[每日信息流] 2026-02-06

[chainreactorbot]

每日安全资讯（2026-02-06）

• SecWiki News
  • SecWiki News 2026-02-05 Review
• Recent Commits to cve:main
  • Update Thu Feb 5 11:23:06 UTC 2026
• Microsoft Security Blog
  • New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan
  • The security implementation gap: Why Microsoft is supporting Operation Winter SHIELD
• Der Flounder
  • Deploying software update declarations for automatic minor OS updates using Blueprints in Jamf Pro
• Private Feed for M09Ic
  • strands-agents released v1.25.0 at strands-agents/sdk-python
  • PrefectHQ released 3.6.16 at PrefectHQ/prefect
  • mgeeky starred Whispergate/Erebus
  • bolucat released 202602051958 at bolucat/Archive
  • anthropics released v2.1.32 at anthropics/claude-code
  • WAY29 contributed to ding113/claude-code-hub
  • OpenAEV-Platform released 2.1.5 at OpenAEV-Platform/openaev
  • mgeeky starred BlackSnufkin/HolyGrail
  • Fplyth0ner-Combie starred lark-parser/lark
  • Ridter starred luchina-gabriel/OSX-PROXMOX
  • CHYbeta starred Coff0xc/AutoRedTeam-Orchestrator
  • PrefectHQ released 3.6.16.dev7 at PrefectHQ/prefect
  • gh0stkey starred lynaghk/vibe
  • Rvn0xsy starred akkuman/sgn-html
  • pydantic released v1.55.0 at pydantic/pydantic-ai
  • ManassehZhou starred chainreactors/malice-network
• Tenable Blog
  • 2025 SLG cyber trends: 5 lessons to build a 2026 cyber roadmap
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • 续写三连冠传奇！360勇夺2026天府杯漏洞防护赛独立战队第一名
  • 隐私政策不透明、权限过度索取……工信部通报背后，企业怎样做才能真正赢得用户信任？
  • 从设备检测到应用防护：看一家省级医疗器械检验院如何筑牢移动安全新防线
  • 监管严查69款违规APP：11类问题曝光，涉酒店、出行等高频服务领域
  • 嘶吼快讯|网安厂商动态汇（第10期）
  • 新型恶意攻击活动盯上暴露的大模型服务端点 非法利用AI基础设施牟利
  • 众智维科技强势斩获数千万B2轮融资， “人工智能+全域安全”新范式迈入“智控”新纪元
• CXSECURITY Database RSS Feed - CXSecurity.com
  • BoidCMS v1.0.1-authenticated-file-upload-RCE
  • Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE
  • aiohttp 3.9.1 Directory Traversal
  • Piranha CMS 12.0 - Stored Cross Site Scripting
• Blogs on STAR Labs
  • Pickling the Mailbox: A Deep Dive into CVE-2025-20393
• NVISO Labs
  • An introduction to automated LLM red teaming
• Securelist
  • Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT
• VMRay
  • Climbing the Pyramid of Lumma Pain
• Malwarebytes
  • Open the wrong “PDF” and attackers gain remote access to your PC
  • Flock cameras shared license plate data without permission
• PortSwigger Research
  • Top 10 web hacking techniques of 2025
• Binary Ninja
  • Command Palette Updates
• Intigriti
  • From niche to necessity: global bug bounty adoption accelerates, led by the U.S.
• 绿盟科技技术博客
  • 网络侦察的反溯源技术研究
• Security Blog | Praetorian
  • Deterministic AI Orchestration: A Platform Architecture for Autonomous Development
• HackerNews
  • 微软警告：Python 信息窃取程序借虚假广告与安装程序攻击 macOS
  • GreyNoise 监测到利用超过 6.3 万个住宅代理及 AWS 的大规模 Citrix Gateway 侦察活动
  • 多个漏洞可致 Google Looker 实例被完全攻陷
  • n8n平台曝关键漏洞，公开利用代码已出现
  • VMware ESXi 高危漏洞 CVE-2025-22225 遭勒索软件在野利用
  • TP-Link 多款操作系统命令注入漏洞可致攻击者获取设备管理员控制权
  • 全球 SystemBC 僵尸网络活跃，已感染超 1 万台设备
• 奇客Solidot–传递最新科技情报
  • Substack 警告用户数据泄漏
  • CIA 停止出版 World Factbook
  • 台积电计划在日本生产 3 纳米芯片
  • 麦地那龙线虫病接近彻底根除
  • 微软有个 AI 大问题
  • 流媒体时代机电视盒盗版服务再次兴盛
  • 俄罗斯黑客快速利用微软紧急修复的 Office 高危漏洞
  • 男性富人大脑奖赏和压力区域的代谢率更高
  • 微软终于在 Windows 中加入了系统监控工具 Sysmon
  • 中国版 N 号房
  • 因内存短缺 Valve 推迟 Steam Machine 的发售时间
  • 逾三分之一癌症病例是可预防的
• 安全分析与研究
  • 海莲花APT组织最新定向样本分析
  • 伪装成Foxmail银狐黑产最新高级免杀样本分析
• 腾讯玄武实验室
  • 每日安全动态推送(26/2/5)
• 代码卫士
  • n8n出现新漏洞，可用于执行系统命令
  • Moxa 交换机中存在严重的认证绕过漏洞
• Horizon3.ai
  • How Horizon3.ai’s NodeZero® Platform Supports the Realtime Evaluation of the Effectiveness of Zero Trust Functionality for the US Federal Government.
• 安全内参
  • 近万名警员信息遭泄露，官方赔偿超11亿元
  • 美军在“午夜之锤行动”中使用网络武器干扰伊朗防空系统
• 默安科技
  • 安全厂商排名第一 默安科技参与的《软件物料清单数据格式》国标正式发布
• 腾讯科恩实验室
  • 警惕你的Skills：OpenClaw开源生态skills风险分析
• 安全圈
  • 【安全圈】因索要赎金遭拒，黑客组织公开哈佛、宾大百万条窃取的个人信息
  • 【安全圈】Step Finance 称高管设备遭入侵，致 4000 万美元加密货币被盗
  • 【安全圈】新型窃密网络钓鱼活动瞄准企业 Dropbox 账号凭证
• 数世咨询
  • 73%的CISO更倾向于考虑采用AI赋能的安全解决方案
  • 众智维科技强势斩获数千万B2轮融资， “人工智能+全域安全”新范式迈入“智控”新纪元
• 看雪学苑
  • [PWN] Linux中的pkeys安全机制及绕过
  • 格小密和你聊聊：给AI发“身份证”，到底是怎么回事？
  • 拒付赎金！哈佛、宾大百万校友数据遭黑客公开
• 奶牛安全
  • 爱泼斯坦无码邮件原文第二批：2007年11月
• 网络安全研究宅基地
  • 恒脑·2025年度纪行：一场奔赴“AI定义安全”的壮阔旅程
• 黑鸟
  • 美国中央情报局停止发布《世界概况》
• 极客公园
  • 阿里云出海服务增长指数第一背后的逻辑：新出海时代中企出海的逻辑变了
  • 凯德，用 AI 推动商业焕新
  • 时薪 3500，4 万人抢着给 AI 打工
  • 对话原创世代陈默：从无人驾驶到《金庸群侠传》，一位老玩家的 3A 实验
  • Anthropic 拒绝广告，发视频讽刺 OpenAI；全新问界 M6 实车曝光；微信回应屏蔽元宝红包链接 | 极客早知道
• 唯品会安全应急响应中心
  • VSRC感恩一路有你
• 安全牛
  • 勒索软件新玩法：不加密数据，直接举报你违规
  • 工信部：关于防范Microsoft Office安全功能绕过高危漏洞的风险提示；网络攻击新手法：签名合法驱动被利用，59款EDR/防护软件遭终止| 牛览
• 安全学术圈
  • 南洋理工大学 | PENTESTGPT：评估与利用大语言模型实现自动化渗透测试
• 中国信息安全
  • 专题·回顾与展望 | 2025年网络钓鱼攻击态势：智能化、隐蔽化与全渠道化的挑战
  • 发布 | 国家网信办等11部门联合印发《关于提升境外人员入境数字化服务便利性的实施意见》（附全文）
  • 关注 | 最高检：去年前11月起诉缅北涉诈人员1.1万余人
  • 发布 | 中国信通院政经所联合发布《数据治理研究报告（2025年）》（附下载）
  • 评论 | AI 如何“让人放心，把人放大”
• 火绒安全
  • 恶意利用！伪装外设软件暗藏ScreenConnect商业远控工具
  • 诚邀渠道合作伙伴共启新征程
• 嘶吼专业版
  • 新型恶意攻击活动盯上暴露的大模型服务端点 非法利用AI基础设施牟利
  • 众智维科技强势斩获数千万B2轮融资， “人工智能+全域安全”新范式迈入“智控”新纪元
  • 嘶吼快讯|网安厂商动态汇（第10期）
• 复旦白泽战队
  • 当 AI 拥有了“执行权”，如何应对运行时安全风险？
• 吾爱破解论坛
  • 心流鼠标手势 FlowMouse v1.2强势来袭！
• 补天平台
  • 13周年 x 北京首站 | 补天沙龙议题征集启动!
• 暗影安全
  • 自动化隐写术探查工具
• 黑伞安全
  • 短期值守2 月 24-2 月 26，会看监控即可！
• 迪哥讲事
  • 一种获取高危的访问控制绕过思路
• 美团技术团队
  • NoCode 挑战赛倒计时 33 天！万元奖金冲就对了～ 教学资源包 + 冲刺福利已就位！
• 威胁猎人Threat Hunter
  • 【黑产大数据】2025年全球KYC攻击风险研究报告
• TrustedSec
  • Keys to JWT Assessments - From a Cheat Sheet to a Deep Dive
• 安全419
  • 近期勒索软件攻击量飙升30% 软件与制造供应链成重灾区
• OnionSec
  • 基于样本层面的痕迹挖掘关联研究
• 斗象智能安全
  • 手搓一个“永不掉线”的渗透测试员！Clawdbot+APTP，渗透活儿干成远程遥控流水线
• ICT Security Magazine
  • Email threats: tecniche di analisi comportamentale e prevenzione
• 360数字安全
  • 续写三连冠传奇！360勇夺2026天府杯漏洞防护赛独立战队第一名
• Have I Been Pwned latest breaches
  • Betterment - 1,435,174 breached accounts
• Dark Space Blogspot
  • La Storia Della Community Più Pericolosa Del Web: Daily Capper
• Securityinfo.it
  • Shadow Campaign: la nuova ondata di cyber-spionaggio globale
• Over Security - Cybersecurity news aggregator
  • Assault on Independent Journalism: Unfounded Legal Attacks over the Black Basta Investigation
  • Spain's Ministry of Science shuts down systems after breach claims
  • Ransomware gang uses ISPsystem VMs for stealthy payload delivery
  • One of Europe’s largest universities knocked offline for days after cyberattack
  • Cyber and Physical Risks Targeting the 2026 Winter Olympics
  • CISA gives federal agencies one year to rip out end-of-life devices
  • All gas, no brakes: Time to come to AI church
  • Microsoft to shut down Exchange Online EWS in April 2027
  • Shadow Campaign: la nuova ondata di cyber-spionaggio globale
  • Italian university La Sapienza goes offline after cyberattack
  • Relazioni sindacali via WhatsApp: ok della Cassazione se garantito il confronto
  • Russian hackers attacking European maritime and transport orgs using Microsoft Office exploit
  • Si diffonde la truffa WhatsApp “prestami dei soldi”: attenti anche alle sessioni attive
  • Romanian oil pipeline operator Conpet discloses cyberattack
  • Substack warns customers of data breach following hacker’s dark web claims
  • When cloud logs fall short, the network tells the truth
  • Deepfake ed etichette fantasma: la fragile promessa delle big tech sui contenuti generati con l’IA
  • Italy blames Russia-linked hackers for cyberattacks ahead of Winter Olympics
  • Researchers uncover vast cyberespionage operation targeting dozens of governments worldwide
  • Flashpoint’s Threat Intelligence Capability Assessment
  • La disputa tra Agcom e Cloudflare è un assaggio del futuro della rete
  • Newsletter platform Substack notifies users of data breach
  • How Threat Intelligence Helps Protect Financial Organizations from Business Risk
  • Malicious Infrastructure Campaigns: How Unrest in Iran is Being Weaponized Online
  • France’s Cybersecurity Roadmap: Talent, Deterrence, and European Digital Sovereignty
  • Data breach at fintech firm Betterment exposes 1.4 million accounts
  • Knife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework
  • Zendesk spam wave returns, floods users with 'Activate account' emails
  • Kagi: il motore di ricerca che vuole liberarci dalla sorveglianza digitale
  • Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT
  • AI Generativa in azienda: tra opportunità e rischi normativi
  • Betterment - 1,435,174 breached accounts
• Schneier on Security
  • Backdoor in Notepad++
• GRAHAM CLULEY
  • Incognito Market admin sentenced to 30 years for running $105 million dark web drug empire
  • Smashing Security podcast #453: The Epstein Files didn’t hide this hacker very well
• Deeplinks
  • Yes to the “ICE Out of Our Faces Act”
  • Protecting Our Right to Sue Federal Agents Who Violate the Constitution
• 白帽子章华鹏
  • 懂车帝/米哈游/大疆等热招，头部大厂&新锐企业齐聚，应用安全岗直推负责人
• TorrentFreak
  • ‘Ripping’ Clips for YouTube Reaction Videos can Violate the DMCA, Court Rules
• Security Affairs
  • Hacker claims theft of data from 700,000 Substack users; Company confirms breach
  • Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics
  • China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025
• Instapaper: Unread
  • Why macOS Artifacts Don’t Behave Like Windows Artifacts (And Never Will)
  • Is your Mac dead, in DFU mode, or alive
  • Hindsight v2026.01 Released!
• SANS Internet Storm Center, InfoCON: green
  • Broken Phishing URLs, (Thu, Feb 5th)
  • Malicious Script Delivering More Maliciousness, (Wed, Feb 4th)
  • ISC Stormcast For Thursday, February 5th, 2026 https://isc.sans.edu/podcastdetail/9796, (Thu, Feb 5th)
• The Hacker News
  • AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack
  • ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
  • The Buyer’s Guide to AI Usage Control
  • Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
  • Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows
  • Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign
• Full Disclosure
  • SEC Consult SA-20260202-0 :: Multiple vulnerabilities in Native Instruments Native Access (MacOS)
  • CyberDanube Security Research 20260119-0 | Authenticated Command Injection in Phoenix Contact TC Router Series
  • [KIS-2026-03] Blesta <= 5.13.1 (2Checkout) Multiple PHP Object Injection Vulnerabilities
  • [KIS-2026-02] Blesta <= 5.13.1 (Admin Interface) Multiple PHP Object Injection Vulnerabilities
  • [KIS-2026-01] Blesta <= 5.13.1 (confirm_url) Reflected Cross-Site Scripting Vulnerability
• The Register - Security
  • OpenClaw reveals meaty personal information after simple cracks
  • Substack says intruder lifted emails, phone numbers in months-old breach
  • Asia-based government spies quietly broke into critical networks across 37 countries
  • Betterment breach may expose 1.4M users after social engineering attack
  • Italy claims cyberattacks 'of Russian origin' are pelting Winter Olympics
  • n8n security woes roll on as new critical flaws bypass December fix
  • Cloud sovereignty is no longer just a public sector concern
  • Three clues that your LLM may be poisoned with a sleeper-agent back door
  • Satya Nadella decides Microsoft needs an engineering quality czar
• Security Weekly Podcast Network (Audio)
  • AI: No One Is Safe - PSW #912
• 网安寻路人
  • 《国际AI安全报告2026》对人工智能情感陪伴的风险分析

[nivautoclaw-collab]

/attempt #1140

I'll work on this.