[每日信息流] 2025-10-10

[chainreactorbot]

每日安全资讯（2025-10-10）

• SecWiki News
  • SecWiki News 2025-10-09 Review
• 奇安信攻防社区
  • 某bip漏洞挖掘-从0day到1day的伤心之旅
• 安全客-有思想的安全新媒体
  • 空网络安全防护核心：管理平台安全体系构建与实践
• Doonsec's feed
  • RediShell漏洞检查软件（v1.0）
  • 【高危漏洞预警】Redis Lua脚本远程代码执行漏洞CVE-2025-49844
  • 【高危漏洞预警】Oracle E-Business Suite 远程代码执行漏洞CVE-2025-61882
  • 用友NC DocServlet接口存在任意文件读取漏洞 附POC
  • 攻防实战思路-不靠0day组合拳拿下目标系统
  • 活该你能挖到洞
  • 【0day】某通用系统RCE漏洞挖掘
  • 【好文推荐】炫酷的工具，简单的校验：人工智能狂热如何为恶意MCP服务器打开大门
  • 基于人形机器人开展安全攻击
  • 开发“恶意URL-AI检测系统”(二)
  • 拿下一个新高地
  • 2025 Distinguished Paper Award(NDSS)-ReDAN
  • 从智能测试到自主测试：理论与实践
  • 某CMS后台SQL注入漏洞
  • 2025年度网络空间安全技术国家地方联合工程实验室开放课题指南征集
  • 某CMS任意文件删除漏洞
  • 新的 FileFix 攻击利用缓存走私来逃避安全软件
  • 广告
  • G.O.S.S.I.P 阅读推荐 2025-10-09 WireTap窃听风暴
  • 安天澜砥大模型登顶CyberSec-Eval评测榜
  • 直播预告｜大模型与智能体时代，如何筑牢安全底座？10月15日腾讯安全视频号开讲！
  • 【漏洞分析】用友U8Cloud < 20250924补丁版本 NCCloudGatewayServlet 命令执行漏洞
  • 刚上大一打的CTF新生练习平台 week1 记录一天ak（
  • OSCP渗透实战（第二期）：Linux系统攻防与权限提升完全指南
  • 0065. 从泄露的电子邮件到内部账户接管（P1）
  • 七年七冠！奇安信稳坐中国云安全市场头把交椅
  • 《生成式人工智能服务安全应急响应指南》发布 奇安信深度参编
  • 全栈爬虫系列-web爬虫开发与逆向实战视频教程更新到了104节啦
  • 用友U8Cloud < 20250924补丁版本 NCCloudGatewayServlet 命令执行漏洞
  • xss中常见绕过思路
  • 2025年“美亚杯”赛前培训，助您高效备赛！
  • Electron客户端漏洞学习与研究
  • 文件内容竟能直接搜？网友：告别“新建文档”噩梦！u200b别再Everything了！这个隐藏的搜索怪兽，10秒让你忘记原名
  • Linux Netcat (nc) 完全指南：网络工具中的"瑞士军刀"
  • 可验证过程奖励在提升大模型推理效率中的探索与实践
  • MARS TALK 第06期｜走进香港理工大学，共话高动态环境下的智能机器人发展与应用
• Private Feed for M09Ic
  • PrefectHQ released 3.4.23 at PrefectHQ/prefect
  • bolucat released 202510092033 at bolucat/Archive
  • joaoviictorti starred OpenDevicePartnership/patina
  • mgeeky starred exo-explore/exo
  • pydantic released v1.0.17 at pydantic/pydantic-ai
  • xnl-h4ck3r released v6.2 at xnl-h4ck3r/waymore
  • FunnyWolf starred safety-research/petri
  • PrefectHQ released 3.4.23.dev3 at PrefectHQ/prefect
  • rabbitmask forked rabbitmask/Windows_Injector from ZacharyZcR/Windows_Injector
  • rabbitmask starred ZacharyZcR/Windows_Injector
  • FunnyWolf forked FunnyWolf/pure-drf-admin from immrk/pure-drf-admin
  • rabbitmask starred Adaptix-Framework/AdaptixC2
  • kyxiaxiang starred werdhaihai/msi_lateral_mv
• Recent Commits to cve:main
  • Update Thu Oct 9 11:20:31 UTC 2025
• Trustwave Blog
  • Tackling the Modern WAF Challenge: Why Managed WAAP Is the Key to Effective Application Security
• obaby@mars
  • 七月七日晴
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • 机器人出现“人传人”漏洞？宇树还能打好安全这张牌吗？
  • RC²隐私保护联盟 | 东莞 网宇商检 • 高级隐私保护联合认证中心成立
  • 黑客借虚假Microsoft Teams安装程序 植入Oyster后门入侵企业网络
  • 新型工具EDR-Freeze曝光：借助Windows错误报告系统 从用户模式中实现安全软件规避
• CXSECURITY Database RSS Feed - CXSecurity.com
  • DirectAdmin v1.680 DOM Injection via return-to Parameter
• Der Flounder
  • Slides from the “MDM and DDM 101” session at Jamf Nation User Conference 2025
• Sucuri Blog
  • Introducing Sucuri Academy: Your New Destination for Website Security Education
• Cerbero Blog
  • Memory Challenge 2: MEM Challenge
• ElcomSoft blog
  • Evidence Preservation: Why iPhone Data Can Expire
• Bug Bounty in InfoSec Write-ups on Medium
  • Imagery HTB WriteUp: Season 9 Machine 2
  • How I found Multiple Bugs on CHESS.COM & they refused
• GuidePoint Security
  • Cybersecurity Awareness Month: Ransomware’s New Normal
• VMRay
  • From Reactive Defense to Proactive Threat Understanding, from Cloud to on-Prem, from Fiction to Facts
• Malware-Traffic-Analysis.net - Blog Entries
  • 2025-10-08: Infection from Kongtuke campaign's ClickFix page
• Horizon3.ai
  • CVE-2025-20362 · CVE-2025-20333 · CVE-2025-20363
  • CVE-2025-49844
  • What is ITDR and Why Active Directory (AD) Tripwires Make It Real
• Malwarebytes
  • Fake VPN and streaming app drops malware that drains your bank account
  • California just put people back in control of their data
  • One stolen iPhone uncovered a network smuggling thousands of devices to China
• Sandfly Security Blog RSS Feed
  • Linux Stealth Rootkit Hunting Presentation
• PortSwigger Blog
  • HTTP/1.1 must die: Dafydd Stuttard on what this means for enterprise security
• Wallarm
  • API Attack Awareness: Injection Attacks in APIs – Old Threat, New Surface
• NVISO Labs
  • Vulnerability Management – Requirements, Scoping & Target Setting
• rtl-sdr.com
  • Two YouTube Reviews of the new PortaRF – A New HackRF Portapack Combo
• HackerNews
  • 黑客利用 WordPress 网站发起新一代 ClickFix 钓鱼攻击
  • Figma MCP 严重漏洞允许黑客远程执行代码
  • 黑客声称 Discord 数据泄露，550 万用户信息遭曝光
  • CISA 将 Synacor Zimbra 纳入已知被利用漏洞目录
  • Steam、Riot Games 疑遭大规模 DDoS 攻击
  • 俄罗斯限制外国 SIM 卡接入移动网络
• 奇客Solidot–传递最新科技情报
  • Ubuntu 25.10 'Questing Quokka' 释出
  • 黄金价格首次突破每盎司 4000 美元
  • Fedora 43 将 /boot 分区容量从 1GB 增加到 2GB
  • Starlink 每天有 1-2 颗重返大气层
  • Salesforce 拒绝为被盗的客户数据支付赎金
  • 研究认为 BMI 指数不能反映一个人是否健康
  • 8 月赴美留学生同比下降 19%
  • OpenAI 今年内签署的 AI 计算交易已高达 1 万亿美元
• 黑海洋 - Wiki
  • Platypus：将命令行脚本一键打包为原生 macOS 应用的开发者神器
  • Edit0：对话式 AI 图片编辑器，5 秒出图与无限画布（可商用、永久免费额度）
  • TikTok最简单挣美金方式，1万播放挣8刀（带教程）
  • LuoGen-agent：一键生成爆款视频的全自动AI数字人口播工具
• 安全分析与研究
  • 伪装成Google浏览器安装程序银狐最新攻击样本分析
• 安全内参
  • 知名车企被黑后停产超37天，逾3万辆汽车生产延误，影响国家经济安全
  • 美国高校研发无人机飞行中防御黑客攻击技术
• 威努特安全网络
  • 从安全网络到融合计算，威努特全面赋能智慧粮库建设
• 腾讯安全应急响应中心
  • 单洞最高12万！百万奖池等你来拿！｜微信、腾讯云、混元联合TSRC众测开启
• 微步在线研究响应中心
  • 漏洞通告 | Redis Lua 远程代码执行漏洞
• 绿盟科技CERT
  • 【漏洞通告】Oracle E-Business Suite远程代码执行漏洞(CVE-2025-61882)
  • 【漏洞通告】Redis Lua代码执行漏洞（CVE-2025-49844）
• 代码卫士
  • 谷歌推出新AI漏洞奖励计划，最高赏金可达3万美元
  • Zeroday Cloud 黑客大赛专注开源云和AI工具，赏金池450万美元
• 看雪学苑
  • Frida自编译以及去特征
  • AI安全新范式：京东JoySafety开源项目深度解析
  • 勒索60万英镑、暗网发儿童照！Kido 托儿所攻击案两名17岁嫌疑人被英国警方逮捕
  • Frida编译调试与Hook技术实战：赠 android rat源码供学习
• 奇安信 CERT
  • 【已复现】Oracle E-Business Suite 远程代码执行漏洞(CVE-2025-61882)安全风险通告
• 长亭安全应急响应中心
  • 【已复现】Oracle E-Business Suite 远程代码执行漏洞安全通告(CVE-2025-61882)
• 安全圈
  • 【安全圈】《王者荣耀》崩上热搜
  • 【安全圈】微软365全球服务中断：Teams、Exchange Online及管理平台集体瘫痪
  • 【安全圈】黑客借虚假 Microsoft Teams 安装程序 植入 Oyster 后门入侵企业网络
• 数世咨询
  • AI开发助手=大规模风险自动化？
• 极客公园
  • 这款 AI 调研神器，让我一键产生 1000 个「种子用户」｜AI 上新
  • 新一代短剧人，涌向郑州「淘金」
  • 英伟达将投资马斯克的 xAI；低价版Model 3/Y 「阉割」智驾功能；微信推出批量撤回信息功能 | 极客早知道
• dotNet安全矩阵
  • 剖析 .NET 5 + 版本中 ShellCode 运行失效的深层原因与解决方案
  • 「.NET 安全交流社区」构建完整攻防体系的知识宝库
  • .NET 中使用 Windows runas 提升进程权限
• 默安科技
  • 国家级认证再添重磅！默安科技跻身重点 “小巨人”，彰显硬核科创实力
• 安全研究GoSSIP
  • G.O.S.S.I.P 阅读推荐 2025-10-09 WireTap窃听风暴
• 安全学术圈
  • 2025年度网络空间安全技术国家地方联合工程实验室开放课题指南征集
• 深信服千里目安全技术中心
  • 【漏洞通告】Redis Lua脚本远程代码执行漏洞(CVE-2025-49844)
  • 网络安全信息与动态周报2025年第39期（9月22日-9月28日）
• 嘶吼专业版
  • 新型工具EDR-Freeze曝光：借助Windows错误报告系统 从用户模式中实现安全软件规避
  • 黑客借虚假Microsoft Teams安装程序植入Oyster后门入侵企业网络
• 安全牛
  • AI赋能实战网络靶场：你的防御体系，准备好迎接“智能对手”了吗？
  • 2025年10月起多项政策法规及标准开始施行；为“给领导添堵”竟当“内鬼”！国安部披露 | 牛览
• 国家互联网应急中心CNCERT
  • 网络安全信息与动态周报2025年第39期（9月22日-9月28日）
• 美团技术团队
  • 可验证过程奖励在提升大模型推理效率中的探索与实践
  • MARS TALK 第06期｜走进香港理工大学，共话高动态环境下的智能机器人发展与应用
• 补天平台
  • 湘江论 “安” 缺你不可！补天长沙站议题征集倒计时9天！速来投稿！
• huasec
  • 安全运营中的挖矿行为分析
• Qualys Security Blog
  • Qualys Recognized as a Leader in the 2025 GigaOM Radar for Patch Management Solutions
  • Ensuring Safe and Reliable Updates with Qualys TruRisk™ Manifest Version Control
• IT Service Management News
  • Professionisti e dichiarazione dei sistemi di IA usati
  • NIS2: Referente CSIRT e nuova registrazione per i soggetti NIS
• DEF CON Announcements!
  • Call for CTF Organizers!
• Over Security - Cybersecurity news aggregator
  • New Android spyware ClayRat imitates WhatsApp, TikTok, YouTube
  • Hackers now use Velociraptor DFIR tool in ransomware attacks
  • Microsoft: Hackers target universities in “payroll pirate” attacks
  • Introducing Sucuri Academy: Your New Destination for Website Security Education
  • Microsoft Defender mistakenly flags SQL Server as end-of-life
  • Italian businessman’s phone reportedly targeted with Paragon spyware
  • Why don’t we sit around this computer console and have a sing-along?
  • 'Payroll pirate' hackers diverting salary payments from university employees, Microsoft says
  • RondoDox botnet targets 56 n-day flaws in worldwide attacks
  • Renewal of cyber information-sharing law must mind the gap, senator says
  • Discord says 70,000 users had government IDs exposed in third-party breach
  • Sorgenia e Dolomiti Energia, attacco coordinato alla supply chain digitale: le ipotesi
  • Microsoft: Windows Backup now available for enterprise users
  • CometJacking: quando un clic trasforma il browser Comet AI di Perplexity in un ladro di dati
  • From infostealer to full RAT: dissecting the PureRAT attack chain
  • SonicWall: Firewall configs stolen for all cloud backup customers
  • Notification Protection, da Kaspersky un sistema anti-phishing per Android
  • Accesso al dossier sanitario: cosa impariamo dalla sanzione privacy alla AOU Careggi
  • Azure outage blocks access to Microsoft 365 services, admin portals
  • Hacktivists target critical infrastructure, hit decoy plant
  • Velociraptor leveraged in ransomware attacks
  • Google ripulisce il Play Store da 224 app usate per frodi online: cosa impariamo
  • Cisco automation series
  • DORA e Ict: le sfide tecnologiche, i processi e la resilienza continua
  • Australian Data Breaches Are Up 48% So Far This Year. What’s Behind The Eye-Popping Surge?
  • Hackers claim Discord breach exposed data of 5.5 million users
• 迪哥讲事
  • xss中常见绕过思路
• DARKNAVY
  • 机器人出现“人传人”漏洞？宇树还能打好安全这张牌吗？
• TrustedSec
  • Skimming Credentials with Azure's Front Door WAF
• ICT Security Magazine
  • Innovazione a difesa delle infrastrutture critiche
  • TikTok ti spia per il governo cinese?
• SANS Internet Storm Center, InfoCON: green
  • [Guest Diary] Building Better Defenses: RedTail Observations from a Honeypot, (Thu, Oct 9th)
  • ISC Stormcast For Thursday, October 9th, 2025 https://isc.sans.edu/podcastdetail/9648, (Thu, Oct 9th)
• Microsoft Security Blog
  • Securing agentic AI: Your guide to the Microsoft Ignite sessions catalog
  • Investigating targeted “payroll pirate” attacks affecting US universities
• Securityinfo.it
  • Notification Protection, da Kaspersky un sistema anti-phishing per Android
• Troy Hunt's Blog
  • Court Injunctions are the Thoughts and Prayers of Data Breach Response
• Arturo Di Corinto
  • ACN e la sovranità digitale al DisclAImer Tour del Corsera
• Full Disclosure
  • CVE-2025-59397 - Open Web Analytics SQL Injection
• Instapaper: Unread
  • Cross-Platform DFIR Tools MalChelaGUI on Windows
  • I 10 controlli tecnici per verificare se una mail è originale o falsa ed evitare truffe e phishing
• TorrentFreak
  • DAZN Letters to IPTV Pirates Demand €500, Compliance in 7 Days – Or Else
• Security Affairs
  • ClayRat campaign uses Telegram and phishing sites to distribute Android spyware
  • CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts
  • Threat actors steal firewall configs, impacting all SonicWall Cloud Backup users
  • Discord denies massive breach, confirms limited exposure of 70K ID photos
• Trend Micro Research, News and Perspectives
  • RondoDox: From Targeting Pwn2Own Vulnerabilities to Shotgunning Exploits
  • Weaponized AI Assistants & Credential Thieves
• Active Directory & Azure AD/Entra ID Security
  • Active Directory Security Tip #13: Reviewing Foreign Security Principals (FSPs)
• The Hacker News
  • From HealthKick to GOVERSHELL: The Evolution of UTA0388's Espionage Malware
  • New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps
  • Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks
  • ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More
  • SaaS Breaches Start with Tokens - What Security Teams Must Watch
  • From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine
  • Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme
• The Register - Security
  • It's trivially easy to poison LLMs into spitting out gibberish, says Anthropic
  • SonicWall breach hits every cloud backup customer after 5% claim goes up in smoke
• Deeplinks
  • PERA Remains a Serious Threat to Efforts Against Bad Patents
  • Opt Out October: Daily Tips to Protect Your Privacy and Security
• Security Weekly Podcast Network (Audio)
  • IoT Hacks Galore - Kieran Human - PSW #895