[每日信息流] 2025-12-30

# 每日安全资讯（2025-12-30）

- SecWiki News
  - [ ] [SecWiki News 2025-12-29 Review](http://www.sec-wiki.com/?2025-12-29)
- 美团技术团队
  - [ ] [2025 | 美团技术团队热门技术文章汇总](https://tech.meituan.com/2025/12/29/2025-annual-review.html)
- LevelBlue Blog
  - [ ] [The Critical Role of Organizational Change Management in Implementing NIST CSF 2.0](https://levelblue.com/blogs/levelblue-blog/the-critical-role-of-organizational-change-management-in-implementing-nist-csf-2.0/)
- Doonsec's feed
  - [ ] [船舶离网通信方案：Meshtastic 应用指南](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451184506&idx=1&sn=b63846cd7cd66d0eac8236624d9834e6)
  - [ ] [BPMN任务类型详解](https://mp.weixin.qq.com/s?__biz=MzE5MTQzMzg5MA==&mid=2247484440&idx=1&sn=8497c4c9dc8b2145942d9f23aee41a73)
  - [ ] [元旦🎁 极简2026全年日历](https://mp.weixin.qq.com/s?__biz=MzIzNDU5NTI4OQ==&mid=2247489636&idx=1&sn=c2bbc09d6efe415f5ba68449ef815d07)
  - [ ] [AI魔改OpenWrt系统（第8周）](https://mp.weixin.qq.com/s?__biz=MzU4MTgxNDc2MQ==&mid=2247486575&idx=1&sn=2105974980d18290ae0d7cdca3ce4a5c)
  - [ ] [赛普EAP企业适配管理平台AppData.ashx接口存在SQL注入漏洞 附POC](https://mp.weixin.qq.com/s?__biz=MzIxMjEzMDkyMA==&mid=2247489795&idx=1&sn=22f73512d0df61047abeb439472f96a7)
  - [ ] [网络安全行业，截至目前（2025年12月29日收盘）市值排行及变化情况，国盾量子继续暴涨](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247499551&idx=1&sn=7471f68e9c80562bf9927d666a35a5c0)
  - [ ] [网络安全行业，2025年个人的年终总结](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247499551&idx=2&sn=569b195beb19352cd08618d5242a12e2)
  - [ ] [网络安全行业，一则网络安全驻场服务招标要求分析](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247499551&idx=3&sn=c8958829315a6ef2098e6fc37f0ac06a)
  - [ ] [网络安全行业，现金流是寒冬下最抗风险的护城河](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247499551&idx=4&sn=8e5e041796180f8b84081a22d01b7da8)
  - [ ] [网络安全行业，关联交易是利益输送关系么？](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247499551&idx=5&sn=4dc15c51422efa6cfc25bfedc1b9a399)
  - [ ] [网络安全行业，寒冬之下如果要广进优化，请让员工们体面的离开](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247499551&idx=6&sn=6981bade21c9055acb290c2e45d16e48)
  - [ ] [网络安全行业，为什么大部分企业裁员广进都是悄悄地在进行](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247499551&idx=7&sn=962448cadc8eca59372c1040ec6950c5)
  - [ ] [网络安全行业，股东们纷纷减持的原因完全是因为业绩不好么？](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247499551&idx=8&sn=da08da22e87334cf57a4a41538b9c5ea)
  - [ ] [苹果中国供应商成为网络攻击目标](https://mp.weixin.qq.com/s?__biz=MzU5NTA3MTk5Ng==&mid=2247489909&idx=1&sn=e2470ade5a7942b6320a6cbde4b161ed)
  - [ ] [【情报】以色列总理内塔尼亚胡幕僚长手机被黑导致大量数据泄露](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651153470&idx=1&sn=363d86d233f8bdd57b048991f166cf46)
  - [ ] [简简单单的IDOR导致大量信息泄露](https://mp.weixin.qq.com/s?__biz=Mzg2MjU2MjY4Mw==&mid=2247485385&idx=1&sn=748cf2f1c6a2f7a47c4f5ad63c1847b4)
  - [ ] [“正义使命-2025”演习，台当局“网军”战力如何？](https://mp.weixin.qq.com/s?__biz=Mzg2NDYwMDA1NA==&mid=2247547191&idx=1&sn=821071b11bd2ed297d654e6bb4c59e27)
  - [ ] [漏洞预警 | MongoDB 存在未授权内存泄露漏洞（CVE-2025-14847）](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247491400&idx=1&sn=3c08a7567535cd8e4b1549ae5595318b)
  - [ ] [应急响应及溯源常用工具](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247491400&idx=2&sn=03e85f850285da96228510c5159b8c45)
  - [ ] [网安实验干货每日分享SQL注入-基于布尔的盲注-1229](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247491400&idx=3&sn=eb3ca3b5a1ebc65bb5e0118d28e80a74)
  - [ ] [【攻防演练】内网大保健-快速刷分流程](https://mp.weixin.qq.com/s?__biz=Mzg3OTUxNTU2NQ==&mid=2247491400&idx=4&sn=d93527c966234133bcce32fc0690dac3)
  - [ ] [安全开发-会话劫持之会话ID加密存储](https://mp.weixin.qq.com/s?__biz=MzA5NzEwOTUzMw==&mid=2447980111&idx=1&sn=aa3079e845e9d851ced7c574bfeadebe)
  - [ ] [分享的图片、视频、链接](https://mp.weixin.qq.com/s?__biz=MzIyMDEzMTA2MQ==&mid=2651168898&idx=1&sn=f5f8a7608c9604a323e4064deb2de942)
  - [ ] [2024中国新能源汽车出海十大趋势洞察报告](https://mp.weixin.qq.com/s?__biz=MzkyOTMwMDQ5MQ==&mid=2247522725&idx=1&sn=2752592393fa87aefdfa6c73d0deb428)
  - [ ] [华青融天2025年度记事 | 始于纳新，成于价值](https://mp.weixin.qq.com/s?__biz=MzA4Mzg1ODIzMw==&mid=2653547097&idx=1&sn=55df53759ebf40f73ec32293cdf5d09d)
  - [ ] [中华人民共和国网络安全法](https://mp.weixin.qq.com/s?__biz=MzAwMTU3NTcwMg==&mid=2650275025&idx=1&sn=f60b234cc5470569504b239b3666ff61)
  - [ ] [【吃瓜】爆料称MongoDB漏洞致育碧数十TB源代码泄露](https://mp.weixin.qq.com/s?__biz=Mzg4NDg2NTM3NQ==&mid=2247485897&idx=1&sn=3ba4555654cc9f788719b0a72cc6fe51)
  - [ ] [《中华人民共和国网络安全法》修改后有哪些变化？挑重点说明（一）](https://mp.weixin.qq.com/s?__biz=MzkwNDI0MjkzOA==&mid=2247486533&idx=1&sn=d887ca19b4be327fdc3e0f9fdc8c745e)
  - [ ] [AI一键免杀WebShell工具，金刚狼、哥斯垃、冰蝎、菜刀等](https://mp.weixin.qq.com/s?__biz=Mzk5MDIyNTQzMA==&mid=2247484012&idx=1&sn=5d5f174077da000b967b47b852d9051a)
  - [ ] [每日课程更新-新课上线](https://mp.weixin.qq.com/s?__biz=MzkwOTE5MDY5NA==&mid=2247508912&idx=1&sn=86a646b5a06efa1e01b979266b9e598d)
  - [ ] [武装你的burpsuite](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247522249&idx=1&sn=f367b7fd9747a1785f89aa21c322f19e)
  - [ ] [src专项挖掘知识库](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247522249&idx=2&sn=7e99a69cb45eb494d3ba2b7e900e7a56)
  - [ ] [CyberChef 基础实用指南：安全人员必备“数据料理刀”](https://mp.weixin.qq.com/s?__biz=Mzg2ODYxMzY3OQ==&mid=2247522249&idx=3&sn=733b0680272e366d0d241ae9bb634910)
  - [ ] [『跨年SRC联合狩猎翻倍盛典』第二期启幕xa0！](https://mp.weixin.qq.com/s?__biz=MzU3OTAyODk4MQ==&mid=2247491481&idx=1&sn=c68f056c336088c97942a4a36fafa75a)
  - [ ] [HKCERT CTF 2025 WP](https://mp.weixin.qq.com/s?__biz=Mzk0NzI0NTI2OA==&mid=2247486466&idx=1&sn=79871f5e4006a023c06b1ec15a5bd1ca)
  - [ ] [会员动态 | 热烈欢迎缔零智源成为协会会员单位!](https://mp.weixin.qq.com/s?__biz=MzU0Mzk0NDQyOA==&mid=2247523032&idx=1&sn=ac73b1f8ac5408a0c4cd3eec149382f2)
  - [ ] [全文公布 | 《中华人民共和国网络安全法》](https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448691682&idx=1&sn=18d3159941fa7abc2992dd9b474919e1)
  - [ ] [2025河南省第七届“金盾信安杯”网络与数据安全大赛成功举办](https://mp.weixin.qq.com/s?__biz=MjM5NjA2NzY3NA==&mid=2448691682&idx=2&sn=9e3849cdc06c58aee3ec71d14ad7ae70)
  - [ ] [《中华人民共和国网络安全法》修改后有哪些变化？](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649175450&idx=2&sn=2abde19ccd994fed4420bd1749c211f8)
  - [ ] [【大话工控安全】工业控制系统行业知识：电力行业通信安全标准IEC62351（GB/T 25320）-PART9](https://mp.weixin.qq.com/s?__biz=MzI0MzM3NTQ5MA==&mid=2247486009&idx=1&sn=545a4cb951e987b1ad092f8a668bf31e)
  - [ ] [取证界的工匠精神](https://mp.weixin.qq.com/s?__biz=MjM5NTU4NjgzMg==&mid=2651450291&idx=1&sn=f20dfe13f37631ea43bbd50fbc465fcb)
  - [ ] [G.O.S.S.I.P 阅读推荐 2025-12-29 舶来之物与Docker安全](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247501161&idx=1&sn=f781f9d3c8c56be63d52fb9656900634)
  - [ ] [我宣布：加年终奖！“开源欧拉”众测王者归来](https://mp.weixin.qq.com/s?__biz=MzIxODIzNzgwMw==&mid=2654075737&idx=1&sn=3d393b378e917ac2199f0e0d5ce4668f)
  - [ ] [重磅发布| 《2025全球虚拟货币犯罪态势与打击研究报告》开放免费申领！](https://mp.weixin.qq.com/s?__biz=MzI1NDMxOTkyNw==&mid=2247486434&idx=1&sn=326bbfcadd2c7cbf08e8c4c10881b0be)
  - [ ] [网安创作一年记：沉淀过往，奔赴新程](https://mp.weixin.qq.com/s?__biz=MzI5MTIwOTQ5MA==&mid=2247489951&idx=1&sn=2f01488f16ff8dc27923b81a5895faf8)
  - [ ] [关于报送未成年人个人信息保护合规审计情况的公告](https://mp.weixin.qq.com/s?__biz=Mzg4NzQ4MzA4Ng==&mid=2247486194&idx=1&sn=9c0b08edfb1fa51758905fea5e39bc90)
  - [ ] [多家主流媒体集中报道CertiK年度安全报告，安全议题成行业共识焦点](https://mp.weixin.qq.com/s?__biz=MzU5OTg4MTIxMw==&mid=2247504943&idx=1&sn=76451163b61b37c4c8795b5fbefa5150)
  - [ ] [源码交付！工业制造4.0企业数字化转型MES系统，含巡检、维修、保养、盘点、排班、采购管理等11大核心模块](https://mp.weixin.qq.com/s?__biz=MjM5OTA4MzA0MA==&mid=2454943962&idx=1&sn=9ebc06df39539890a0d47c9737a7e87a)
  - [ ] [《中华人民共和国网络安全法》全文修正发布](https://mp.weixin.qq.com/s?__biz=MjM5MzMwMDU5NQ==&mid=2649175450&idx=1&sn=c201f7ebf1db6af0617908a5dbe49401)
  - [ ] [2025蓝牙趋势研讨会｜银基科技分享Channel Sounding从精准测距到安全应用](https://mp.weixin.qq.com/s?__biz=MzIxMjU2NTU4NQ==&mid=2247489907&idx=1&sn=eb0b6b64982bc0511b1a3fb9e7495132)
  - [ ] [第146篇：美国棱镜门计划技术解密（二）：被监听用户数据的审核、分发与入库全流程](https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247488059&idx=1&sn=e0539c08852a333ff10cca1b797b6f34)
  - [ ] [榜首加冕！360登顶“2025中国网络安全企业20强”](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247583837&idx=1&sn=89451695c8909d20ee241355d8b7485c)
  - [ ] [1月1日起正式实施！《网络安全法》修订要点解读](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247583837&idx=2&sn=a0893fc01ee5479760bc1dfe3d5a31f3)
  - [ ] [360灵犀情报智能分析平台发布 重塑智慧警务新范式！](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247583837&idx=3&sn=d1215634d8997783aac363a90bad4d11)
  - [ ] [合规≠安全：当传统安全框架遇上AI威胁](https://mp.weixin.qq.com/s?__biz=Mzg4ODI5MzAzMw==&mid=2247483974&idx=1&sn=6f573417356cb817fe7a67e296107c02)
  - [ ] [【AI安全】警惕！中科院: 改一个词就能“操控”AI？](https://mp.weixin.qq.com/s?__biz=MzkxNzU2NDgxNQ==&mid=2247484590&idx=1&sn=585d1439499b4e49c3838d2f43efac90)
- Recent Commits to cve:main
  - [ ] [Update Mon Dec 29 11:24:34 UTC 2025](https://github.com/trickest/cve/commit/cda3167e07aea7e858932ef41cb6486f1bccba73)
- Private Feed for M09Ic
  - [ ] [mgeeky starred decodingai-magazine/second-brain-ai-assistant-course](https://github.com/decodingai-magazine/second-brain-ai-assistant-course)
  - [ ] [bolucat released 202512291938 at bolucat/Archive](https://github.com/bolucat/Archive/releases/tag/202512291938)
  - [ ] [Ridter starred pranshuparmar/witr](https://github.com/pranshuparmar/witr)
  - [ ] [CHYbeta starred zakirkun/guardian-cli](https://github.com/zakirkun/guardian-cli)
  - [ ] [mgeeky starred m417z/ntdoc](https://github.com/m417z/ntdoc)
  - [ ] [Mr-xn starred lbjlaq/Antigravity-Manager](https://github.com/lbjlaq/Antigravity-Manager)
  - [ ] [goplus released v0.12.0 at goplus/llgo](https://github.com/goplus/llgo/releases/tag/v0.12.0)
  - [ ] [FunnyWolf starred WithSecureLabs/Kanvas](https://github.com/WithSecureLabs/Kanvas)
  - [ ] [Ridter starred yhy0/init-skills](https://github.com/yhy0/init-skills)
  - [ ] [Rvn0xsy forked Rvn0xsy/SharpSploit from cobbr/SharpSploit](https://github.com/Rvn0xsy/SharpSploit)
  - [ ] [niudaii starred pranshuparmar/witr](https://github.com/pranshuparmar/witr)
  - [ ] [0xbug starred tambo-ai/tambo](https://github.com/tambo-ai/tambo)
  - [ ] [Ridter starred Ridter/ChatAgentDemo](https://github.com/Ridter/ChatAgentDemo)
- 安全客-有思想的安全新媒体
  - [ ] [EmEditor 遭攻陷：“沃尔沙姆” 伪装者篡改官方安装包，植入间谍软件](https://www.anquanke.com/post/id/314096)
  - [ ] [性能推进器：谷歌提议将高性能优化器纳入 LLVM 上游主线](https://www.anquanke.com/post/id/314100)
  - [ ] [圣诞洗劫：Trust Wallet v2.68 版本后门如何盗走 700 万美元](https://www.anquanke.com/post/id/314091)
  - [ ] [70 美元芯片争夺战：谷歌缘何高管换人，苹果又为何要直面 230% 的价格暴涨](https://www.anquanke.com/post/id/314077)
  - [ ] [CVE-2025-54322（CVSS 10 分满分）：AI 智能体发现全球网络设备高危零日漏洞](https://www.anquanke.com/post/id/314086)
  - [ ] [终结 “内存占用税”：微软新方案让文件资源管理器搜索速度翻倍](https://www.anquanke.com/post/id/314084)
  - [ ] [黑客攻陷 Trust Wallet 谷歌浏览器插件，用户称数百万资产被盗](https://www.anquanke.com/post/id/314073)
  - [ ] [节假日 ColdFusion 攻击频发：遭 250 万次请求大规模猛攻](https://www.anquanke.com/post/id/314079)
  - [ ] [Livewire 框架高危漏洞致 Laravel 应用面临隐蔽远程代码执行风险，漏洞验证工具已公开](https://www.anquanke.com/post/id/314068)
  - [ ] [MongoBleed 漏洞 PoC 已发布：未授权攻击者可窃取 MongoDB 内存敏感信息](https://www.anquanke.com/post/id/314075)
- obaby@mars
  - [ ] [真正的冬天](https://h4ck.org.cn/2025/12/22241)
- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  - [ ] [新型MacSync恶意软件投放器成功规避macOS Gatekeeper检测](https://www.4hou.com/posts/nlEY)
  - [ ] [国家网络安全通报中心发布新一批重点防范境外恶意网址和恶意IP](https://www.4hou.com/posts/LGKp)
- 奇安信攻防社区
  - [ ] [AI安全之间接提示词注入实现RCE(CVE-2025-53773绕过分析)](https://forum.butian.net/share/4698)
- Tenable Blog
  - [ ] [CVE-2025-14847 (MongoBleed): MongoDB Memory Leak Vulnerability Exploited in the Wild](https://www.tenable.com/blog/cve-2025-14847-mongobleed-mongodb-memory-leak-vulnerability-exploited-in-the-wild)
- Securelist
  - [ ] [The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor](https://securelist.com/honeymyte-kernel-mode-rootkit/118590/)
- Bug Bounty in InfoSec Write-ups on Medium
  - [ ] [Monitor Bug Bounty Targets in Real Time Using Certificate Transparency Logs](https://infosecwriteups.com/monitor-bug-bounty-targets-in-real-time-using-certificate-transparency-logs-247caa34d0f9?source=rss----7b722bfd1b8d--bug_bounty)
  - [ ] [$2,400 Bounty: for Discovering Critical DoS Vulnerability in Rack (CVE-2022–30122)](https://infosecwriteups.com/2-400-bounty-for-discovering-critical-dos-vulnerability-in-rack-cve-2022-30122-26b8f0d9e484?source=rss----7b722bfd1b8d--bug_bounty)
  - [ ] [SQLi → RCE: Exploiting PostgreSQLi](https://infosecwriteups.com/sqli-rce-exploiting-postgresqli-f5bb81d24630?source=rss----7b722bfd1b8d--bug_bounty)
  - [ ] [One Misplaced Header, Thousands of Leaked Sessions: A Bug Bounty Story](https://infosecwriteups.com/one-misplaced-header-thousands-of-leaked-sessions-a-bug-bounty-story-9cc0ee4b3e38?source=rss----7b722bfd1b8d--bug_bounty)
  - [ ] [The Internet Is Leaking Secrets in Public Repos](https://infosecwriteups.com/the-internet-is-leaking-secrets-in-public-repos-0b4f5bc32f87?source=rss----7b722bfd1b8d--bug_bounty)
  - [ ] [Why Small Websites Are the New Bug Bounty Goldmine](https://infosecwriteups.com/why-small-websites-are-the-new-bug-bounty-goldmine-4d9c0bfced91?source=rss----7b722bfd1b8d--bug_bounty)
  - [ ] [I Was Hunting Bugs — The Cache Was Hunting Users Instead](https://infosecwriteups.com/i-was-hunting-bugs-the-cache-was-hunting-users-instead-1350057031e5?source=rss----7b722bfd1b8d--bug_bounty)
- Malwarebytes
  - [ ] [Malware in 2025 spread far beyond Windows PCs](https://www.malwarebytes.com/blog/news/2025/12/malware-in-2025-spread-beyond-windows-pcs)
  - [ ] [A week in security (December 22 &#8211; December 28)](https://www.malwarebytes.com/blog/news/2025/12/a-week-in-security-december-22-december-28)
- Malware-Traffic-Analysis.net - Blog Entries
  - [ ] [2025-12-29: ClickFix activity leads to NetSupport RAT](https://www.malware-traffic-analysis.net/2025/12/29/index.html)
- CCC Event Blog
  - [ ] [39C3: Power Off zur Abreise!](https://events.ccc.de/2025/12/30/39c3-assemblies-teardown/)
- Adam Caudill
  - [ ] [Is Long-form Writing Dead?](https://adamcaudill.com/2025/12/29/is-long-form-writing-dead/?utm_source=atom_feed)
- daniel.haxx.se
  - [ ] [no strcpy either](https://daniel.haxx.se/blog/2025/12/29/no-strcpy-either/)
- 黑海洋Wiki | Web开发工具包 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台
  - [ ] [AI Captcha Solver：AI大模型自动识别验证码（Chrome扩展）](https://blog.upx8.com/4932)
- rtl-sdr.com
  - [ ] [Building a P25 Police Scanner with an RTL-SDR Blog V3 and ZimaBoard 2](https://www.rtl-sdr.com/building-a-p25-police-scanner-with-an-rtl-sdr-blog-v3-and-zimaboard-2/)
  - [ ] [RadioTranscriber: Real-Time Public Safety Radio Transcription with Whisper AI](https://www.rtl-sdr.com/radiotranscriber-real-time-public-safety-radio-transcription-with-whisper-ai/)
  - [ ] [Discovery Dish 1420 MHz Hydrogen Line Feed Tested with a WiFi Grid Dish](https://www.rtl-sdr.com/discovery-dish-1420-mhz-hydrogen-line-feed-tested-with-a-wifi-grid-dish/)
- 奇客Solidot–传递最新科技情报
  - [ ] [2026 年可能是 Qwen 之年](https://www.solidot.org/story?sid=83175)
  - [ ] [Blender 调查显示大部分用户不用 AI](https://www.solidot.org/story?sid=83174)
  - [ ] [每天饮用瓶装水的人每年会多摄入 9 万微塑料](https://www.solidot.org/story?sid=83173)
  - [ ] [伊朗和俄罗斯的审查和反审查](https://www.solidot.org/story?sid=83172)
  - [ ] [SuperTux 0.7 发布首个 Beta](https://www.solidot.org/story?sid=83171)
  - [ ] [Sal Khan 建议企业捐出 1% 的利润帮助被 AI 取代的工人](https://www.solidot.org/story?sid=83170)
  - [ ] [科学家发现自闭症大脑的分子差异](https://www.solidot.org/story?sid=83169)
  - [ ] [随着内存价格飙升，电子产品也会跟着涨价](https://www.solidot.org/story?sid=83168)
  - [ ] [Google AI Overview 错误指控一名音乐家是性犯罪者](https://www.solidot.org/story?sid=83167)
  - [ ] [德州父亲通过手机定位救回被绑架的女儿](https://www.solidot.org/story?sid=83165)
- 黑鸟
  - [ ] [船舶离网通信方案：Meshtastic 应用指南](https://mp.weixin.qq.com/s?__biz=MzAxOTM1MDQ1NA==&mid=2451184506&idx=1&sn=b63846cd7cd66d0eac8236624d9834e6)
- 安全分析与研究
  - [ ] [疑似俄罗斯黑客组织Gamaredon APT针对乌克兰进行网络钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247495097&idx=1&sn=89afa64ce5ad5559326882f4fd3ae4cc)
- 代码卫士
  - [ ] [LangChain Core存在严重的序列化注入漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247524761&idx=1&sn=b5d8363914b09d269fa325e5e3010cbf)
  - [ ] [CISA 将已遭利用的 Digiever NVR RCE漏洞纳入KEV](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247524761&idx=2&sn=1b94ad55c3aaf6d0f95f5c0d1386a2e4)
- 绿盟科技研究通讯
  - [ ] [【论文分享】LLM词表的污染中文token与训练语料污染](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247499336&idx=1&sn=3fbbeb6112d79641f4a71ecf72718636)
- 白帽100安全攻防实验室
  - [ ] [UN R155认证视角下的TARA实践](https://mp.weixin.qq.com/s?__biz=MzIxMDYyNTk3Nw==&mid=2247515406&idx=1&sn=d8b96ea9de99599973664714780ded80)
  - [ ] [基于意图工程的自动化攻击演练落地实践](https://mp.weixin.qq.com/s?__biz=MzIxMDYyNTk3Nw==&mid=2247515406&idx=2&sn=57b4984dd35b4ccba1bbb4570a7c64af)
- 天黑说嘿话
  - [ ] [【安全运营】企业安全下的银狐木马互联网投毒防护方案](https://mp.weixin.qq.com/s?__biz=MzI5NTQ5MTAzMA==&mid=2247485927&idx=1&sn=cd2fcb078ab76a3f27bfbb6ba42b4a26)
- 奇安信 CERT
  - [ ] [【已复现】Zimbra 本地文件包含漏洞(CVE-2025-68645)安全风险通告](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247504401&idx=1&sn=0a41c93f61610d2de21b143cf5346f92)
- 二道情报贩子
  - [ ] [苹果中国供应商成为网络攻击目标](https://mp.weixin.qq.com/s?__biz=MzU5NTA3MTk5Ng==&mid=2247489909&idx=1&sn=e2470ade5a7942b6320a6cbde4b161ed)
- 安全内参
  - [ ] [CISO展望：2026年AI SOC应具备7项能力](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515396&idx=1&sn=937d703531e574c310608668eb037e1f)
  - [ ] [委内瑞拉国营石油公司被破坏性网络攻击事件分析](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247515396&idx=2&sn=140c996d4bcf1ae5087171c97f9c27bc)
- 信息安全国家工程研究中心
  - [ ] [《中华人民共和国网络安全法》修改后有哪些变化？](https://mp.weixin.qq.com/s?__biz=MzU5OTQ0NzY3Ng==&mid=2247502582&idx=1&sn=32319395a32568769c90179ef0a3fca1)
- 安全研究GoSSIP
  - [ ] [G.O.S.S.I.P 阅读推荐 2025-12-29 舶来之物与Docker安全](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247501161&idx=1&sn=f781f9d3c8c56be63d52fb9656900634)
- 安全圈
  - [ ] [【安全圈】"耳机劫持"：索尼等主流无线耳机芯片曝高危漏洞，黑客可接管用户手机](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652073453&idx=1&sn=f1dbd8bd525c3a389121fa141f0374ab)
  - [ ] [【安全圈】CVE-2025-54322（CVSS 10分）：AI Agent发现全球网络设备关键0Day漏洞](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652073453&idx=2&sn=4ad2cb470ecbf8e9ebddb77c454c0eeb)
  - [ ] [【安全圈】"前缀替换"攻击引发恐慌：高度仿真的"Jackson"冒牌库入侵Maven中央仓库](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652073453&idx=3&sn=fdc028d39b82df223a6c6b268d1a411a)
  - [ ] [【安全圈】育碧客服被指收受黑客贿赂获玩家信息](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652073453&idx=4&sn=424d296096301c2b21428558679dd3df)
- 青山青吖
  - [ ] [当前进度分析：即将迎来调整？（1229） | 黄金](https://mp.weixin.qq.com/s?__biz=MzI5NzAzMDg0NA==&mid=2650698593&idx=1&sn=0ccc356f385adc64425b962e4167639b)
- 中国信息安全
  - [ ] [重磅 | 《中华人民共和国网络安全法》全文修正发布](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664256520&idx=1&sn=8a41709f8589a4a6a00f49a13a66fd2b)
  - [ ] [一图读懂 | 《中华人民共和国网络安全法》修改后有哪些变化？](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664256520&idx=2&sn=2a4d0531c2809462bd466dad44f1b955)
- 看雪学苑
  - [ ] [SMC自修改代码](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458606699&idx=1&sn=ec32fb045ef10a19ea75e3cd9e72f9fe)
  - [ ] [“耳机劫持”惊魂！热门蓝牙耳机藏致命漏洞，手机恐被远程操控](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458606699&idx=2&sn=56ed1fca7dd1011e0b211a57baebeb2e)
  - [ ] [30小时教你进阶CTF-密码学：顶尖硕博战队亲授，从古典密码到RSA攻击](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458606699&idx=3&sn=73f8d69fc5298cbd66e6eb33be37ecfd)
- 唯品会安全应急响应中心
  - [ ] [『跨年SRC联合狩猎翻倍盛典』第二期启幕 ！](https://mp.weixin.qq.com/s?__biz=MzI5ODE0ODA5MQ==&mid=2652281739&idx=1&sn=4b42ef6b60f092d0a08554a500b6618d)
- 默安科技
  - [ ] [稳居浙江网安行业前列，默安科技入选“长三角百家品牌软件企业”](https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247501505&idx=1&sn=5f36f8d8cb9d84bd18686872fadbbda5)
- 腾讯安全威胁情报中心
  - [ ] [情报每周回顾 2025-12-29](https://mp.weixin.qq.com/s?__biz=MzI5ODk3OTM1Ng==&mid=2247510999&idx=1&sn=75224fcf9e5f821a6f5352b7a68b7b47)
- 慢雾科技
  - [ ] [慢雾 Q4 追踪实录：协助被盗客户冻结/追回百万美元资金](https://mp.weixin.qq.com/s?__biz=MzU4ODQ3NTM2OA==&mid=2247504087&idx=1&sn=5325391cb456ec020da8f3b5b47a8178)
- 数世咨询
  - [ ] [诚邀参加 | 2026安全市场年度大会](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247541305&idx=1&sn=ad456f5e3c63871a8b9f25c422149d02)
- 嘶吼专业版
  - [ ] [新型MacSync恶意软件投放器成功规避macOS Gatekeeper检测](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247586114&idx=1&sn=8114c907854a2d91cd2beebac8ec3cfc)
  - [ ] [国家网络安全通报中心发布新一批重点防范境外恶意网址和恶意IP](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247586114&idx=2&sn=76b464e18264298db148c2c9299012f5)
- 火绒安全
  - [ ] [火绒安全2025年度技术解析Top5](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247529607&idx=1&sn=b1d74cf65deef2264bf6781574599076)
  - [ ] [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247529607&idx=2&sn=fe18c1ebdb8ac1d8403b0afd45bd2969)
- 极客公园
  - [ ] [一年 200 次更新，字节 TRAE 如何拿下全球 600 万开发者](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653095946&idx=1&sn=295c0f9e2661d875b505fbfabbbda567)
  - [ ] [零跑朱江明：一汽入股但会保持控制权，机器人很热，但要看投入产出比](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653095946&idx=2&sn=b034e1deb65b2e73b95829cda77441e3)
  - [ ] [AI 时代的「4399」！我只用十五分钟做出了《技能五子棋》｜AI 上新](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653095912&idx=1&sn=4f6d61843896417f21b1447b21c2a641)
  - [ ] [这家公司，让「AI 淘金」有了新的意义！](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653095912&idx=2&sn=a067e8d964d7c4e638b398f766fceefa)
  - [ ] [小米联创林斌或出售不超20亿美元股票；官方确认明年「国补」继续；特斯拉 Robotaxi，吐车上罚 150 美元 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653095839&idx=1&sn=045d02a85ad8a2fa960c20b04feaa126)
- 情报分析师
  - [ ] [五个技巧打造高效情报报告，开源情报助力写作实战](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650565258&idx=1&sn=b071867c8ab8b8a92a76ac65ea12b80d)
  - [ ] [【热点研判】越南加紧南海岛礁扩建与对华合作并行/美台海军售引爆中美制裁交锋/美联邦打压州级AI法规引发技术竞争隐忧](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650565258&idx=2&sn=11c66fe5c7f8cc824aec6179fac9cecb)
- 安全牛
  - [ ] [从POC到规模化生产：为什么2025年是AI-SOC的真正爆发点？](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651139869&idx=1&sn=28439d6defc435d13edc538b1afc3108)
  - [ ] [国家网信办起草《人工智能拟人化互动服务管理暂行办法》 公开征求社会意见；工信部提醒：美国2025年诈骗损失猛增25％ | 牛览](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651139869&idx=2&sn=cd318a256744b763c9a3982e8c19c5f2)
- Beacon Tower Lab
  - [ ] [漏洞预警 | MongoDB 存在未授权内存泄露漏洞（CVE-2025-14847）](https://mp.weixin.qq.com/s?__biz=MzkyNzcxNTczNA==&mid=2247487977&idx=1&sn=3699c611534ecba93aae075c431fa837)
- 字节跳动技术团队
  - [ ] [火山引擎多媒体实验室多项成果入选 SIGGRAPH ASIA 2025](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247517862&idx=1&sn=e6313b1c7e465c8ef553dd88f1910aea)
  - [ ] [从“抖音同款”到“豆包同款”：视频云正在进入 Agent 时代](https://mp.weixin.qq.com/s?__biz=MzI1MzYzMjE0MQ==&mid=2247517862&idx=2&sn=88b0b9b110bed780b53653032390bd6a)
- 纽创信安
  - [ ] [芯片安全设计及应用技术研讨会西安站圆满落幕](https://mp.weixin.qq.com/s?__biz=MzAwNTczMjAzMg==&mid=2650240762&idx=1&sn=5fccddf09208e455452e970778334909)
- 360数字安全
  - [ ] [榜首加冕！360登顶“2025中国网络安全企业20强”](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247583837&idx=1&sn=89451695c8909d20ee241355d8b7485c)
  - [ ] [1月1日起正式实施！《网络安全法》修订要点解读](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247583837&idx=2&sn=a0893fc01ee5479760bc1dfe3d5a31f3)
  - [ ] [360灵犀情报智能分析平台发布 重塑智慧警务新范式！](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247583837&idx=3&sn=d1215634d8997783aac363a90bad4d11)
- 深信服千里目安全技术中心
  - [ ] [【漏洞通告】MongoDB 未授权内存泄露漏洞(CVE-2025-14847)](https://mp.weixin.qq.com/s?__biz=Mzg2NjgzNjA5NQ==&mid=2247524926&idx=1&sn=228995f6ca3b9742e101526240c5cc5b)
- 安全419
  - [ ] [安全419企业探营 | 带你了解一个全新的易安联](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247551975&idx=1&sn=6acf332cb03e5a95a93c9acb68dd4c0f)
- Chaos Computer Club - last 100 events feed
  - [ ] [Verschlüsselung brechen durch physischen Zugriff - Smartphone Beschlagnahme durch Polizei (39c3)](https://cdn.media.ccc.de/congress/2025/h264-hd/39c3-1882-deu-Verschluesselung_brechen_durch_physischen_Zugriff_-_Smartphone_Beschlagnahme_durch_Polizei.mp4)
  - [ ] [PRÜF (39c3)](https://cdn.media.ccc.de/congress/2025/h264-hd/39c3-2427-deu-PRUEF.mp4)
  - [ ] [Spectre in the real world: Leaking your private data from the cloud with CPU vulnerabilities (39c3)](https://cdn.media.ccc.de/congress/2025/h264-hd/39c3-1687-eng-Spectre_in_the_real_world_Leaking_your_private_data_from_the_cloud_with_CPU_vulnerabilities.mp4)
- 迪哥讲事
  - [ ] [逻辑缺陷之APP任意账号登录](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247498862&idx=1&sn=c70d3dde20ecf489a399073c1b3b6352)
- CNVD漏洞平台
  - [ ] [CNVD漏洞周报2025年第50期](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247496602&idx=1&sn=e818fe3c71e6be4b1bed1d304c101eb2)
  - [ ] [上周关注度较高的产品安全漏洞(20251222-20251228)](https://mp.weixin.qq.com/s?__biz=MzU3ODM2NTg2Mg==&mid=2247496602&idx=2&sn=f2586ef15dc4dcb74fbe5677bee036bb)
- Over Security - Cybersecurity news aggregator
  - [ ] [Condé Nast Under Attack: Telling the Complexity of Cybersecurity](https://www.suspectfile.com/conde-nast-under-attack-telling-the-complexity-of-cybersecurity/)
  - [ ] [NIS2: obblighi crescenti e consapevolezza limitata impongono una nuova cultura della sicurezza](https://www.cybersecurity360.it/legal/nis2-obblighi-crescenti-e-consapevolezza-limitata-impongono-una-nuova-cultura-della-sicurezza/)
  - [ ] [Nuova determinazione ACN “Piattaforma NIS”: cosa cambia (davvero) per la registrazione 2026](https://www.cybersecurity360.it/legal/nuova-determinazione-acn-piattaforma-nis-cosa-cambia-davvero-per-la-registrazione-2026/)
  - [ ] [Coupang to split $1.17 billion among 33.7 million data breach victims](https://www.bleepingcomputer.com/news/security/coupang-to-split-117-billion-among-337-million-data-breach-victims/)
  - [ ] [US, Australia say ‘MongoBleed’ bug being exploited](https://therecord.media/us-australia-bug-exploitation)
  - [ ] [Happy 16th Birthday, KrebsOnSecurity.com!](https://krebsonsecurity.com/2025/12/happy-16th-birthday-krebsonsecurity-com/)
  - [ ] [Two more banks notifying thousands of victims about Marquis Software ransomware attack](https://therecord.media/banks-marquis-software-ransomware)
  - [ ] [Hacker arrested for KMSAuto malware campaign with 2.8 million downloads](https://www.bleepingcomputer.com/news/security/hacker-arrested-for-kmsauto-malware-campaign-with-28-million-downloads/)
  - [ ] [French software company fined $2 million for cyber failings leading to data breach](https://therecord.media/french-software-fined-cnil)
  - [ ] [Trust Wallet says 2,596 wallets drained in $7 million crypto theft attack](https://www.bleepingcomputer.com/news/security/trust-wallet-says-7-million-crypto-theft-attack-drained-2-596-wallets/)
  - [ ] [Romanian energy provider hit by Gentlemen ransomware attack](https://www.bleepingcomputer.com/news/security/romanian-energy-provider-hit-by-gentlemen-ransomware-attack/)
  - [ ] [ChatGPT finally rolls out Thinking time toggle on mobile](https://www.bleepingcomputer.com/news/artificial-intelligence/chatgpt-finally-rolls-out-thinking-time-toggle-on-mobile/)
  - [ ] [The Real-World Attacks Behind OWASP Agentic AI Top 10](https://www.bleepingcomputer.com/news/security/the-real-world-attacks-behind-owasp-agentic-ai-top-10/)
  - [ ] [Former Coinbase support agent arrested for helping hackers](https://www.bleepingcomputer.com/news/security/former-coinbase-support-agent-arrested-for-helping-hackers/)
  - [ ] [5 Ways MSSPs Can Win Clients in 2026](https://any.run/cybersecurity-blog/how-mssps-win-clients/)
  - [ ] [Korean Air data breach exposes data of thousands of employees](https://www.bleepingcomputer.com/news/security/korean-air-data-breach-exposes-data-of-thousands-of-employees/)
  - [ ] [Coupang recovers smashed laptop that alleged data leaker threw into river](https://therecord.media/coupang-recovers-smashed-laptop-data-breach)
  - [ ] [Release Notes: AI Sigma Rules, Live Threat Landscape & 1,700+ New Detections](https://any.run/cybersecurity-blog/release-notes-december-2025/)
  - [ ] [Microsoft Copilot is rolling out GPT 5.2 as "Smart Plus" mode](https://www.bleepingcomputer.com/news/microsoft/microsoft-copilot-is-rolling-out-gpt-52-as-smart-plus-mode/)
  - [ ] [Fortinet warns of 5-year-old FortiOS 2FA bypass still exploited in attacks](https://www.bleepingcomputer.com/news/security/fortinet-warns-of-5-year-old-fortios-2fa-bypass-still-exploited-in-attacks/)
  - [ ] [MongoBleed, la vulnerabilità in MongoDB è già sfruttata in rete: aggiornamento urgente](https://www.cybersecurity360.it/news/mongobleed-la-vulnerabilita-in-mongodb-e-gia-sfruttata-in-rete-aggiornamento-urgente/)
  - [ ] [You’ve been targeted by government spyware. Now what?](https://techcrunch.com/2025/12/29/youve-been-targeted-by-government-spyware-now-what/)
  - [ ] [The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor](https://securelist.com/honeymyte-kernel-mode-rootkit/118590/)
  - [ ] [Manipolazione dei prompt: la bassa soglia di accesso apre il vaso di Pandora](https://www.cybersecurity360.it/nuove-minacce/manipolazione-dei-prompt-la-bassasoglia-di-accesso-apre-il-vaso-di-pandora/)
  - [ ] [Quando un’entità finanziaria è anche un fornitore ICT: gli impatti su GDPR, DORA, NIS2](https://www.cybersecurity360.it/legal/quando-unentita-finanziaria-e-anche-un-fornitore-ict-gli-impatti-su-gdpr-dora-nis2/)
  - [ ] [Malware Trends Q4 2025: Inside ANY.RUN’s Latest Threat Landscape Report](https://any.run/cybersecurity-blog/malware-trends-report-q4-2025/)
- 希潭实验室
  - [ ] [第146篇：美国棱镜门计划技术解密（二）：被监听用户数据的审核、分发与入库全流程](https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247488059&idx=1&sn=e0539c08852a333ff10cca1b797b6f34)
- The Hacker News
  - [ ] [⚡ Weekly Recap: MongoDB Attacks, Wallet Breaches, Android Spyware, Insider Crime & More](https://thehackernews.com/2025/12/weekly-recap-mongodb-attacks-wallet.html)
  - [ ] [MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide](https://thehackernews.com/2025/12/mongodb-vulnerability-cve-2025-14847.html)
  - [ ] [27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials](https://thehackernews.com/2025/12/27-malicious-npm-packages-used-as.html)
  - [ ] [Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors](https://thehackernews.com/2025/12/traditional-security-frameworks-leave.html)
- Schneier on Security
  - [ ] [Are We Ready to Be Governed by Artificial Intelligence?](https://www.schneier.com/blog/archives/2025/12/are-we-ready-to-be-governed-by-artificial-intelligence.html)
- The Register - Security
  - [ ] [Indian cops cuff ex-Coinbase rep over selling customer info to crims](https://go.theregister.com/feed/www.theregister.com/2025/12/29/indian_cops_cuff_coinbase_exrep/)
  - [ ] [Crims disconnect Wired subscribers from their privacy, publish deets online](https://go.theregister.com/feed/www.theregister.com/2025/12/29/wired_hack_subscriber_info_leaked/)
  - [ ] [Europe's cloud challenge: Building an Airbus for the digital age](https://go.theregister.com/feed/www.theregister.com/2025/12/29/europes_cloud_challenge_building_an/)
  - [ ] [Accused data thief threw MacBook into a river to destroy evidence](https://go.theregister.com/feed/www.theregister.com/2025/12/29/coupang_perpetrator_theft_details/)
- Krebs on Security
  - [ ] [Happy 16th Birthday, KrebsOnSecurity.com!](https://krebsonsecurity.com/2025/12/happy-16th-birthday-krebsonsecurity-com/)
- Security Affairs
  - [ ] [Romania’s Oltenia Energy Complex suffers major ransomware attack](https://securityaffairs.com/186290/cyber-crime/romanias-oltenia-energy-complex-suffers-major-ransomware-attack.html)
  - [ ] [Korean Air discloses data breach after the hack of its catering and duty-free supplier](https://securityaffairs.com/186275/data-breach/korean-air-discloses-data-breach-after-the-hack-of-its-catering-and-duty-free-supplier.html)
  - [ ] [MongoBleed flaw actively exploited in attacks in the wild](https://securityaffairs.com/186241/hacking/mongobleed-flaw-actively-exploited-in-attacks-in-the-wild.html)
  - [ ] [Evasive Panda cyberespionage campaign uses DNS poisoning to install MgBot backdoor](https://securityaffairs.com/186213/apt/evasive-panda-cyberespionage-campaign-uses-dns-poisoning-to-install-mgbot-backdoor.html)
- Deeplinks
  - [ ] [Operations Security (OPSEC) Trainings: 2025 in Review](https://www.eff.org/deeplinks/2025/12/operations-security-opsec-trainings-2025-review)
  - [ ] [EFF in the Press: 2025 in Review](https://www.eff.org/deeplinks/2025/12/eff-press-2025-review)
  - [ ] [Drone as First Responder Programs: 2025 in Review](https://www.eff.org/deeplinks/2025/12/drone-first-responder-programs-2025-review)
- Security Weekly Podcast Network (Audio)
  - [ ] [Holiday Chat: Local AI datacenter activism, AI can't substitute good taste, and more - ESW #439](http://sites.libsyn.com/18678/holiday-chat-local-ai-datacenter-activism-ai-cant-substitute-good-taste-and-more-esw-439)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[每日信息流] 2025-12-30 #1098

每日安全资讯（2025-12-30）

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[每日信息流] 2025-12-30 #1098

Description

每日安全资讯（2025-12-30）

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions