx8.com/%E5%A4%A7%E4%BC%97%E6%B1%BD%E8%BD%A6%E6%8B%9F%E6%89%A9%E5%A4%A7%E8%A3%81%E5%91%98%E8%8C%83%E5%9B%B4-%E6%88%96%E5%89%8A%E5%87%8F%E7%BA%A65%E4%B8%87%E5%B2%97%E4%BD%8D) - [ ] [三星开发用于人工智能PC的处理器芯片](https://blog.upx8.com/%E4%B8%89%E6%98%9F%E5%BC%80%E5%8F%91%E7%94%A8%E4%BA%8E%E4%BA%BA%E5%B7%A5%E6%99%BA%E8%83%BDPC%E7%9A%84%E5%A4%84%E7%90%86%E5%99%A8%E8%8A%AF%E7%89%87) - [ ] [小米雷军:造车很苦,但成功一定很酷](https://blog.upx8.com/%E5%B0%8F%E7%B1%B3%E9%9B%B7%E5%86%9B-%E9%80%A0%E8%BD%A6%E5%BE%88%E8%8B%A6-%E4%BD%86%E6%88%90%E5%8A%9F%E4%B8%80%E5%AE%9A%E5%BE%88%E9%85%B7) - [ ] [如果你不同意AI训练 三星将删除健康数据](https://blog.upx8.com/%E5%A6%82%E6%9E%9C%E4%BD%A0%E4%B8%8D%E5%90%8C%E6%84%8FAI%E8%AE%AD%E7%BB%83-%E4%B8%89%E6%98%9F%E5%B0%86%E5%88%A0%E9%99%A4%E5%81%A5%E5%BA%B7%E6%95%B0%E6%8D%AE) - 奇客Solidot–传递最新科技情报 - [ ] [蒋方舟因论文存在抄袭行为被撤销硕士学位](https://www.solidot.org/story?sid=84821) - [ ] [Vinton Cerf 退休](https://www.solidot.org/story?sid=84820) - [ ] [逃脱死亡命运的类木星行星](https://www.solidot.org/story?sid=84819) - [ ] [数据中心用电量占到了爱尔兰用电量的 23%](https://www.solidot.org/story?sid=84818) - [ ] [他们窃取了数据和民主](https://www.solidot.org/story?sid=84817) - [ ] [Linus Torvalds 谈 AI 和垃圾补丁](https://www.solidot.org/story?sid=84816) - [ ] [中国三北防护林阻止了沙漠扩大,但战斗并未结束](https://www.solidot.org/story?sid=84815) - [ ] [Steam 月活用户数超过 2 亿](https://www.solidot.org/story?sid=84814) - [ ] [DNA 确认托斯卡纳大公死于疟疾](https://www.solidot.org/story?sid=84813) - [ ] [加州吸引的风投远超美国任何州](https://www.solidot.org/story?sid=84812) - [ ] [为什么 55% 的美国人停止在社媒上发帖?](https://www.solidot.org/story?sid=84811) - [ ] [Windows 11 设备标识符无法关闭](https://www.solidot.org/story?sid=84810) - rtl-sdr.com - [ ] [Airspy WebSpy: A High Performance Web UI Client for Airspy SDRs](https://www.rtl-sdr.com/airspy-webspy-a-high-performance-web-ui-client-for-airspy-sdrs/) - [ ] [Exploring the Art and Science of Spectral Painting with SDR](https://www.rtl-sdr.com/exploring-the-art-and-science-of-spectral-painting-with-sdr/) - [ ] [A Paper on Clock Distribution for Phase Coherent Operation of RTL-SDR Receivers](https://www.rtl-sdr.com/a-paper-on-clock-distribution-for-phase-coherent-operation-of-rtl-sdr-receivers/) - 黑鸟 - [ ] [AI私人助手会被偷偷篡改记忆:揭秘隐形内存注入攻击](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451187670&idx=1&sn=e4cbd372c8518ba70dcb92c1e0d31e56) - 代码卫士 - [ ] [Zimbra:速修复这个严重的 Web Client XSS 漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247526606&idx=1&sn=98ad31e009af96d9536be560cb9f7fa3) - [ ] [Progress:存在可信外部威胁,ShareFile 管理员需立即关闭服务器](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247526606&idx=2&sn=92be8299dea05a32e51baa1cad82b509) - 安全内参 - [ ] [电池遭实时篡改致使电动车行驶中抛锚,某国首都惊现多起“恶作剧”攻击](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247516256&idx=1&sn=4f8d7af4cf804809945374f949fee788) - [ ] [物理隔离也能传数据?揭秘苹果Find My网络的隐蔽数据通道](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247516256&idx=2&sn=0c23410474886ed46fdb6b28998975f6) - 安全客 - [ ] [Ghostcommit 攻击:恶意提示藏入图片,劫持Agent实施窃取](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649790216&idx=1&sn=439a2cc57c764113e9d44d1a1b4ba863) - 奶牛安全 - [ ] [数据泄露情报2026.7.13-新宝藏站,7.6亿领英+5.6亿脸书+2.3亿推特+ins/tiktok/github/web3?](https://mp.weixin.qq.com/s?__biz=MzU4NjY0NTExNA==&mid=2247489760&idx=1&sn=3e15ddd2bf981108976e2635af469426) - 威努特安全网络 - [ ] [威努特无线网络:打造医疗数字化的隐形防线](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651142957&idx=1&sn=9adbc51ae5195268dd2656c435f0aca5) - [ ] [WinClaw新版本即将发布 10000个超级VIP限时开抢!](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651142957&idx=2&sn=7d5a7f6ee593fd5ce761c32268b5956e) - Lexfo's security blog - [ ] [One Misconfigured Server, Three Active Campaigns: Full exposure of three AiTM Phishing Operators](https://blog.lexfo.fr/opendir-to-phishing-operator.html) - 中国信息安全 - [ ] [聚焦 | 光合组织2026智能计算应用大会成功举办,携手生态伙伴共筑政法数智化安全底座](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664264610&idx=1&sn=f0009b37e943be2122438647f165afa8) - [ ] [前沿 | 能源化工行业动态数据分类分级技术研究](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664264610&idx=2&sn=8f8d24ebd51af6b4c1b08318d23c65a8) - [ ] [关注 | 明确16项任务!工信部等四部门发文推动互联网基础资源高质量发展](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664264610&idx=3&sn=8e8372f492e7e82e79ce5c8faadab603) - [ ] [关注 | 公安机关严厉打击编造传播涉汛等涉灾网络谣言,公布25起典型案例](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664264610&idx=4&sn=8ab9804ebfba1c2e203d6aaee645f5b6) - [ ] [观点 | 谨防境外AI“后门”风险](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664264610&idx=5&sn=e60e0136e7dd1d293d2f1c85b2f5983b) - [ ] [关注 | 犯罪不断迭代变异,世界杯期间赌球更趋活跃——网络赌博乱象如何根治](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664264610&idx=6&sn=651567ee34c02bd54d8c2c8504de9891) - 天黑说嘿话 - [ ] [最新高危漏洞与零日威胁(底层与AI层面)](https://mp.weixin.qq.com/s?__biz=MzI5NTQ5MTAzMA==&mid=2247486221&idx=1&sn=a21d8e52aca4ed0fe45e5f3eb149e821) - 奇安信威胁情报中心 - [ ] [UTG-Q-1000近期仿冒Zinst等软件分发银狐木马新变种](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247519487&idx=1&sn=8ee1ee2f8c5a0473d25fa469490e27ab) - 安全圈 - [ ] [【安全圈】SpaceX 官方账号被黑!黑客发币圈诈骗,马斯克的"门面"都守不住?](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652077817&idx=1&sn=a7e600502d41b4d612a410a0ff2a4db9) - [ ] [【安全圈】CVSS 满分!Joomla 两大插件被零日攻击,6月起已沦陷数千网站](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652077817&idx=2&sn=d3699093e9aeb7929d0ab0216a911a04) - [ ] [【安全圈】学术论文变成武器:黑客伪造真实研讨会资料,向研究人员投放 RokRAT](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652077817&idx=3&sn=ca12b56a5d9434bfa32cebf100eb89a9) - 丁爸 情报分析师的工具箱 - [ ] [【开源报告】美国威胁减少局(DTRA)⽣物武器研究情况分析报告](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651156535&idx=1&sn=9df907c408e492676fd3d15f4df7a800) - [ ] [【竞赛通知】第四届全国大学生开源情报数据采集与分析挑战专项](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651156535&idx=2&sn=0b8be079873f65d89cc4d3524776c05a) - 数世咨询 - [ ] [三起真实案例:Token成本失控严重冲击企业安全预算与应急处置能力](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247543481&idx=1&sn=f59b90bb981f186374715bdc7fc4e3a7) - M01N Team - [ ] [AI安全案例分析 | Ghostcommit攻击利用图片窃取秘密](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247495300&idx=1&sn=a495dbb43bc4e710231bd9e6bc2e2b21) - 阿里安全响应中心 - [ ] [王牌A计划——五月月度奖励](https://mp.weixin.qq.com/s?__biz=MzIxMjEwNTc4NA==&mid=2652999031&idx=1&sn=002242bf3785b9d3c5adf71c26ccb51c) - 斗象智能安全 - [ ] [企业安全AI员工操作系统Cowboy OS新增Hermes运行环境](https://mp.weixin.qq.com/s?__biz=MzIwMjcyNzA5Mw==&mid=2247495544&idx=1&sn=255da8be31a304cb2359aee048a327ab) - 京东安全应急响应中心 - [ ] [《国家网络身份认证公共服务管理办法》实施一周年 筑牢数字屏障守护公民个人身份信息安全](https://mp.weixin.qq.com/s?__biz=MjM5OTk2MTMxOQ==&mid=2727851006&idx=1&sn=698013ac8ed2770ef0e7b0ac64927696) - 极客公园 - [ ] [原生满配,大头 EDU 版重新定义开发者的第一台四足机器狗](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653110460&idx=1&sn=5a34c5794ebb71bf972c8d979f2d794a) - [ ] [HLE 战队夺 2026 MSI 冠军;《功夫女足》首日票房超 2.5 亿,打破 7 项中国影史纪录;社交媒体超四分之一长文或为 AI 生成|极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653110455&idx=1&sn=8001e23b567c531c1943f5f9ae9d58ef) - 字节跳动技术团队 - [ ] [让 Agent 成为音视频工作台:AI MediaKit CLI + Skill 发布](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247520810&idx=1&sn=d0fb295a9edfdcdb71d4cb70ecd80c15) - [ ] [让搜索更懂用户:Viking AI 搜索如何用个性化提升转化](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247520810&idx=2&sn=425e0a64545b3e7b9b8f39c2671ed7b8) - 看雪学苑 - [ ] [火热招生!网络安全运维工程师(45天·线下·就业班)](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458617507&idx=1&sn=9ff58656e561d23869fac466deedfb43) - [ ] [一道简单但不简约的堆题——CISCN2026初赛堆题robo分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458617507&idx=2&sn=be31462aef573f12084964126ad5b3af) - [ ] [SpaceX与Starlink官方账号遭入侵,虚假代币骗局致投资者损失逾12万美元](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458617507&idx=3&sn=44c3c3368e8252c8217d0f6175484609) - Beacon Tower Lab - [ ] [悬赏令:寻找数字世界的守夜人 | DayDayPOC 0day漏洞悬赏计划正式启动](https://mp.weixin.qq.com/s?__biz=MzkyNzcxNTczNA==&mid=2247488305&idx=1&sn=67ce6e9247931c0962ac6703689663fe) - 表图 - [ ] [[译苑雅集 Vol. 14] Anthropic 最新论文:大语言模型没说出口的内心小秘密,藏在一个叫 J 空间的地方](https://mp.weixin.qq.com/s?__biz=MzUzOTI4NDQ3NA==&mid=2247485105&idx=1&sn=9df7d235b021ab897f97248827d01e27) - 君哥的体历 - [ ] [安全观察:AI攻防升级与网络安全审查两大热点解读|总第314周](https://mp.weixin.qq.com/s?__biz=MzI2MjQ1NTA4MA==&mid=2247492486&idx=1&sn=95e3de2ed5320b019ece27a3fc78b30e) - OnionSec - [ ] [寺中读碑:一块旧石里的百年碎影](https://mp.weixin.qq.com/s?__biz=MzUyMTUwMzI3Ng==&mid=2247485851&idx=1&sn=af0eca4f6cfab3680b67ff7639d5524e) - 安全419 - [ ] [安全419 | 6月安全厂商动态:AI安全产品密集发布 可信计算与抗量子并行](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247553990&idx=1&sn=a14b8e7e2cb57a10bad61df7d43efdd8) - ICT Security Magazine - [ ] [Propensione al rischio: quanto rischio un’organizzazione decide di accettare](https://www.ictsecuritymagazine.com/cyber-security/propensione-al-rischio-risk-appetite/) - Krypt3ia - [ ] [Threat Intelligence Report: JADEPUFFER Agentic Ransomware and Automated Extortion](https://krypt3ia.wordpress.com/2026/07/13/threat-intelligence-report-jadepuffer-agentic-ransomware-and-automated-extortion/) - CNVD漏洞平台 - [ ] [CNVD漏洞周报2026年第27期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247497100&idx=1&sn=2d293d88cb0b49d8ea0a7615081e96d2) - [ ] [上周关注度较高的产品安全漏洞(20260706-20260712)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247497100&idx=2&sn=ac9146bfb4881155b3fb28465f9109c4) - SANS Internet Storm Center, InfoCON: green - [ ] [Someone Is Scanning for Your MCP Servers and AI Assistant Credentials, (Mon, Jul 13th)](https://isc.sans.edu/diary/rss/33150) - [ ] [ISC Stormcast For Monday, July 13th, 2026 https://isc.sans.edu/podcastdetail/10004, (Mon, Jul 13th)](https://isc.sans.edu/diary/rss/33148) - 娜璋AI安全之家 - [ ] [[AI安全论文] (51)ESWA25 基于启发式优化器的入侵检测系统](https://mp.weixin.qq.com/s?__biz=Mzg5MTM5ODU2Mg==&mid=2247503025&idx=1&sn=ab56d76c1e64d5c36d076eaa9a16e29b) - Deeplinks - [ ] [Sony Nerfs Videogame Ownership](https://www.eff.org/deeplinks/2026/07/sony-nerfs-videogame-ownership) - Security Affairs - [ ] [Lidl Notified Online Shop Customers in Germany, Belgium, and the Netherlands of a Data Breach](https://securityaffairs.com/195270/data-breach/lidl-notified-online-shop-customers-in-germany-belgium-and-the-netherlands-of-a-data-breach.html) - [ ] [U.S. CISA adds a Cisco IOS flaw to its Known Exploited Vulnerabilities catalog](https://securityaffairs.com/195262/security/u-s-cisa-adds-a-cisco-ios-flaw-to-its-known-exploited-vulnerabilities-catalog.html) - [ ] [EU Targets FSB-Linked Hackers in New Sanctions Over Cyber Sabotage](https://securityaffairs.com/195242/intelligence/eu-targets-fsb-linked-hackers-in-new-sanctions-over-cyber-sabotage.html) - [ ] [Dutch Nationals Suspected in Odido Hack That Exposed Six Million Customers](https://securityaffairs.com/195235/cyber-crime/dutch-nationals-suspected-in-odido-hack-that-exposed-six-million-customers.html) - [ ] [Australia Alerts Organizations to Ongoing CMS Exploitation Attacks](https://securityaffairs.com/195208/security/australia-alerts-organizations-to-ongoing-cms-exploitation-attacks.html) - The Hacker News - [ ] [CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks](https://thehackernews.com/2026/07/crashstealer-macos-malware-uses.html) - [ ] [Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found](https://thehackernews.com/2026/07/google-and-microsoft-pull-modheader.html) - [ ] [⚡ Weekly Recap: ShareFile Threat, Citrix Bleed 2 Ransomware, AI Coding Attacks, and More](https://thehackernews.com/2026/07/weekly-recap-sharefile-threat-citrix.html) - [ ] [New MemGhost Attack Plants Persistent False Memories in AI Agents Through One Email](https://thehackernews.com/2026/07/new-memghost-attack-plants-persistent.html) - [ ] [Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft](https://thehackernews.com/2026/07/forg365-phaas-targets-microsoft-365.html) - [ ] [Meta Files Patent for AI That Can Listen All Day and Track How You're Feeling](https://thehackernews.com/2026/07/meta-files-patent-for-ai-that-can.html) - [ ] [Thinking Fast and Slow in the SOC: The Case for Combining Autonomous AI with Analyst Copilots](https://thehackernews.com/2026/07/thinking-fast-and-slow-in-soc-case-for.html) - [ ] [Attacker Uses Suspected AI-Generated PowerShell Script to Map Active Directory](https://thehackernews.com/2026/07/attacker-uses-suspected-ai-generated.html) - [ ] [Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365](https://thehackernews.com/2026/07/misconfigured-server-reveals-three.html) - [ ] [iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days](https://thehackernews.com/2026/07/icagenda-and-balbooa-forms-joomla-flaws.html) - www.theregister.com - Articles - [ ] [EU and UK officially blame Russian spies for cyberattack on Poland's power grid](https://www.theregister.com/security/2026/07/13/uk-eu-officially-pin-poland-energy-cyberattack-on-russia/5270458) - [ ] [World Cup grudge attackers may have scored Argentine FA access via year-old infostealer infection](https://www.theregister.com/security/2026/07/13/world-cup-grudge-attackers-may-have-scored-argentine-fa-access-via-year-old-infostealer-infection/5270302) - [ ] [Progress orders emergency ShareFile server shutdown over mystery security threat](https://www.theregister.com/security/2026/07/13/progress-orders-emergency-sharefile-server-shutdown-over-mystery-security-threat/5270281) - Daniel Miessler - [ ] [Avoid the AI Expertise Trap](https://danielmiessler.com/blog/avoid-the-ai-expertise-trap?utm_source=rss&utm_medium=feed&utm_campaign=website) - Schneier on Security - [ ] [AI Data Centers and the Concentration of Wealth](https://www.schneier.com/blog/archives/2026/07/ai-data-centers-and-the-concentration-of-wealth.html) - Krebs on Security - [ ] [Lessons Learned from CISA’s Recent GitHub Leak](https://krebsonsecurity.com/2026/07/lessons-learned-from-cisas-recent-github-leak/) - TorrentFreak - [ ] [U.S. Seizes More Pirate Sports Streaming Domains, But Iranian Fallbacks Remain](https://torrentfreak.com/u-s-seizes-more-pirate-sports-streaming-domains-but-iranian-fallbacks-remain/)
每日安全资讯(2026-07-14)