[每日信息流] 2026-03-04

[chainreactorbot]

每日安全资讯（2026-03-04）

• SecWiki News
  • SecWiki News 2026-03-03 Review
• Doonsec's feed
  • 记一次某证书站edusrc
  • 美以空袭伊朗后，霍尔木兹海峡遭遇罕见GPS攻击潮
  • WebShell免杀之jsp篇
  • 记一次差点进编制的漏洞测试
  • 【服务端漏洞-访问控制缺失-第二章第五节】挖掘小众漏洞：平行越权（横向权限提升）的利用与实例
  • "成事儿"与"一把手工程"
  • OpenClaw本地AI Agent零交互接管攻击链分析与思考｜ClawJacked【CVE-2026-25253】
  • 元宵花灯映团圆，网络安全护平安！
  • 网警喊你解锁 “数字元宵” 新玩法
• 安全客-有思想的安全新媒体
  • 黑客如何将Windows文件管理器变为远程控制木马的隐蔽入口
  • FreeBSD高危漏洞可致系统崩溃并实现虚拟机逃逸
  • 谷歌发布Nano Banana 2模型，基于Gemini实现4K标准化AI图像生成
  • Zyxel多款路由器曝高危漏洞，可被远程命令注入攻击
  • 趋势科技Apex One曝高危漏洞 可被利用执行恶意代码
  • 钓鱼攻击滥用.arpa顶级域与IPv6隧道绕过检测
  • SonicWall大规模侦察活动频发 勒索软件攻击迫在眉睫
  • Vshell逐渐成为威胁分子的常用工具，被当作Cobalt Strike替代方案
  • Metasploit针对Linux RC4漏洞、BeyondTrust及注册表持久化攻击新增模块
  • 恶意网站利用OpenClaw零点击漏洞可劫持开发者AI智能体
• Recent Commits to cve:main
  • Update Tue Mar 3 11:34:25 UTC 2026
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • 嘶吼快讯|网安厂商动态汇（第13期）
  • 打破边界防御思维！AI驱动攻击席卷55国，600台防火墙敲响警钟
  • 2025年勒索软件攻击事件激增，但受害者支付率跌至历史新低
• Microsoft Security Blog
  • Signed malware impersonating workplace apps deploys RMM backdoors
• Tenable Blog
  • Operation Epic Fury: Potential Iranian Cyber Counteroffensive Operations
• ElcomSoft blog
  • Investigating Windows File System Artifacts Under C:\Windows
• Private Feed for M09Ic
  • pydantic released v1.65.0 at pydantic/pydantic-ai
  • github released v0.1.13 at github/spec-kit
  • kpcyrd contributed to nicoburns/blessed-rs
  • zeroclaw-labs released v0.1.8-alpha.1 at zeroclaw-labs/zeroclaw
  • kpcyrd forked kpcyrd/blessed-rs from nicoburns/blessed-rs
  • mgeeky starred ZephrFish/ludus-defender-lab
  • xnl-h4ck3r released v8.6 at xnl-h4ck3r/waymore
  • kpcyrd contributed to rustsec/rustsec
  • rabbitmask starred ricequant/rqalpha
  • safedv starred trustedsec/Titanis
  • zema1 starred ricardojoserf/SAMDump
  • future-architect released v0.38.5 at future-architect/vuls
  • lz520520 starred 0xlane/com-process-inject
  • kpcyrd contributed to archlinux/archweb
  • Rvn0xsy forked Rvn0xsy/Mythic-MCP from nbaertsch/Mythic-MCP
  • Rvn0xsy starred nbaertsch/Mythic-MCP
  • CHYbeta starred langchain-ai/deepagents
  • Mel0day starred anomalyco/opencode
  • ManassehZhou starred router-for-me/CLIProxyAPI
  • mgeeky starred Whispergate/berlin
• CXSECURITY Database RSS Feed - CXSecurity.com
  • WeGIA < = 3.6.4 Remote Code Execution via OS Command Injection
  • WordPress Backup Migration 1.3.7 Remote Command Execution
  • WeGIA 3.5.0 SQL Injection
• Insinuator.net
  • BlackBoxAI: AI Agent can get your computer fully compromised
• Bug Bounty in InfoSec Write-ups on Medium
  • ‍♂️ Pulling Off the Heist: A Methodical HTB Takedown
  • Portswigger Walkthrough Lab: Username enumeration via subtly different responses
  • Turning Threat Intelligence into Bug Bounty Gold: A Practical Workflow
• GuidePoint Security
  • Ransomware Groups That Defined the Threat Landscape in 2025
• Payatu
  • Top 5 IoT Security Companies in India 2026
• Reverse Engineering
  • Reverse Engineering Crazy Taxi, Part 1
  • Dealing with a modified UPX variant in DvdShrink - Quick Unpacking Walkthrough
  • Downland Unearthed Final: Porting The Game To Over A Dozen Platforms
  • [Tool Release] DLLHijackHunter - Automated DLL hijacking detection with canary confirmation
• Malwarebytes
  • Pentagon ditches Anthropic AI over “security risk” and OpenAI takes over
  • Chrome flaw let extensions hijack Gemini’s camera, mic, and file access
• Exploit-DB.com RSS Feed
  • [webapps] WordPress Backup Migration 1.3.7 - Remote Command Execution
  • [webapps] mailcow 2025-01a - Host Header Password Reset Poisoning
  • [webapps] Easy File Sharing Web Server v7.2 - Buffer Overflow
  • [webapps] WeGIA 3.5.0 - SQL Injection
  • [webapps] Boss Mini v1.4.0 - Local File Inclusion (LFI)
• HackerNews
  • 美以与伊朗互施网络攻击：亲西方黑客制造混乱，德黑兰反击
  • OpenAI 封禁俄宣传网络：利用 ChatGPT 策划非洲影响力行动
  • OpenClaw 漏洞：恶意网站可劫持 AI 代理
  • 英国机构被敦促警惕伊朗网络攻击威胁
  • 疑似印度背景间谍活动瞄准巴基斯坦、孟加拉国及斯里兰卡
  • 美国网络司令部干扰伊朗通信与传感器系统
• 绿盟科技技术博客
  • OpenClaw近期生态安全事件解读：从RCE漏洞到Skill供应链投毒分析
• 锦行科技
  • 十五 · 元宵 | 上元灯，照团圆
• 安全分析与研究
  • 伪装成WPS程序银狐黑产最新注入型攻击样本分析
• 黑海洋Wiki | AI机器人硬件开发 | 网络安全攻防实战 | 区块链技术文档教程 - 免费资源平台
  • X 开始在 iOS 上测试独立的 X Chat 应用
  • 三星数字家庭钥匙让你可以用手机当钥匙
  • 苹果推出M5 Pro/Max芯片的MacBook Pro
• 奇客Solidot–传递最新科技情报
  • ChatGPT 卸载率在五角大楼交易之后飙升 295%
  • ARM Cortex X925 桌面性能赶上了 AMD 和英特尔
  • 南极过去三十年损失了 1.2 万平方公里的底部冰
  • 小米莱卡手机起售价 1.6 万元
  • 人体血液中 CO2 水平也在上升
  • Ars Technica 的 AI 记者离职
  • 加拿大 BC 省永久采用夏令时
  • 日本计划禁止飞机乘客使用充电宝
  • 左撇子的演化优势
• 雷神众测
  • 雷神众测漏洞周报2026.2.9-2026.3.1
• 代码卫士
  • 丰田奔驰雷诺现代等车企的胎压检测系统广播未加密数据，可导致车辆被追踪
  • Chrome 漏洞可导致恶意扩展通过 Gemini 面板提权
• 天御攻防实验室
  • 以色列情报机构通过入侵交通摄像头和深度渗透手机网络，掌握了哈梅内伊的具体行踪
• 腾讯玄武实验室
  • 每日安全动态推送(26/3/3)
• 丁爸 情报分析师的工具箱
  • 【工具】伊朗开源情报资源网站
  • 【资料】近期《情报杂志》以色列、伊朗、美国相关情报研究论文
• 看雪学苑
  • Egg Hunter 技术详解
  • 别乱开网页！热门 AI 代理 OpenClaw 被曝可被一键劫持
  • 掌握无人机设备攻防思路——《无人机安全攻防入门》热售中
• 安全内参
  • 伊朗最高领袖之死幕后：首都摄像头、通信、基站长年被深度渗透控制
  • 美国网络司令部如何参与支持对伊“史诗狂怒行动”？
• 信安之路
  • 一个好玩儿的系统上线了！！！
• 安全学术圈
  • 伦敦国王学院 | 恶意LLM对话式AI诱使用户泄露个人信息
• 信息安全国家工程研究中心
  • 正月十五元宵佳节 | 马踏春风，事事圆满
• 天黑说嘿话
  • Tools、Skills、MCP Server究竟有何不同，如何选择？
• 中国信息安全
  • 发布 | 最高人民法院发布依法惩治网络暴力违法犯罪典型案例
  • 通知 | 网安标委公开征求《网络安全标准实践指南——网络安全标识 消费类网联摄像头安全要求（征求意见稿）》意见
  • 专家解读 | 支持数据交易所（中心） 加大探索力度
  • 评论 | 以技术防御和法律惩戒治理“AI魔改”
• 补天平台
  • 邀你开讲！补天13周年北京站沙龙议题征集ing
• 青藤云安全
  • AI 彻底改写战争要素与规则
• 慢雾科技
  • MistTrack Skills 发布：让 AI Agent 具备链上 AML 风险分析能力
• 腾讯安全威胁情报中心
  • 腾讯云安全威胁情报SKill安全守护计划发布
• M01N Team
  • 元宵节快乐
• 微步在线
  • 银狐AI Agent首秀，全程自动传播 | 银狐1-2月总结
• 火绒安全
  • 灯火映万家 火绒护此间
  • 诚邀渠道合作伙伴共启新征程
• 嘶吼专业版
  • 打破边界防御思维！AI驱动攻击席卷55国，600台防火墙敲响警钟
  • 嘶吼快讯|网安厂商动态汇（第13期）
• 吾爱破解论坛
  • （图作者 | @Aoemax）
• 安全牛
  • 美以空袭伊朗同步发起网络攻击，本土应用遭篡改散播反政府信息；国家网络安全通报中心发布新一批重点防范境外恶意网址和恶意IP | 牛览
  • OpenClaw 扫描器：AI 代理安全的防护利器与行业变革催化剂
• 字节跳动安全中心
  • 深度揭秘：OpenClaw Skill市场的火爆、风险与防御
• 数世咨询
  • “零知识”神话破灭：研究人员用27种攻击可攻破主流密码管理软件
  • 刘烈宏：以高水平数据基础设施助力数字中国建设
• 极客公园
  • 对话千问 AI 硬件负责人宋刚：2026，硬件要由 AI 定义
  • OpenClaw 之后，AI 创业的逻辑变了
  • iPhone 17e 发布，4499 元起售；马斯克：10 年内上班将全凭自愿；卢伟冰：5 年内机器人进小米产线
• 吴鲁加
  • 智力便宜了，然后呢
• 陌陌安全
  • 2026元宵福利来袭：漏洞奖金翻倍，陌陌SRC邀你共庆佳节！
• 威胁猎人Threat Hunter
  • 跨境作弊风险：高收益驱动下跨境黑灰产作恶模式与手法分析
• 360数字安全
  • 护航2026全国两会！360Web安全智能体开启7×24H重保守护模式
  • 热点：美国寻求“无限制AI武器”对准中国关键基础设施，外交部严正回应
• 情报分析师
  • 史诗怒火行动，AI情报融合下暗杀哈梅内伊深度剖析
  • 美国-以色列联合行动对伊朗舆论战手法分析
• 迪哥讲事
  • Cookie炸弹
• 国家互联网应急中心CNCERT
  • CNVD漏洞周报2026年第8期
• 字节跳动技术团队
  • ICLR 2026 | 火山引擎多媒体实验室提出GenDR, 探索扩散模型超分落地难题
• bellingcat
  • “Bombs will fall Everywhere”: The American, Israeli and Iranian Weapons Being Deployed in Middle East
• ICT Security Magazine
  • Il trattamento dei dati sanitari
• Securityinfo.it
  • Android: 129 vulnerabilità corrette, zero-day Qualcomm già sfruttata
• Have I Been Pwned latest breaches
  • Provecho - 712,904 breached accounts
• Over Security - Cybersecurity news aggregator
  • CISA flags VMware Aria Operations RCE flaw as exploited in attacks
  • Paint maker giant AkzoNobel confirms cyberattack on U.S. site
  • Facebook accounts unavailable in worldwide outage
  • Vulnerability & Patch Roundup — February 2026
  • Microsoft: Hackers abuse OAuth error flows to spread malware
  • Telecamere di Teheran hackerate e IA: l’arma letale del Mossad per uccidere Khamenei
  • California fines national high school ticketing platform $1.1 million for privacy violations
  • LexisNexis says hackers accessed legacy data in contained breach
  • Hacked traffic cams and hijacked TVs: How cyber operations supported the war against Iran
  • Google urges Supreme Court to strike down geofence warrants as unconstitutional
  • Google Chrome shifts to two-week release cycle for increased stability
  • Analisi di una campagna WsgiDAV multi-stage: falsa comunicazione da Agenzia Nazionale Finanziaria
  • Aggiornamenti Android marzo 2026, corretta una zero-day già sfruttata: cosa fare subito
  • LexisNexis confirms data breach as hackers leak stolen files
  • Attacchi cyber in Iran: le 3 ipotesi del crollo della connettività Internet
  • Western allies form 6G security coalition amid tech rivalry with China
  • Cyber-Kinetic Warfare Escalates as Iran, US, and Israel Clash Across Military and Digital Fronts
  • Middle East on the Brink: Iran-US-Israel Hostilities Trigger Cyber-Kinetic Conflict
  • Compromised Site Management Panels are a Hot Item in Cybercrime Markets
  • Florida woman gets 2 year sentence for trafficking Microsoft software labels
  • Quando il vecchio PC va in pensione, ma i dati restano al lavoro
  • Iranian drone strikes hit Amazon data centers in Gulf, disrupting cloud services
  • Amazon: Drone strikes damaged AWS data centers in Middle East
  • Star Citizen game dev discloses breach affecting user data
  • Expanding Phishing Detection at Scale with Automatic SSL Decryption
  • UH Cancer Center data breach affects nearly 1.2 million people
  • Home Routers in Singapore Must Meet Higher Security Standards by 2027
  • Android: 129 vulnerabilità corrette, zero-day Qualcomm già sfruttata
  • WinGet Desired State: Initial Access Established
  • NIS 2: coerenza, aggiornamento e tracciabilità del rischio digitale
  • Android gets patches for Qualcomm zero-day exploited in attacks
  • Provecho - 712,904 breached accounts
  • University of Hawaii Cancer Center Breach Exposes SSNs of 87,000+ Participants
  • Talos on the developing situation in the Middle East
  • CyberStrikeAI tool adopted by hackers for AI-powered attacks
• IT Service Management News
  • Sviluppo software, intelligenza artificiale e sicurezza
• Schneier on Security
  • On Moltbook
• 娜璋AI安全之家
  • 《AI Coding入门与实战》开源课程分享：第5课 基于iFlyCode的桌面应用程序开发（AI大学堂）
• Tor Project blog
  • Arti 2.1.0 released: Relay and RPC development.
• SANS Internet Storm Center, InfoCON: green
  • Bruteforce Scans for CrushFTP , (Tue, Mar 3rd)
  • ISC Stormcast For Tuesday, March 3rd, 2026 https://isc.sans.edu/podcastdetail/9832, (Tue, Mar 3rd)
• Active Directory & Azure AD/Entra ID Security
  • Detecting Fake Active Directory Password Changes
• Deeplinks
  • EFF to Third Circuit: Electronic Device Searches at the Border Require a Warrant
  • The Anthropic-DOD Conflict: Privacy Protections Shouldn’t Depend On the Decisions of a Few Powerful People
  • EFF to Supreme Court: Shut Down Unconstitutional Geofence Searches
• Blackhat Library: Hacking techniques and research
  • A Possible US Government iPhone-Hacking Toolkit Is Now in the Hands of Foreign Spies and Criminals
  • Security Advice
  • Help with scammers
  • Infected by GTA 5 Cheats: How an Infostealer Infection Unmasked a North Korean Agent
• GRAHAM CLULEY
  • They seized $4.8m in crypto… then gave the master key to the internet
• Your Open Hacker Community
  • TryHackMe practice
  • Arp poisoning on iphone
  • Security Advice
  • Kindle dle books
  • i’m desperate, what can i do with my best friend who has passed away instagram account?
  • How is ATO scam done
• Deep Web
  • Hacker forms for learning
• Computer Forensics
  • MalChela Meets AI: Three Paths to Smarter Malware Analysis
• The Register - Security
  • Dev stunned by $82K Gemini bill after unknown API key thief goes to town
  • Chat at your own risk! Data brokers are selling deeply personal bot transcripts
  • Cyberwarriors elevated to big leagues in US war with Iran
  • Turns out most cybercriminals are old enough to know better
  • Until last month, attackers could've stolen info from Perplexity Comet users just by sending a calendar invite
  • Chrome Gemini panel became privilege escalator for rogue extensions
  • Cybercriminals swipe 15.8M medical records from French doctors ministry
  • Gamers furious as Brit studio Cloud Imperium quietly admits to data breach
  • Phish of the day: Microsoft OAuth scams abuse redirects for malware delivery
• The Hacker News
  • Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
  • Building a High-Impact Tier 1: The 3 Steps CISOs Must Follow
  • Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries
  • AI Agents: The Next Wave Identity Dark Matter - Powerful, Invisible, and Unmanaged
  • Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
  • Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
  • Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
  • SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains
• Information Security
  • Is phishing dominating your triage workload?
  • AMA: We are the Lares Adversarial Collaboration Unit. Ask us anything about bridging Tabletop Exercises (TTX) with live TTP Replay to prove your cyber readiness!
• Security Affairs
  • Facebook is experiencing a global outage
  • Ariomex, Iran-based crypto exchange, suffers data leak
  • Oracle EBS 2025 campaign impacts Madison Square Garden, sensitive data leaked
  • Phishing campaign exploits OAuth redirection to bypass defenses
  • Android devices hit by exploited Qualcomm flaw CVE-2026-21385
  • Chrome security flaw enabled spying via Gemini Live assistant
• Technical Information Security Content & Discussion
  • Sometimes, You Can Just Feel The Security In The Design (Junos OS Evolved CVE-2026-21902 RCE) - watchTowr Labs
  • Phishing Lures Utilizing a Single Google Cloud Storage Bucket
  • IPVanish VPN macOS Privilege Escalation
  • Red Teaming LLM Web Apps with Promptfoo: Writing a Custom Provider for Real-World Pentesting
  • Built a free live CVE intelligence dashboard — looking for feedback
• netsecstudents: Subreddit for students studying Network Security and its related subjects
  • First cybersecurity homelab with very limited hardware – any ideas?
  • 🎮 Game 2 is HERE! 🚨Looking for Quick Game Testers!!
• Trend Micro Research, News and Perspectives
  • CISOs in a Pinch: A Security Analysis of OpenClaw
• DEFION Research Labs
  • Ruckus Unleashed: Multiple vulnerabilities exploited
  • Pwn2Own Automotive 2024: Hacking the Autel MaxiCharger
  • Pwn2Own Automotive 2024: Hacking the JuiceBox 40
  • Pwn2Own Automotive 2024: Hacking the ChargePoint Home Flex (and their cloud...)
  • DoNex/DarkRace Ransomware Decryptor
  • CVE-2024-20693: Windows cached code signature manipulation
  • Bringing process injection into view(s): exploiting all macOS apps using nib files
  • Don’t Talk All at Once! Elevating Privileges on macOS by Audit Token Spoofing
  • Getting SYSTEM on Windows in style
  • Technical analysis of the Genesis Market
  • Bad things come in large packages: .pkg signature verification bypass on macOS
  • Pwn2Own Miami 2022: ICONICS GENESIS64 Arbitrary Code Execution
  • Pwn2Own Miami 2022: Unified Automation C++ Demo Server DoS
  • Pwn2Own Miami 2022: AVEVA Edge Arbitrary Code Execution
  • Process injection: breaking all macOS security layers with a single vulnerability
  • Pwn2Own Miami 2022: Inductive Automation Ignition Remote Code Execution
  • Pwn2Own Miami 2022: OPC UA .NET Standard Trusted Application Check Bypass
  • CoronaCheck App TLS certificate vulnerabilities
  • Sandbox escape + privilege escalation in StorePrivilegedTaskService
  • Proctorio Chrome extension Universal Cross-Site Scripting
  • Zoom RCE from Pwn2Own 2021
  • Adobe Acrobat privilege escalation
  • iOS VPN support: 3 different bugs
  • Sign in with Apple - authentication bypass
  • Jenkins - authentication bypass
  • DNS rebinding for HTTPS
  • Spring Security - insufficient cryptographic randomness
  • XenServer - path traversal leading to authentication bypass
  • Volkswagen Auto Group MIB infotainment system - unauthenticated remote code execution as root
  • NAPALM - command execution on NAPLM controller from host
  • MySQL Connector/J - Unexpected deserialisation of Java objects
  • Ansible - command execution on Ansible controller from host
  • Observium - unauthenticated remote code execution
  • cSRP/srpforjava - obtaining of hashed passwords
  • StartEncrypt - obtaining valid SSL certificates for unauthorized domains
• Security Weekly Podcast Network (Audio)
  • North Korea, DOJ, APT 28, Anthropic, OpenClaw, Supply Chain, Josh Marpet, and More - SWN #560
  • Modern AppSec that keeps pace with AI development - James Wickett - ASW #372