2025-10-09 03:00:01 +08:00
2025-10-09 09:00:02 +08:00
# 安全资讯日报 2025-10-09
2025-10-09 03:00:01 +08:00
2025-10-09 09:00:02 +08:00
> 本文由AI自动生成,
>
2025-10-09 18:00:02 +08:00
> 更新时间:
2025-10-09 09:00:02 +08:00
<!-- more -->
## 今日资讯
2025-10-09 12:00:01 +08:00
### 🔍 漏洞分析
* [这个SQL注入有点东西 ](https://mp.weixin.qq.com/s?__biz=MzAwMjA5OTY5Ng==&mid=2247527414&idx=1&sn=e5bc8a0febe0f1f8895218c47ee20c52 )
* [双节期间,我收到了一封高危漏洞的邮件。 ](https://mp.weixin.qq.com/s?__biz=MzkxMTUwOTY1MA==&mid=2247491672&idx=1&sn=65604ccfd20d48b7d0e4721c554d6a13 )
* [漏洞分析| ](https://mp.weixin.qq.com/s?__biz=Mzk0Mzc1MTI2Nw==&mid=2247497783&idx=1&sn=7f06780da8a2cd1d24314bba30f09046 )
* [Redis 修复存在13 年的 Lua 漏洞( ) , ](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649796512&idx=2&sn=2e836aeb606e9bebc3f606801c45506e )
* [黑客利用时间操纵触发 Y2K38 漏洞 ](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649796512&idx=3&sn=c3ab079f1063171ad9d5416a3a1e3db0 )
* [Sirius Scan:一款开源免费的漏洞扫描器 ](https://mp.weixin.qq.com/s?__biz=MzIxMTEyOTM2Ng==&mid=2247505578&idx=1&sn=ac1d839965c33e5fae45c2b73a8dd8cd )
* [LockBit、Qilin和DragonForce强强联合: ](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247514333&idx=2&sn=9b650d5b82eacd3ee15e28519837453c )
* [一个RCE命令执行靶场, ](https://mp.weixin.qq.com/s?__biz=Mzk0ODM0NDIxNQ==&mid=2247495376&idx=1&sn=caf2180e5679fe10d326db3ed900e8cb )
* [大模型提示词注入实战—通过在线靶场看提示词注入手法 ](https://mp.weixin.qq.com/s?__biz=MzkwMzMwODg2Mw==&mid=2247514104&idx=1&sn=44d5bb0c24fb1f5c085712edbc33514c )
* [“漏洞批量验证框架”杀疯了: , ! ](https://mp.weixin.qq.com/s?__biz=MzkxNzY5MTg1Ng==&mid=2247492950&idx=1&sn=a3f1332bd14b34e2e74d85e2961f047a )
* [漏洞预警 | Cisco IOS 和IOS XE SNMP缓冲区溢出漏洞 ](https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247494626&idx=1&sn=a321b5df08fab172eab9e4537545a9e4 )
* [漏洞预警 | 友数聚CPAS审计管理系统SQL注入漏洞 ](https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247494626&idx=2&sn=730a9c22397b5741b15cd212f578bfac )
* [漏洞预警 | 普华PowerPMS SQL注入漏洞 ](https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247494626&idx=3&sn=fe3deb1a649dc11a6082ae2688c81b56 )
* [苹果敦促用户更新iPhone和Mac以修复字体漏洞 ](https://mp.weixin.qq.com/s?__biz=Mzg3OTc0NDcyNQ==&mid=2247494955&idx=1&sn=b9195532c780e0980fb7c8d60c03b98a )
* [OpenSSL修复3个安全漏洞, ](https://mp.weixin.qq.com/s?__biz=Mzg3OTc0NDcyNQ==&mid=2247494955&idx=2&sn=b5aab326e44b02f79d41708e82cb7f13 )
* [Redis修复存在13年的Lua漏洞, ](https://mp.weixin.qq.com/s?__biz=Mzg3OTc0NDcyNQ==&mid=2247494955&idx=3&sn=98bf091b99a363e6552c3feae62d5188 )
* [GoAnywhere MFT零日漏洞遭Storm-1175组织利用, ](https://mp.weixin.qq.com/s?__biz=Mzg3OTc0NDcyNQ==&mid=2247494955&idx=5&sn=028404202a8f5ac117e825c685599d17 )
* [CrowdStrike确认Oracle EBS远程代码执行漏洞( ) ](https://mp.weixin.qq.com/s?__biz=Mzg3OTc0NDcyNQ==&mid=2247494955&idx=6&sn=9a45bf5ca5a87487506bec4e608af703 )
* [漏洞通告 | Redis Lua 远程代码执行漏洞 ](https://mp.weixin.qq.com/s?__biz=Mzg5MTc3ODY4Mw==&mid=2247507938&idx=1&sn=304a4919dbe33568519db4c72f191943 )
* [Oracle E-Business Suite远程代码执行漏洞复现CVE-2025-61882 ](https://mp.weixin.qq.com/s?__biz=MzE5ODEwNDM4MA==&mid=2247484059&idx=1&sn=d88738041a6aa24753252c915183a94b )
* [移动端高危实战: ](https://mp.weixin.qq.com/s?__biz=MzU3ODI3NDc4NA==&mid=2247484691&idx=1&sn=dbc816ac20959b5be925a3626d965e4d )
* [谷歌推出AI漏洞赏金计划, ](https://mp.weixin.qq.com/s?__biz=MzkxNTI2MTI1NA==&mid=2247504198&idx=2&sn=c78d9c0f9f96e064c7c994d3d3b47464 )
* [Nagios严重漏洞CVE-2025-44823致管理员API密钥明文泄露, ](https://mp.weixin.qq.com/s?__biz=MzkzMjE5MTY5NQ==&mid=2247504789&idx=1&sn=9bb23d26ff2b0c59838460bf613ec629 )
* [机器人出现“人传人”漏洞?宇树还能打好安全这张牌吗? ](https://mp.weixin.qq.com/s?__biz=MzkyMjM5MTk3NQ==&mid=2247492142&idx=1&sn=b7f7bfc523e669b81bf838d1018a069f )
* [关于贝壳SRC暂停漏洞测试的公告 ](https://mp.weixin.qq.com/s?__biz=MzA5MjA0OTAwOQ==&mid=2247485528&idx=1&sn=73c1e2bb889a48d879b9593b930f72ab )
* [高危 Deno 漏洞 CVE-2025-61787 允许在 Windows 上进行命令注入 ](https://mp.weixin.qq.com/s?__biz=Mzk0NzQ0MjA1OA==&mid=2247485307&idx=1&sn=14ddc2664e3e6e1b96a214987fe36d8a )
* [特斯拉车载通信单元漏洞使攻击者可获取Root权限 | BurpSuite插件自动解析OpenAPI/Swagger文档 ](https://mp.weixin.qq.com/s?__biz=MzI1OTA1MzQzNA==&mid=2651248484&idx=1&sn=e391155975fe696c50d625fff5cbc7b3 )
* [Redis 重大远程代码执行漏洞( ) , ](https://mp.weixin.qq.com/s?__biz=Mzg3NTY0MjIwNg==&mid=2247486293&idx=1&sn=55c8ae44bd9522349c2b4d136342317d )
* [警惕--Redis高危漏洞来袭: ! ](https://mp.weixin.qq.com/s?__biz=MzI4MjkxNzY1NQ==&mid=2247487143&idx=1&sn=59ae22ab5825a82508bc1f9aceb618af )
* [目录扫描+JS文件中提取URL和子域+403状态绕过+指纹识别 ](https://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247517400&idx=1&sn=69cda916510a81a8f2d68cc525bd5c21 )
* [2025-10-09 最新CVE漏洞情报和技术资讯头条 ](https://mp.weixin.qq.com/s?__biz=Mzg2MTc0NTYyNg==&mid=2247487542&idx=1&sn=e7684a64a5ff9400cb204facdc81c77b )
* [Windows内核CVE-2019-1215分析与复现 ](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650612636&idx=3&sn=779d934c3b7bb878cb48c7cd2e48fa6a )
* [Claude Code、Gemini CLI双双中招: ](https://mp.weixin.qq.com/s?__biz=MzkzMTY0MDgzNg==&mid=2247485037&idx=1&sn=fb9d562313d489ff1285fb82bfdffa97 )
* [利用 Gemini 绕过 Android 锁屏 ](https://mp.weixin.qq.com/s?__biz=MjM5Mzc4MzUzMQ==&mid=2650262058&idx=1&sn=5b87c0664c5a37777ce94375fb2a8e93 )
2025-10-09 15:00:01 +08:00
* [Java反序列化漏洞黑盒挖掘思路-上篇 ](https://mp.weixin.qq.com/s?__biz=Mzk0NDU5NTc4OA==&mid=2247484715&idx=1&sn=f6841b05cb77333df8c6d41e07445807 )
* [漏洞通告| ( ](https://mp.weixin.qq.com/s?__biz=Mzg2Mjc3NTMxOA==&mid=2247517548&idx=1&sn=f58a99f8a3f67ea1db509b159b4c37a0 )
* [记一套统一密码重置通杀漏洞 ](https://mp.weixin.qq.com/s?__biz=MzUyODkwNDIyMg==&mid=2247552702&idx=1&sn=12ff31c9d9a656aca6bcf1bc25d9fcdf )
* [已复现Oracle E-Business Suite 远程代码执行漏洞安全通告CVE-2025-61882 ](https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492964&idx=1&sn=e59c4e934ae95d74b1ca53b50431d310 )
* [黑客声称 Discord 漏洞暴露了 550 万用户的数据 ](https://mp.weixin.qq.com/s?__biz=Mzg3ODY0NTczMA==&mid=2247493641&idx=1&sn=9e2f937f4fe70c30d8a4e843bdc3e894 )
* [RediShell: , ](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247503256&idx=1&sn=54783c8765dfe863900f7ee99d297f69 )
* [通过 SSH 代理命令注入换行符进行利用( ) ](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247503256&idx=3&sn=5dede13d1a062c1ed0c32c6a2c7d4bc2 )
2025-10-09 18:00:02 +08:00
* [在野利用Oracle E-Business Suite 未授权远程代码执行漏洞CVE-2025-61882 ](https://mp.weixin.qq.com/s?__biz=Mzk0ODM3NTU5MA==&mid=2247494883&idx=1&sn=bde1c2fcd68d07a81055c8c334d3958d )
* [双重警报!黑客扮谷歌 HR 钓 Gmail, ](https://mp.weixin.qq.com/s?__biz=MzkyNDcwMTAwNw==&mid=2247536492&idx=1&sn=fa01c5f39d30ede858e78d89e4f4d666 )
* [警惕!特斯拉车载漏洞可被攻,攻击者能拿 Root 权限 ](https://mp.weixin.qq.com/s?__biz=MzkyNDcwMTAwNw==&mid=2247536492&idx=4&sn=e133e6f030feef0869e39ce8db6cea34 )
* [CVE-2025-49844( ) ](https://mp.weixin.qq.com/s?__biz=Mzg2NTk4MTE1MQ==&mid=2247488038&idx=1&sn=e0c023d89990045e83714e7f4f83954b )
* [漏洞通告Redis Lua 脚本引擎远程代码执行漏洞CVE-2025-49844 ](https://mp.weixin.qq.com/s?__biz=MzkzNzY5OTg2Ng==&mid=2247501641&idx=2&sn=f943767480a974bacb07ac4def818bbd )
* [漏洞通告Oracle E-Business Suite 远程代码执行漏洞CVE-2025-61882 ](https://mp.weixin.qq.com/s?__biz=MzkzNzY5OTg2Ng==&mid=2247501641&idx=3&sn=10617ea62412e61f383972af9d2b7b45 )
* [漏洞挖掘文档: TURN服务器泄露利用 ](https://mp.weixin.qq.com/s?__biz=MzkzMzE5OTQzMA==&mid=2247488951&idx=1&sn=3709416ce1b8100a9106c5c59681b6a6 )
* [2025年度( ) ](https://mp.weixin.qq.com/s?__biz=MzAxODY1OTM5OQ==&mid=2651463686&idx=1&sn=eb59daf277b64dcb43fcd76ccb768896 )
* [CNNVD关于Redis资源管理错误漏洞的通报 ](https://mp.weixin.qq.com/s?__biz=MzAxODY1OTM5OQ==&mid=2651463686&idx=2&sn=1a9bc6453a6cf8a876bf113f064ed4b5 )
* [已复现Oracle E-Business Suite 远程代码执行漏洞CVE-2025-61882安全风险通告 ](https://mp.weixin.qq.com/s?__biz=MzU5NDgxODU1MQ==&mid=2247503984&idx=1&sn=d2a61919ec6319bb86febfc82438f0de )
* [漏洞预警 Intellian Aptus Web 卫星控制系统 libagent.cgi 命令执行漏洞 ](https://mp.weixin.qq.com/s?__biz=MzkyMTMwNjU1Mg==&mid=2247492342&idx=1&sn=0a8c6e44a940652f6a8fc916ddc51707 )
* [SRC多个高校访客预约系统存在安全漏洞 ](https://mp.weixin.qq.com/s?__biz=Mzg3NzkwMTYyOQ==&mid=2247490238&idx=1&sn=b977465de25ccbbfd675751601ebe764 )
2025-10-09 12:00:01 +08:00
### 🔬 安全研究
* [最大化获取Vue框架SPA类型下的路由 ](https://mp.weixin.qq.com/s?__biz=MzkzNTcwOTgxMQ==&mid=2247486572&idx=1&sn=36fe0f583a8b6586fbcfc0e2ec87036e )
* [独家分享ISO/IEC 27701: ( ) ](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486986&idx=1&sn=1f3f0e58263fcccf5cf13404c366b859 )
* [安全运营中的挖矿行为分析 ](https://mp.weixin.qq.com/s?__biz=MzIyOTY1NDE5Mg==&mid=2247485290&idx=1&sn=077596bf6b51a9b85884943ac13d54ca )
* [谷歌宣布Cloud KMS支持后量子密钥封装机制 ](https://mp.weixin.qq.com/s?__biz=MzIyMzM2MzE1OQ==&mid=2247484485&idx=1&sn=4cbd96f84d8e957a0b965c736b4b4c10 )
* [这是什么新技术 ](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247500634&idx=1&sn=c53c110981b8825919a17dd357b5d01e )
* [硬核预警乔治亚理工最新研究: , ](https://mp.weixin.qq.com/s?__biz=Mzk1NzM4NzMyMw==&mid=2247485121&idx=1&sn=ffca44e71b9367dd86e576d71bf9d97f )
* [车联网商用密码应用研究 ](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655292684&idx=2&sn=345dd4af6a99fef56f9731c57fc6634e )
* [限制员工在自己电脑上安装软件的方法 ](https://mp.weixin.qq.com/s?__biz=MzI2NDI0MjA1MQ==&mid=2247485010&idx=1&sn=ff061ba2bfbb19cbf2d36bc790c97c83 )
* [用 wstunnel, ](https://mp.weixin.qq.com/s?__biz=MzI5NDg0ODkwMQ==&mid=2247486682&idx=1&sn=ea192d6b1bd8c7f31bb2c5495aced86a )
* [GB_T 34942-2025 网络安全技术 云计算服务安全能力评估方法将于2026年2月1日实施 ](https://mp.weixin.qq.com/s?__biz=MzkzMjE5MTY5NQ==&mid=2247504789&idx=3&sn=2e0590058e78d1d59f54c10dea993880 )
* [网工面试: ](https://mp.weixin.qq.com/s?__biz=MzkyMTYxMTYyNQ==&mid=2247484569&idx=1&sn=88c3fffc28c816f1bc0153be9798c253 )
* [倒计时4天! ](https://mp.weixin.qq.com/s?__biz=Mzk0NTU0ODc0Nw==&mid=2247494495&idx=2&sn=d36ae69ab3028ab51968394a528745ec )
* [粤黔数字安全研究院联合赛宁网安共建“安全靶场综合体” ](https://mp.weixin.qq.com/s?__biz=MzA4Mjk5NjU3MA==&mid=2455490205&idx=1&sn=62152b4b6829e0102313ea6ef259dd37 )
* [中孚信息赋能信息支援部队保密培训,以硬核技术筑牢国防信息安全防线 ](https://mp.weixin.qq.com/s?__biz=MzAxMjE1MDY0NA==&mid=2247512307&idx=1&sn=bb7a321948c59258318477aada5f13ae )
2025-10-09 18:00:02 +08:00
* [汽车信息安全技术的现状与对策研究 ](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247627774&idx=3&sn=5b05cbe4593679c6aa22a0a35ea93134 )
* [目次 | 《信息安全研究》第11卷2025年第10期 ](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664996583&idx=1&sn=b604f4ea9c484cd42a4142396fb398e5 )
* [栈迁移学习与分析 ](https://mp.weixin.qq.com/s?__biz=Mzk4ODEwMzE3NA==&mid=2247486158&idx=1&sn=da9c27f7d0e445fb5df85d274e169812 )
* [美国研究团队开发专门保护无人机的实时网络防御系统 ](https://mp.weixin.qq.com/s?__biz=MzI4ODQzMzk3MA==&mid=2247490758&idx=1&sn=408c60b89660aac019a7ea310f4d8856 )
2025-10-09 12:00:01 +08:00
### 🎯 威胁情报
* [2025年前9个月曹县黑客组织窃取了价值20亿美元的加密货币 ](https://mp.weixin.qq.com/s?__biz=MzI2NzAwOTg4NQ==&mid=2649796512&idx=1&sn=3688d7c9591d0d46d4977e2394ed06f0 )
* [社交账号不受控制?这是木马病毒在作祟 ](https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247548868&idx=3&sn=32029d4c5c7edc957c853f1907b2f1e6 )
* [Inboxfuscation: ](https://mp.weixin.qq.com/s?__biz=MzI3MzQyMjQxOQ==&mid=2247484238&idx=1&sn=a2d126a919704178c6a76a27a0151012 )
* [如何阻止拒绝服务( ) ? ](https://mp.weixin.qq.com/s?__biz=MzIyMzIwNzAxMQ==&mid=2649471080&idx=1&sn=c0da849dcf34153f435ed7f3fd13a263 )
* [APT35内部揭秘: ](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247514333&idx=1&sn=d95e10be6624f79bdc722ad738c04deb )
* [伪装成Google浏览器安装程序银狐最新攻击样本分析 ](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247493650&idx=1&sn=d78246d0bc8adb5022a309106427dab0 )
* [日本啤酒巨头朝日啤酒确认遭受勒索软件攻击 ](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247499106&idx=1&sn=b0beba49c2df3568c2b575fb6f66af70 )
* [下一代威胁情报平台「\"Nextrap\"」 ](https://mp.weixin.qq.com/s?__biz=MzI5MzU4ODE5Mw==&mid=2247485695&idx=1&sn=f0faa6f907a9ec4520d1aad9469be10d )
* [红帽GitHub仓库遭攻击者组织入侵, ](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650612636&idx=1&sn=abc4ac41daa04cc7a6c5b79e08a483fa )
* [安全警报! : ](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650612636&idx=2&sn=4af3c421d3e7b2d4b0772af9342e9582 )
2025-10-09 15:00:01 +08:00
* [“待付款发票”通过Office文件传播远控木马 ](https://mp.weixin.qq.com/s?__biz=MzkwOTg4NDk5NQ==&mid=2247484887&idx=1&sn=671cc8cad87c30ba4d17ffda9112b3c5 )
* [朝鲜VS美国APT武器库终极对决: ? ](https://mp.weixin.qq.com/s?__biz=Mzg3OTYxODQxNg==&mid=2247486859&idx=1&sn=2cd8bb11e281b62eec6ac09f12e64b6b )
* [深入观察:一名技术娴熟黑客的实战手法 ](https://mp.weixin.qq.com/s?__biz=MzkzNDIzNDUxOQ==&mid=2247503256&idx=2&sn=ef38f8113d33a0567e4f499c0498b773 )
* [安全警报! : ](https://mp.weixin.qq.com/s?__biz=MzAwMTg3MDQzOA==&mid=2247512182&idx=1&sn=6bf4dab759e343f717641402530351aa )
2025-10-09 18:00:02 +08:00
* [朝鲜黑客专偷富豪加密货币!啤酒巨头被 “麒麟” 勒索致瘫痪 ](https://mp.weixin.qq.com/s?__biz=MzkyNDcwMTAwNw==&mid=2247536492&idx=2&sn=7cd95b9081e07a6b0d365372400fb6ed )
* [黑客入门教程从零基础入门到精通,看完这一篇就够了! ](https://mp.weixin.qq.com/s?__biz=Mzk1NzMwNTM5NQ==&mid=2247487353&idx=1&sn=4aa7779e08d01fb723805186fc74a854 )
2025-10-09 12:00:01 +08:00
### 🛠️ 安全工具
* [渗透篇: , ](https://mp.weixin.qq.com/s?__biz=MzYyNTEyMjgzMw==&mid=2247483805&idx=1&sn=a64aae89936a4e6b4472489648adc999 )
* [诚聘 内网渗透测试工程师 ](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247506686&idx=4&sn=5e6380b45468c61f1170e39972f6f2ac )
* [二开 | 自动化检测 Swagger API 接口未授权访问工具 ](https://mp.weixin.qq.com/s?__biz=MzU2NzY5MzI5Ng==&mid=2247507509&idx=1&sn=ad69d51f34de77dad9bcc5fd17637737 )
* [新一代天融信网络审计系统发布:六大核心升级,提升安全效能 ](https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650976091&idx=1&sn=66aec7f772fbe71b791da60d59ad0f21 )
* [工具 | FastWLAT ](https://mp.weixin.qq.com/s?__biz=MzkwMTQ0NDA1NQ==&mid=2247494626&idx=4&sn=3b699fc6a185b0a0862c7cd1cc1b5dcc )
* [针对VUE框架安全评估工具 ](https://mp.weixin.qq.com/s?__biz=MzkxMjg3NzU0Mg==&mid=2247486549&idx=1&sn=e01b48dc22666fc844de99e0fbe6090d )
* [图像取证工具 ](https://mp.weixin.qq.com/s?__biz=MzkxMDIwMTMxMw==&mid=2247494994&idx=1&sn=924cfd4c53e53e425eed78f2ed3d6e2c )
* [喜报|双赛斩获佳绩 彰显数智测试网络安全硬实力 ](https://mp.weixin.qq.com/s?__biz=Mzk0NTU0ODc0Nw==&mid=2247494495&idx=3&sn=4c017af76da9503713d98f4c52387de5 )
* [老板让你做App测试, ? ](https://mp.weixin.qq.com/s?__biz=Mzk0NzQxNzY2OQ==&mid=2247489878&idx=1&sn=290c3b7fa174d7257bff352d567ca910 )
* [高效渗透! ](https://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650612636&idx=4&sn=c77d941e5fa309a7253559279579a6bd )
2025-10-09 18:00:02 +08:00
* [渗透必备! , ](https://mp.weixin.qq.com/s?__biz=MzkyNDcwMTAwNw==&mid=2247536492&idx=5&sn=43366e0d578bf272847fc81e59c0f026 )
* [基于LSTM网络的车载CAN总线异常检测研究 ](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247627774&idx=1&sn=d15d079020a3bd011b039e17f947d253 )
* [AI开发助手=大规模风险自动化? ](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247540452&idx=1&sn=89ac290030841efeca8587cd1f229e35 )
* [节后报喜 | 谷安天下同月连获三家金融机构信赖 ——xa0IT审计专业实力再获市场验证 ](https://mp.weixin.qq.com/s?__biz=MzU4NDExNDQwNA==&mid=2247490437&idx=1&sn=970338f5015531d3f40be07f131fcfab )
* [新型工具EDR-Freeze曝光: ](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247584820&idx=1&sn=da434f3425b5eeb869ca175a28f07ec4 )
2025-10-09 12:00:01 +08:00
2025-10-09 09:00:02 +08:00
### 📚 最佳实践
* [AI驱动的安全运营: ](https://mp.weixin.qq.com/s?__biz=Mzg4NDc0Njk1MQ==&mid=2247488011&idx=1&sn=44d8d3a4feb174077e18dbd2e1a5c1e9 )
2025-10-09 12:00:01 +08:00
* [《中国信息安全》刊登安恒信息关于可信数据空间的实践探索与思考 ](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650633518&idx=2&sn=6863a58d2595f8a6ff18b78eca895ef8 )
* [腾讯OS Server快速入门与部署全攻略 ](https://mp.weixin.qq.com/s?__biz=MzkzMDQ0NzQwNA==&mid=2247487395&idx=1&sn=e754b0420520bfe5ff80de394d922524 )
* [互联网企业红队建设实践指南 ](https://mp.weixin.qq.com/s?__biz=Mzk5MDgzMDExMg==&mid=2247484531&idx=1&sn=df557ee5e1de78b3fc30a686bffefc07 )
* [10.1~10.8 人工智能 和 运营运维 分别上传72个PPT ](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655292684&idx=1&sn=0ffdb57959a474ae326b553766dab727 )
* [别再折腾真机了! , ](https://mp.weixin.qq.com/s?__biz=MzI4NjAzMTk3MA==&mid=2458861823&idx=1&sn=c1185987c25377ecc74538cfba836a36 )
* [3家银行因“违反金融科技管理规定“等被罚 ](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247499106&idx=3&sn=5e920b0a8f723206a52948cf801b0c83 )
* [开源安全管理平台wazuh-文件完整性监控FIM ](https://mp.weixin.qq.com/s?__biz=MjM5NDMwMjEwMg==&mid=2451852336&idx=1&sn=28b2d336254b4ac0669b4ef6ed258017 )
* [前沿 | 跨境数据安全传输的探索与实践 ](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664250415&idx=2&sn=a585aa644e8ee2501a56246a4ddeff3c )
* [AI 提示工程完整指南 ](https://mp.weixin.qq.com/s?__biz=Mzk0NjY3NjE4Ng==&mid=2247485729&idx=1&sn=4b1c6d85d8238ac1c2d05f53cbbd00e2 )
2025-10-09 18:00:02 +08:00
* [2025最新版Kali实战教程 ](https://mp.weixin.qq.com/s?__biz=MzkyNTY3Nzc3Mg==&mid=2247490648&idx=1&sn=a43fb7216a9b8a9341d1af35585374e4 )
* [暗网监控怎么搞? ](https://mp.weixin.qq.com/s?__biz=MzkyNDcwMTAwNw==&mid=2247536492&idx=3&sn=d69ac141bed006ed56e883e62fae5569 )
* [一体化融媒体平台网络安全建设和面临的网络安全挑战 ](https://mp.weixin.qq.com/s?__biz=MzU1NjczNjA0Nw==&mid=2247486941&idx=1&sn=695605fc7150fc70db1924f9970390a1 )
* [国家能源局关于发布智能电网国家科技重大专项2026年度公开项目申报指南的通知 ](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247533964&idx=2&sn=7ef645491cac80ccac19e17e4043ed52 )
* [山石方案| ](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661303248&idx=2&sn=895f4bfd4d9a1ab7a86c1bdfcfeacf9f )
2025-10-09 12:00:01 +08:00
### 🍉 吃瓜新闻
* [国企招聘 | 中国电子科技网络信息安全有限公司2025届秋招 ](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247506686&idx=1&sn=5a81cddf6b853a7cf5e3cef1dffda0cd )
* [中旅集团财务有限公司网络安全岗招聘 ](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247506686&idx=3&sn=a2b35f322617766985e80fa855c8a09b )
* [如何构建数据安全持续运营体系 ](https://mp.weixin.qq.com/s?__biz=MzkzNjkxOTEzNw==&mid=2247485259&idx=1&sn=c6a66ee36adb7a002581ae9232ac3c8a )
* [以色列国防部数据泄露 ](https://mp.weixin.qq.com/s?__biz=MzU5MjgwMDg1Mg==&mid=2247487056&idx=1&sn=e7e8dda006c1775bff6ab7eec3c72671 )
* [威努特分布式存储为城市交通打造智能数据中枢 ](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651136237&idx=1&sn=e51faf8a83cd69c2513b8f42c3bfbf72 )
* [工业高质量数据集的评估体系 ](https://mp.weixin.qq.com/s?__biz=MjM5OTk4MDE2MA==&mid=2655292684&idx=3&sn=ef46b16e6269f1cca46535d2c99d2758 )
* [资源OSINT企业及创业者( ) ](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651152413&idx=1&sn=218f9c352ec81591834583f2e2078a50 )
* [内网裸奔、数据“家门”大开!一企业因数据安全全面失守遭重罚 ](https://mp.weixin.qq.com/s?__biz=MzIwMTQ2MzU5Nw==&mid=2652462010&idx=1&sn=3811729713e88ca03b0219a12b9e02ca )
* [网络犯罪组织宣称已入侵红帽公司私有GitHub代码库 ](https://mp.weixin.qq.com/s?__biz=Mzg3OTc0NDcyNQ==&mid=2247494955&idx=4&sn=7568edbfcdea334e911e9e0b476e5a42 )
* [安联人寿数据泄露事件影响150万人 ](https://mp.weixin.qq.com/s?__biz=Mzg3OTc0NDcyNQ==&mid=2247494955&idx=7&sn=82028e21a8094adc1409f02dbb04b444 )
* [Discord披露第三方数据泄露事件, ](https://mp.weixin.qq.com/s?__biz=Mzg3OTc0NDcyNQ==&mid=2247494955&idx=8&sn=7688c57961e9e2a7cdcb606fb456e0bb )
* [雷诺和达契亚英国公司警告称数据泄露将影响客户 ](https://mp.weixin.qq.com/s?__biz=MzkxNTI2NTQxOA==&mid=2247499106&idx=2&sn=af1bc92ac872d2b59cff681e392109d6 )
* [记录一次师傅带我越权导致的信息泄露 ](https://mp.weixin.qq.com/s?__biz=MzE5MTMwODY0NQ==&mid=2247483777&idx=1&sn=bb8bdd8e46ab4034818186a9211dc672 )
* [网安牛马如何解决客户的数据安全问题?(场景一) ](https://mp.weixin.qq.com/s?__biz=MzkwOTczNzIxNQ==&mid=2247487125&idx=1&sn=7607053a5c5293e062da2a2c96c79462 )
* [可信安全 云服务用户数据保护能力评估通过名单&证书信息 ](https://mp.weixin.qq.com/s?__biz=Mzk0MjM1MDg2Mg==&mid=2247507812&idx=1&sn=3a98de331a3a1ac355bc8f79cb97ba60 )
2025-10-09 18:00:02 +08:00
* [能源行业数据安全研讨会顺利举办 ](https://mp.weixin.qq.com/s?__biz=MzUyMzA1MTM2NA==&mid=2247499442&idx=1&sn=bb0678f9cb5c46738c0c793999c09c82 )
* [中国工程院院士邬贺铨: ](https://mp.weixin.qq.com/s?__biz=Mzg4MDU0NTQ4Mw==&mid=2247533964&idx=1&sn=2f1bcd05b1e1197b06dbf4811dcb60bd )
* [业界动态国家数据局发布《关于举办2025年“数据要素× ](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664996583&idx=2&sn=09fbf1b3252fab54f74e7cf5b1ebf922 )
* [黑客借虚假Microsoft Teams安装程序植入Oyster后门入侵企业网络 ](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247584820&idx=2&sn=2e766e9848df09fbf6a84608cf734e8c )
2025-10-09 09:00:02 +08:00
### 📌 其他
* [秦安:解放军三大利好,美军利空接二连三,中美首脑会晤大局定了 ](https://mp.weixin.qq.com/s?__biz=MzA5MDg1MDUyMA==&mid=2650481558&idx=1&sn=6cfbebb7c9177a73553942a3f1fe0883 )
* [速下载! ( ) ](https://mp.weixin.qq.com/s?__biz=MzkyNzE5MDUzMw==&mid=2247579745&idx=1&sn=8b68b2e1f6c05e81c20c82b2d92e3282 )
2025-10-09 12:00:01 +08:00
* [AI安服数字员工首战告捷, ](https://mp.weixin.qq.com/s?__biz=MjM5NTE0MjQyMg==&mid=2650633518&idx=1&sn=5fcc266ace52280957d8e8b28ffa955d )
* [2025海外自动驾驶专题报告: , ](https://mp.weixin.qq.com/s?__biz=MzkyOTMwMDQ5MQ==&mid=2247520610&idx=1&sn=3bae049dcb5546eb2fdfd86e95eb3f9d )
* [普华永道: , ( ) ) ](https://mp.weixin.qq.com/s?__biz=MzkyOTMwMDQ5MQ==&mid=2247520610&idx=2&sn=12a3f73e35193d7c5c0b032bf7c5b538 )
* [多人因贩卖个人信息获刑: , ](https://mp.weixin.qq.com/s?__biz=MzIzNDIxODkyMg==&mid=2650087075&idx=1&sn=92a1e8e4e2680cbdfb42f7c98872de33 )
* [一个师傅们接私活的绝佳渠道... ](https://mp.weixin.qq.com/s?__biz=MzUzMDQ1MTY0MQ==&mid=2247507248&idx=1&sn=32a6a02e76176d813edb69771c2facc0 )
* [Mac取证-扩展属性 ](https://mp.weixin.qq.com/s?__biz=Mzg3NTU3NTY0Nw==&mid=2247490146&idx=1&sn=a9828003221638667f2a2fd59c1391fe )
* [前14篇免费ISO/IEC 27701: 2019 标准详解与实施( ) ](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486986&idx=2&sn=8fa62c131a04011c760012ff096daffd )
* [前14篇免费ISO/IEC 27701: 2019 标准详解与实施( ) ](https://mp.weixin.qq.com/s?__biz=MzA5OTEyNzc1Nw==&mid=2247486986&idx=3&sn=6895892e81fc865e131bc85c8754125f )
* [11号截止, ](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247506686&idx=2&sn=cfeb7d3c0f6cc434452a06b89629b30d )
* [乌海银行招聘信息安全岗 ](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247506686&idx=5&sn=2f911ee1f299cbf6484da062424ca071 )
* [招聘:船舶网络安全工程师 ](https://mp.weixin.qq.com/s?__biz=MzU4OTg4Nzc4MQ==&mid=2247506686&idx=6&sn=6bbd0ff55ab8d5debf4c68d416ac8acd )
* [实在是抱歉... ](https://mp.weixin.qq.com/s?__biz=MzkzNzY3ODk4MQ==&mid=2247484463&idx=1&sn=1fbbe46cac4b660dbdebaa2f95d5abb5 )
* [网络安全需要“定制菜”还是“预制菜”?——从餐饮比喻看行业未来 ](https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247548868&idx=1&sn=e48a6aef8ed718598f45ed9a9ad931c7 )
* [当万物互联变成“万物可攻”:物联网安全真相 ](https://mp.weixin.qq.com/s?__biz=Mzg2MDg0ODg1NQ==&mid=2247548868&idx=2&sn=ec25dd67e0c3f112662a6f5e8055c3e3 )
* [剖析 .NET 5 + 版本中 ShellCode 运行失效的深层原因与解决方案 ](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247500770&idx=1&sn=6b29ad9ffc97b0210d387b4c05c56f55 )
* [「.NET 安全交流社区」构建完整攻防体系的知识宝库 ](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247500770&idx=2&sn=01be6978e36fb6e848f6c0ab71608fef )
* [.NET 中使用 Windows runas 提升进程权限 ](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247500770&idx=3&sn=aa017ce333f18eb10369e5dd89a53128 )
* [国内外论文1v1辅导! , ](https://mp.weixin.qq.com/s?__biz=MzAwMjQ2NTQ4Mg==&mid=2247500634&idx=2&sn=7fc7e0dc19a888626842872e1bb38ae2 )
* [2025年Q3国内网络安全领域重要政策及标准速览 ](https://mp.weixin.qq.com/s?__biz=MzA3OTMxNTcxNA==&mid=2650976091&idx=2&sn=8b1f959187390aa802e2c288e0fb45a3 )
* [拼多多现金大转盘,你是幸运提现者还是“陪跑员”? ](https://mp.weixin.qq.com/s?__biz=MzIzMzI1Njg3Mw==&mid=2651930225&idx=1&sn=f978c071ba9f50eeced7cd53d80299f2 )
* [你在找FLAG吗? ! , , ](https://mp.weixin.qq.com/s?__biz=MzU2NzIzNzU4Mg==&mid=2247491209&idx=1&sn=162f059138567ca5ee9d23b5f1a9cbf1 )
* [每天一个网络知识:什么是交换机? ](https://mp.weixin.qq.com/s?__biz=MzUyNTExOTY1Nw==&mid=2247531919&idx=1&sn=ccbc806994162a80c42188d019b5fd5a )
* [硬盘温度对寿命影响实测:如何保持硬盘健康? ](https://mp.weixin.qq.com/s?__biz=MzU2MjU2MzI3MA==&mid=2247484986&idx=1&sn=6ce0c34b13038632cdcd2b8f64db43bc )
* [曾经绑定了健康码行程码的朋友们,你是否已经解除授权了呢?(内附解绑路径) ](https://mp.weixin.qq.com/s?__biz=MzU2MjU2MzI3MA==&mid=2247484986&idx=2&sn=818b4a07d59399b44f45e8d3dff0a2b8 )
* [暗网快讯20251009期 ](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247514333&idx=3&sn=a4d8db115acc95916126947e1eca6640 )
* [5th域安全微讯早报20251009242期 ](https://mp.weixin.qq.com/s?__biz=MzkyMjQ5ODk5OA==&mid=2247514333&idx=4&sn=ccda7e0ad4e8ee26d8b943f303345932 )
* [国庆做了4天私活, ](https://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247519739&idx=1&sn=ac79d419c8eb1aa1cf468e58366d9391 )
* [深度硬核:顶级窃密软件进化史 —— 从设备指纹到PNG图片隐写术 ](https://mp.weixin.qq.com/s?__biz=MzA4NTY4MjAyMQ==&mid=2447901441&idx=1&sn=d474dad5e8beefbc39d8b5cb0d9e5cbd )
* [充电宝电池上的 mAh 代表什么意思? ](https://mp.weixin.qq.com/s?__biz=Mzk0MTI4NTIzNQ==&mid=2247495193&idx=1&sn=c201d8299303441573afcbd2108a88c4 )
* [速进!全平台项目群“安服崽”交流群 ](https://mp.weixin.qq.com/s?__biz=MzkxNzY5MTg1Ng==&mid=2247492950&idx=2&sn=c58a160196a1a7e9894c6bc0174d483c )
* [常见网络安全国家标准下载 ](https://mp.weixin.qq.com/s?__biz=MzkxNjMwNDUxNg==&mid=2247488934&idx=1&sn=8a1b297dab2adfbb42719741bb60101c )
* [阿里与OpenAI正将大模型推向操作系统的王座, ](https://mp.weixin.qq.com/s?__biz=MzkxMDc1NzU1Ng==&mid=2247484299&idx=1&sn=bcd792d5c097a521459367f6572396f4 )
* [现代战争中无人装备作战运用及对我启示 ](https://mp.weixin.qq.com/s?__biz=MzkyMjY1MTg1MQ==&mid=2247496496&idx=1&sn=e99779c90431ee42e3e5a1e404e89bb1 )
* [深度解析游戏“外挂”乱象 ](https://mp.weixin.qq.com/s?__biz=MzIxOTM2MDYwNg==&mid=2247518571&idx=1&sn=aaad1993c565b381fb6be00769142378 )
* [网络安全行业,为什么说服务化转型是一种必然趋势 ](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247494195&idx=1&sn=84d593ee2df9014542846c77f6b24860 )
* [kali更换源 ](https://mp.weixin.qq.com/s?__biz=MzYzNjAwMjQ3OQ==&mid=2247483714&idx=1&sn=8419e8461ca2e43ac3a5ce092ad7aadd )
* [从《我看见的世界》里品出的育儿经 ](https://mp.weixin.qq.com/s?__biz=MjM5Mjc0MDU1MQ==&mid=2452314046&idx=1&sn=5ccc37c3e90e66f928be68f2a0fa11df )
* [2025诺贝尔物理学奖: ](https://mp.weixin.qq.com/s?__biz=Mzg5OTg5OTI1NQ==&mid=2247491969&idx=1&sn=0105fd0fa38f9c950e3569a04a8cc6df )
* [vulnstack环境 hongri1 ](https://mp.weixin.qq.com/s?__biz=MzkzNDM5NTMzOQ==&mid=2247486894&idx=1&sn=37cad9b41d32627776912783e349a28c )
* [专题·未成年人网络保护 | 《未成年人网络保护行业履行社会责任报告( ) ](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664250415&idx=1&sn=33fbf031b7ce75fd991e1d6ad808580f )
* [HSRC奖励公告2025年HSRC第三季度奖励公告 ](https://mp.weixin.qq.com/s?__biz=MzAwNTcyMTc4OQ==&mid=2247484533&idx=1&sn=ae98dd5462bbffd6a35f26f905d36198 )
* [做手机的 OPPO, ](https://mp.weixin.qq.com/s?__biz=MzU0NDEwMTc1MA==&mid=2247526615&idx=1&sn=8e1273310e2787b11a2f2d03b780aac5 )
* [记一次从Webshell到域控: ](https://mp.weixin.qq.com/s?__biz=Mzk0MDQwNDI3MQ==&mid=2247484098&idx=1&sn=c1bde1dd6dad9c945c8e5a756e07ed38 )
* [应急实战案例:一次内网横向应急 ](https://mp.weixin.qq.com/s?__biz=Mzk0MzYyMjEzMQ==&mid=2247489895&idx=1&sn=6b828bafbc1531b3dec2a4c1dcbc88e9 )
* [2026年网络安全人士保住饭碗的三大新技能 ](https://mp.weixin.qq.com/s?__biz=MzkxNTI2MTI1NA==&mid=2247504198&idx=1&sn=8e0d244e6d6a64987449bdfb680cc1a1 )
* [迪奥违规跨境传输个人信息案解读 ](https://mp.weixin.qq.com/s?__biz=MzkzMjE5MTY5NQ==&mid=2247504789&idx=2&sn=6f3f1d56820968ce691e3210d5086e35 )
* [每日免费资源更新( ) ](https://mp.weixin.qq.com/s?__biz=MzU3NzY3MzYzMw==&mid=2247500185&idx=1&sn=2432a80f7d79215833cfb6e02a37e1b7 )
* [老板让你做App攻防, ? ](https://mp.weixin.qq.com/s?__biz=MzkxNDAyNTY2NA==&mid=2247519696&idx=1&sn=c59fe43e7256ba9f6d5b67b4c575aa44 )
* [JS逆向 -- 记一次某免费音频听书网音频地址解析全过程 ](https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652040263&idx=1&sn=4973fbd45462961542e67e64208dd993 )
* [免费资源分享20251009 ](https://mp.weixin.qq.com/s?__biz=MzA4MzgzNTU5MA==&mid=2652040263&idx=2&sn=9b09e13a89bc409b20c3612467e4cb8c )
* [为什么现在学计算机很难找到工作了? ](https://mp.weixin.qq.com/s?__biz=MzU3MjczNzA1Ng==&mid=2247499854&idx=1&sn=4ac4246830ef433f1f213dc7880e153d )
* [Office 和 Copilot 都有哪些变化?十一假期你是否错过了这些信息 ](https://mp.weixin.qq.com/s?__biz=MzkxNzY0Mzg2OQ==&mid=2247487597&idx=1&sn=062a16bf78fdebfe20f0b32535c030c5 )
* [程序员高频常见单词 ](https://mp.weixin.qq.com/s?__biz=MzkzMjcxOTk4Mg==&mid=2247485858&idx=1&sn=b0f5e97f3217794b37054bae156261cf )
* [普陀: ](https://mp.weixin.qq.com/s?__biz=Mzk0NTU0ODc0Nw==&mid=2247494495&idx=1&sn=9ac49d4a0c9db8f9b0cf54497aa046b2 )
* [\"复兴杯\"第五届全国大学生网络安全精英赛全国院校巡回启动式联办邀请 ](https://mp.weixin.qq.com/s?__biz=Mzk0NTU0ODc0Nw==&mid=2247494495&idx=4&sn=4dfdbc76c5293abbffbee0cc13b38697 )
* [湾区杯初赛部分解题思路 ](https://mp.weixin.qq.com/s?__biz=Mzk0NTU0ODc0Nw==&mid=2247494495&idx=5&sn=948a8ee86f4b25e39d78a1f7b6ca8fc2 )
* [\"鹏云杯\"第十二届山东省大学生网络安全技能大赛线上选拔赛WriteUp ](https://mp.weixin.qq.com/s?__biz=Mzk0NTU0ODc0Nw==&mid=2247494495&idx=6&sn=5e4889a0a584bd7be61a5b308b2bf12b )
* [好靶场最新功能 ](https://mp.weixin.qq.com/s?__biz=Mzg4MDg5NzAxMQ==&mid=2247486402&idx=1&sn=6b7a72dd0f34b98cc7d35d17f6c2a039 )
* [WP | 云境靶场GreatWall2025 ](https://mp.weixin.qq.com/s?__biz=MzkyNDA5NjgyMg==&mid=2247502347&idx=1&sn=0524c0555c71518dccf0e3af0caa0138 )
* [蓝高实战案例:一次内网横向应急 ](https://mp.weixin.qq.com/s?__biz=MzkyNzg4NTU0NQ==&mid=2247486036&idx=1&sn=b02530a1ff06c0fe7476b476f7de5380 )
* [后渗透-轻量级Everything实现用于敏感文件快速定位 ](https://mp.weixin.qq.com/s?__biz=MzU5MjIzMDMzNg==&mid=2247484388&idx=1&sn=a97965b3ca61de1065aea6ec60acfb3f )
* [假期文章和资讯回顾 ](https://mp.weixin.qq.com/s?__biz=MzkwNDg1NTU0Mg==&mid=2247484380&idx=1&sn=1cd24ef8bd9e647cca501e6facc7c4ab )
* [行业资讯: ](https://mp.weixin.qq.com/s?__biz=MzUzNjkxODE5MA==&mid=2247494198&idx=1&sn=ec23b51189ec73fbe86da36ba6b7dffe )
* [深圳出台加强APP个人信息保护15条 ](https://mp.weixin.qq.com/s?__biz=MzIwNzAwOTQxMg==&mid=2652252615&idx=1&sn=d9589df70e83b4a72e8cb0408410046f )
* [码上爬解题实战: ](https://mp.weixin.qq.com/s?__biz=Mzg5ODA3OTM1NA==&mid=2247493714&idx=1&sn=04cbd397b905810b1b33bffba853863a )
* [美国联邦通信委员会将投票加强对中国电信设备的限制 ](https://mp.weixin.qq.com/s?__biz=MzU0MjE2Mjk3Ng==&mid=2247490096&idx=1&sn=b9083fb9097f818a62309813d98e3c88 )
* [谢谢您 ](https://mp.weixin.qq.com/s?__biz=MzkyNzIxMjM3Mg==&mid=2247491490&idx=1&sn=6d2b3cb8325cb2cc7ffc71a48de18f04 )
2025-10-09 15:00:01 +08:00
* [TJCTF MISC部分 ](https://mp.weixin.qq.com/s?__biz=Mzk2NDI0MjUyNQ==&mid=2247485529&idx=1&sn=74603ede55b7a741c270d1ca1df6f062 )
* [安世加沙龙第五十一期-出海安全 ( ](https://mp.weixin.qq.com/s?__biz=MzU2MTQwMzMxNA==&mid=2247543081&idx=1&sn=6741ce008e7cdd57641b267e21ec727d )
* [吃瓜学网络安全年薪160万 ](https://mp.weixin.qq.com/s?__biz=Mzg4NDg2NTM3NQ==&mid=2247485377&idx=1&sn=75dcf85df1935caf082d927f062c1f08 )
* [分享图片 ](https://mp.weixin.qq.com/s?__biz=MzI3Njc1MjcxMg==&mid=2247496535&idx=1&sn=a1023dd529ddb177cf84b47c67b495ed )
* [我不想送外卖了 ](https://mp.weixin.qq.com/s?__biz=MzIxNTIzNTExMQ==&mid=2247492270&idx=1&sn=fa7e8e17abffb08e2697837aafc5b67e )
* [西安小姐姐地陪-纯绿色 ](https://mp.weixin.qq.com/s?__biz=MzkxMDMwNDE2OQ==&mid=2247492111&idx=1&sn=e52fe72a9f2bba8795ab3d8aad798236 )
* [免费分享 | HTB靶机DarkZero解法分享 ](https://mp.weixin.qq.com/s?__biz=MzIzODMyMzQxNQ==&mid=2247485213&idx=1&sn=d2f5cd03a125c24dd79d6a6bbc352dfe )
* [网安原创文章推荐2025/10/8 ](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247490527&idx=1&sn=61a0cc52a76fb1b8037de27fb92abc39 )
* [网安原创文章推荐2025/10/7 ](https://mp.weixin.qq.com/s?__biz=MzAxNzg3NzMyNQ==&mid=2247490527&idx=2&sn=1a360f9ff1ce8eefac52e26c4b5f300c )
* [网安,不想送外卖了 ](https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247501422&idx=1&sn=be5c6651bd1ffe4945304dfcb6b32e23 )
* [为什么网安人越老越香? ](https://mp.weixin.qq.com/s?__biz=MzkzNzk5MjEyNg==&mid=2247486084&idx=1&sn=2251b2d862dacc006db64b189120343a )
* [做完这30个网安项目, ](https://mp.weixin.qq.com/s?__biz=MzkyODk0MDY5OA==&mid=2247487112&idx=1&sn=ca3346dcf5cd4ec24e2d399642ef4a9a )
* [国家级认证再添重磅!默安科技跻身重点 “小巨人”,彰显硬核科创实力 ](https://mp.weixin.qq.com/s?__biz=MzIzODQxMjM2NQ==&mid=2247501373&idx=1&sn=6547d3630469cb92db13191b65d0e0fa )
2025-10-09 18:00:02 +08:00
* [RWA领域战略合作| , ](https://mp.weixin.qq.com/s?__biz=MzAwNDUyMjk4MQ==&mid=2454832328&idx=1&sn=ae38d470550f930f95aa579ec792c773 )
* [智能网联汽车 SOME/IP 在线实战培训课程 2025 ](https://mp.weixin.qq.com/s?__biz=MzU2MDk1Nzg2MQ==&mid=2247627774&idx=2&sn=0ff1990303c983f874e6843f30bfcd5a )
* [网络安全信息与动态周报2025年第39期( ) ](https://mp.weixin.qq.com/s?__biz=MzIwNDk0MDgxMw==&mid=2247500695&idx=1&sn=e84cdd2049765e18bda5d1a3daf639fb )
* [湘江论 “安” 缺你不可! ! ! ](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247509404&idx=1&sn=ad1cac820bdfb45518e495916e302cdb )
* [单洞最高12万! ! | ](https://mp.weixin.qq.com/s?__biz=MjM5NzE1NjA0MQ==&mid=2651207485&idx=1&sn=3fe5feb93300b4b84e9e0b50965cf381 )
* [安全简讯( ) ](https://mp.weixin.qq.com/s?__biz=MzkzNzY5OTg2Ng==&mid=2247501641&idx=1&sn=1dd13c948b79493bf193efb06c7b1fc8 )
* [Spring Bean多线程并发安全性 ](https://mp.weixin.qq.com/s?__biz=MzE5MTQzMzg5MA==&mid=2247484113&idx=1&sn=29d58decd7facdc596ae98c77c26242d )
* [业界动态网安市场周度监测( ) ](https://mp.weixin.qq.com/s?__biz=MzA3NzgzNDM0OQ==&mid=2664996583&idx=3&sn=b7062d904166bf9817f9f51c62401034 )
* [想学网安?不会有人还不知道吧… ](https://mp.weixin.qq.com/s?__biz=Mzk0MzcyNjMyNg==&mid=2247486537&idx=1&sn=ab2ca45f425322b16843cf8a4cce1e8f )
* [2025-9月Solar应急响应公益月赛排名及官方题解 ](https://mp.weixin.qq.com/s?__biz=MzkyOTQ0MjE1NQ==&mid=2247504378&idx=1&sn=5b8d8c1d7f97a05cf03799e3da4c900f )
* [团队科研成果分享-59 ](https://mp.weixin.qq.com/s?__biz=MzI1MTQwMjYwNA==&mid=2247502819&idx=1&sn=51d69a86521db88324e18cfc1046862d )
* [每周文章分享-231 ](https://mp.weixin.qq.com/s?__biz=MzI1MTQwMjYwNA==&mid=2247502819&idx=2&sn=25ac55d03e917abeca35745581ce385d )
* [AI赋能实战网络靶场: , ? ](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651138894&idx=1&sn=af7595ae8cb3a5ebbeffc6d96b99d48c )
* [2025年10月起多项政策法规及标准开始施行; ! ](https://mp.weixin.qq.com/s?__biz=MjM5Njc3NjM4MA==&mid=2651138894&idx=2&sn=838495d6d3eb699e99291820b13deaab )
* [入境先停网一天!俄罗斯发布外国 SIM 卡断网令 ](https://mp.weixin.qq.com/s?__biz=Mzk2ODExMjEyNA==&mid=2247486621&idx=1&sn=9e3e5de14f6c5a197435713f1289638b )
* [告别抖动, : , ](https://mp.weixin.qq.com/s?__biz=MzAxMDE4MTAzMQ==&mid=2661303248&idx=1&sn=7c0d6533e1ffca67fb780b755c915fea )
* [平航Link+您身边的“取证管家” ](https://mp.weixin.qq.com/s?__biz=MzI0OTEyMTk5OQ==&mid=2247495185&idx=1&sn=875a483fce8bc559fc04a44b736fdec5 )
2025-10-09 09:00:02 +08:00
## 安全分析
(2025-10-09)
2025-10-09 03:00:01 +08:00
本文档包含 AI 对安全相关内容的自动化分析结果。[概览 ](https://blog.897010.xyz/c/today )
### CVE-2025-48799 - Windows Update提权漏洞
#### 📌 漏洞信息
| 属性 | 详情 |
|------|------|
| CVE编号 | CVE-2025-48799 |
| 风险等级 | `HIGH` |
| 利用状态 | `POC可用` |
| 发布时间 | 2025-10-08 00:00:00 |
| 最后更新 | 2025-10-08 15:10:53 |
#### 📦 相关仓库
- [CVE-2025-48799 ](https://github.com/ukisshinaah/CVE-2025-48799 )
#### 💡 分析概述
该漏洞 (CVE-2025-48799) 存在于Windows Update 服务中, , , , ,
#### 🔍 关键发现
| 序号 | 发现内容 |
|------|----------|
| 1 | 漏洞位于Windows Update服务, ,
| 2 | 攻击者通过更改应用安装位置,
| 3 | 漏洞利用可导致本地权限提升(LPE)。 |
| 4 | PoC代码已提供, ,
#### 🛠️ 技术细节
> 漏洞利用涉及操纵文件系统的存储感知功能,
> 攻击步骤包括: , ,
> 漏洞利用成功后,攻击者可获得更高的权限,但具体危害程度取决于被删除文件夹的内容。
#### 🎯 受影响组件
```
• Windows 10
• Windows 11
• Windows Update Service (wuauserv)
```
#### ⚡ 价值评估
< details >
< summary > 展开查看详细评估< / summary >
该漏洞影响范围广, , , ,
< / details >
---
2025-10-09 06:00:01 +08:00
### CVE-2025-0411 - 7-Zip MotW 绕过漏洞 (CVE-2025-0411)
#### 📌 漏洞信息
| 属性 | 详情 |
|------|------|
| CVE编号 | CVE-2025-0411 |
| 风险等级 | `HIGH` |
| 利用状态 | `POC可用` |
| 发布时间 | 2025-10-08 00:00:00 |
| 最后更新 | 2025-10-08 18:46:15 |
#### 📦 相关仓库
- [7-Zip-CVE-2025-0411-POC ](https://github.com/dpextreme/7-Zip-CVE-2025-0411-POC )
#### 💡 分析概述
该仓库提供了CVE-2025-0411漏洞的PoC, ( ) , , , , , , , , , ,
#### 🔍 关键发现
| 序号 | 发现内容 |
|------|----------|
| 1 | 漏洞允许绕过7-Zip的MotW保护机制。 |
| 2 | 攻击者可构造恶意压缩包,执行任意代码。 |
| 3 | PoC演示了双重压缩绕过MotW。 |
| 4 | 漏洞利用相对简单,需要用户交互。 |
#### 🛠️ 技术细节
> 漏洞原理: , ,
> 利用方法: , ,
> 修复方案:
#### 🎯 受影响组件
```
• 7-Zip (所有低于 24.09 版本)
```
#### ⚡ 价值评估
< details >
< summary > 展开查看详细评估< / summary >
该漏洞影响广泛使用的7-Zip软件, , , , ,
< / details >
---
### CVE-2025-10353 - Melis Platform 文件上传RCE
#### 📌 漏洞信息
| 属性 | 详情 |
|------|------|
| CVE编号 | CVE-2025-10353 |
| 风险等级 | `CRITICAL` |
| 利用状态 | `POC可用` |
| 发布时间 | 2025-10-08 00:00:00 |
| 最后更新 | 2025-10-08 18:42:44 |
#### 📦 相关仓库
- [CVE-2025-10353-POC ](https://github.com/ivansmc00/CVE-2025-10353-POC )
#### 💡 分析概述
该仓库提供了CVE-2025-10353的PoC, `melis-cms-slider` 模块中, ( ) , `mcsdetail_img` 参数上传文件,并通过`mcsdetail_mcslider_id` 参数控制上传目录。由于Melis Platform的特殊性, , ,
#### 🔍 关键发现
2025-10-09 03:00:01 +08:00
2025-10-09 06:00:01 +08:00
| 序号 | 发现内容 |
|------|----------|
| 1 | 文件上传漏洞允许上传恶意PHP文件。 |
| 2 | 通过参数`mcsdetail_mcslider_id` 控制上传目录,
| 3 | PoC提供Burp Suite导出的HTTP请求,
| 4 | 未经身份验证即可利用,利用门槛低,危害高。 |
| 5 | 攻击者可以完全控制服务器,获取敏感数据或进一步渗透 |
#### 🛠️ 技术细节
> 漏洞成因:`melis-cms-slider`模块的`saveDetailsForm`功能未对上传文件进行充分的校验和过滤,导致可上传恶意文件。
> 利用方法: ,
> 修复方案:实施严格的文件类型校验,对上传的文件进行安全检查,对文件名进行过滤,并设置合理的目录访问权限。
#### 🎯 受影响组件
```
• Melis Platform `melis-cms-slider` 模块
```
#### ⚡ 价值评估
< details >
< summary > 展开查看详细评估< / summary >
该漏洞为未经身份验证的文件上传RCE, , , , ,
< / details >
---
2025-10-09 09:00:02 +08:00
## 免责声明
本文内容由 AI 自动生成,仅供参考和学习交流。文章中的观点和建议不代表作者立场,使用本文信息需自行承担风险和责任。
