diff --git a/archive/2025/2025-01-12.md b/archive/2025/2025-01-12.md
new file mode 100644
index 000000000..8b66ab8cd
--- /dev/null
+++ b/archive/2025/2025-01-12.md
@@ -0,0 +1,125 @@
+# 每日安全资讯（2025-01-12）
+
+- Twitter @Nicolas Krassas
+  - [HTB: Sightless https://0xdf.gitlab.io/2025/01/11/htb-sightless.html](https://x.com/Dinosn/status/1878163997142213087)
+  - [Re @piedpiper1616 Looks like chatgpt wrote this](https://x.com/Dinosn/status/1878038502257877501)
+  - [DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering https://thehackernews.com/2025/01/doj-indicts-three-russians-for....](https://x.com/Dinosn/status/1878003388274688322)
+  - [Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation https://thehackernews.com/2025/01/microsoft-sues-hacking-group-exploitin...](https://x.com/Dinosn/status/1878003262273491307)
+  - [LDAP Watchdog: monitor record changes in an LDAP directory in real-time https://meterpreter.org/ldap-watchdog-monitor-record-changes-in-an-ldap-direct...](https://x.com/Dinosn/status/1877972215808852393)
+  - [MemProcFS Analyzer: Automated Forensic Analysis of Windows Memory Dumps https://meterpreter.org/memprocfs-analyzer-automated-forensic-analysis-of-wind...](https://x.com/Dinosn/status/1877967099139694902)
+  - [legba: multiprotocol credentials bruteforcer / password sprayer and enumerator https://meterpreter.org/legba-multiprotocol-credentials-bruteforcer-pas...](https://x.com/Dinosn/status/1877926759175159937)
+  - [CVE-2024-12847 (CVSS 9.8): NETGEAR Router Flaw Exploited in the Wild for Years, PoC Published https://securityonline.info/cve-2024-12847-cvss-9-8-netg...](https://x.com/Dinosn/status/1877926466765066607)
+  - [RT watchTowr: 🫡](https://x.com/Dinosn/status/1877926930000822468)
+- Recent Commits to cve:main
+  - [Update Sat Jan 11 20:16:57 UTC 2025](https://github.com/trickest/cve/commit/a529fd5d50c90c432baec70219470b5f625a25a0)
+  - [Update Sat Jan 11 12:19:24 UTC 2025](https://github.com/trickest/cve/commit/4ee809fb0c944239e63a757ad04299a07cefae04)
+  - [Update Sat Jan 11 04:10:25 UTC 2025](https://github.com/trickest/cve/commit/b1d77c9032f2c34f807b30264034a2a5ea416a0b)
+- Security Boulevard
+  - [Advancements in Machine Identity Protections](https://securityboulevard.com/2025/01/advancements-in-machine-identity-protections/)
+  - [From Chaos to Control: Building Your Company’s Access Management Foundation](https://securityboulevard.com/2025/01/from-chaos-to-control-building-your-companys-access-management-foundation/)
+  - [DEF CON 32 –  Porn & Privacy – ET](https://securityboulevard.com/2025/01/def-con-32-porn-privacy-et/)
+- InfoSec Write-ups - Medium
+  - [Linux Shells [Cyber Security 101] Learning Path TryHackMe Writeup | Detailed Walkthrough](https://infosecwriteups.com/linux-shells-cyber-security-101-learning-path-tryhackme-writeup-detailed-walkthrough-440e6863fb1a?source=rss----7b722bfd1b8d---4)
+  - [Windows PowerShell [Cyber Security 101 ] Learning Path TryHackMe Writeup | Detailed Walkthrough](https://infosecwriteups.com/windows-powershell-cyber-security-101-learning-path-tryhackme-writeup-detailed-walkthrough-958e3f1ec51b?source=rss----7b722bfd1b8d---4)
+  - [SQLMap: The Basics [ Cyber Security 101 ] TryHackMe Writeup | Detailed Walkthrough | THM Premium…](https://infosecwriteups.com/sqlmap-the-basics-cyber-security-101-tryhackme-writeup-detailed-walkthrough-thm-premium-9c04f57cc574?source=rss----7b722bfd1b8d---4)
+  - [Reversing, Discovering, And Exploiting A TP-Link Router Vulnerability — CVE-2024–54887](https://infosecwriteups.com/reversing-discovering-and-exploiting-a-tp-link-router-vulnerability-cve-2024-54887-341552c4b104?source=rss----7b722bfd1b8d---4)
+  - [Revisiting a Simple SQL Injection Methodology](https://infosecwriteups.com/revisiting-a-simple-sql-injection-methodology-ecd42634a21e?source=rss----7b722bfd1b8d---4)
+  - [Hacking Cicada on HackTheBox: An OSCP Step-by-Step Journey](https://infosecwriteups.com/hacking-cicada-on-hackthebox-an-oscp-step-by-step-journey-abd7e56ab53e?source=rss----7b722bfd1b8d---4)
+- 一个被知识诅咒的人
+  - [【人工智能】构建智能语音助手：使用Python实现语音识别与合成的全面指南](https://blog.csdn.net/nokiaguy/article/details/145075956)
+  - [【人工智能】用Python进行对象检测：从OpenCV到YOLO的全面指南](https://blog.csdn.net/nokiaguy/article/details/145075935)
+- SecWiki News
+  - [SecWiki News 2025-01-11 Review](http://www.sec-wiki.com/?2025-01-11)
+- Bug Bounty in InfoSec Write-ups on Medium
+  - [Revisiting a Simple SQL Injection Methodology](https://infosecwriteups.com/revisiting-a-simple-sql-injection-methodology-ecd42634a21e?source=rss----7b722bfd1b8d--bug_bounty)
+- Reverse Engineering
+  - [Reverse-engineering meets AI: My new benchmark asks you to deduce hidden byte transforms—thoughts?](https://www.reddit.com/r/ReverseEngineering/comments/1hyuf9w/reverseengineering_meets_ai_my_new_benchmark_asks/)
+- HAHWUL
+  - [ZAP 2.16 Review ⚡️](https://www.hahwul.com/2025/01/11/zap-2-16-review/)
+- Malware-Traffic-Analysis.net - Blog Entries
+  - [2025-01-09: CVE-2017-0199 XLS --> HTA --> VBS --> steganography --> DBatLoader/GuiLoader style malware](https://www.malware-traffic-analysis.net/2025/01/09/index.html)
+- HAHWUL
+  - [ZAP 2.16 Review ⚡️](https://www.hahwul.com/2025/01/11/zap-2-16-review/)
+- 奇客Solidot–传递最新科技情报
+  - [物理学家发现新粒子分数激子](https://www.solidot.org/story?sid=80307)
+  - [YouTube 主播向 AI 公司出售未发布视频去训练 AI](https://www.solidot.org/story?sid=80306)
+  - [世界最强超算 El Capitan 正式启用](https://www.solidot.org/story?sid=80305)
+  - [StackOverflow 新问题数量大幅减少](https://www.solidot.org/story?sid=80304)
+  - [德国众多大学机构集体宣布退出 X](https://www.solidot.org/story?sid=80303)
+  - [Automattic 大幅缩减对 WordPress.org 的支持](https://www.solidot.org/story?sid=80302)
+  - [巴西给 Meta 72 小时时间解释其事实核查政策的变化](https://www.solidot.org/story?sid=80301)
+- 杨龙
+  - [-2209017943](https://www.yanglong.pro/2209017943-2/)
+- 黑海洋 - IT技术知识库
+  - [Fluent Read：上下文语境的人工智能翻译引擎（浏览器插件）](https://blog.upx8.com/4651)
+- 长亭安全应急响应中心
+  - [【已复现】Ivanti Connect Secure 堆栈溢出致远程代码执行漏洞（CVE-2025-0282）](https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492691&idx=1&sn=e1d64db4b8957907e6417a61d2c40fa4&chksm=96f7fb3ea1807228c78b8469fdfa3a9fad83374094781eb88c48ae6e598331b3bd87ae4c659c&scene=58&subscene=0#rd)
+- 看雪学苑
+  - [CTF自毁程序密码：逆向分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=1&sn=c40b84e0094dfcbca49818f166d4c1f8&chksm=b18c251786fbac0172b4c573bca3dbdc17e0efad3bf6e5dace210a9b96023fdf89feccf64ba1&scene=58&subscene=0#rd)
+- 安全内参
+  - [网站域名遭非法盗用篡改，郑州两家公司被行政处罚](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513467&idx=1&sn=3ea80990fd1c334a5bbf3e29305787b1&chksm=ebfaf25bdc8d7b4dad90dcea755636cf357c28f3dcec82aaf943cbeefa88a5b135fbdc372038&scene=58&subscene=0#rd)
+- 威努特安全网络
+  - [我国牵头的国际标准发布，联合国航空数据库遭入侵 | 一周特辑](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130318&idx=1&sn=322960576db32a5d4485b1c0dc16d542&chksm=80e7137eb7909a680deaa85714119cb89492b504024287b112b4cab04f1b3fdc24bbab99c3e0&scene=58&subscene=0#rd)
+- dotNet安全矩阵
+  - [.NET 第54期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=1&sn=e082b4077e255091892be37fff847a78&chksm=fa595745cd2ede53bf9b66ae351f313cf7bf5dd1650cf01cd2dab30f1a615a0813a8427e859a&scene=58&subscene=0#rd)
+  - [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=2&sn=68b7c98d93dba9cd5cb2feb37795f5c0&chksm=fa595745cd2ede5310d59456ace4b1b2d00ad3e60a2946ee0a394adc50759ab9b978584b956a&scene=58&subscene=0#rd)
+  - [无独有偶，通过.NET反序列化漏洞实现 Visual Studio 钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=3&sn=a45de16edbca5168f73ea7ed4ffeca36&chksm=fa595745cd2ede53cd0f763edff055aeced78d85bdeea1f2be5fd2d80d72a65ed86e0df928f3&scene=58&subscene=0#rd)
+- 丁爸 情报分析师的工具箱
+  - [【资料】创建开源情报机构的理由](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148500&idx=1&sn=6cb5b45ccad95f39148ef2240c25d8f8&chksm=f1af27eec6d8aef85b73213a31ddbb5ff35a3ab0c56351b3885e6105b67a593a975858b141d8&scene=58&subscene=0#rd)
+- 安全分析与研究
+  - [新型Hellcat勒索病毒分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489905&idx=1&sn=d221af8624b76e73a62cffd81d4afb24&chksm=902fb659a7583f4f105f2bc9bb1490bdf8d2781611e9f73c12246ee56ca3b7525b5263d975bd&scene=58&subscene=0#rd)
+- 极客公园
+  - [特朗普上任前，Meta、微软等取消多元化项目；新 Model Y 上市，雷军隔空玩梗；京东 App 大改版 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071834&idx=1&sn=9726e5881ed20e810b87b68ef06af200&chksm=7e57d46c49205d7a678f880e93b38ad8df5661f949d2dd27442559ef9f751a6af0d9bc2b6514&scene=58&subscene=0#rd)
+- 网络空间安全科学学报
+  - [学术前沿 | 鹏城实验室威胁情报团队：网络威胁情报共享与融合技术综述](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504587&idx=1&sn=4eaf1ab6a4b15883ae9a77be4357a271&chksm=e9bfc675dec84f63b347462da5f7bce1abed74f36bf037a16432d25f075367ff3d1fd224cdf6&scene=58&subscene=0#rd)
+- 安全圈
+  - [【安全圈】江苏一男子利用小程序Bug逃匿28万加油费，法院判了](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=1&sn=5bef640b5980a10e736f5e8b28bb6773&chksm=f36e798ac419f09cdbd5129a3bf75829108cf7f7a7de0b1d6ac854dbbb635e3a6b7d50a7bd0d&scene=58&subscene=0#rd)
+  - [【安全圈】涉案3.3亿！有人非法搭建支付平台获利超200万](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=2&sn=792e4a8d18c9865be6e1131bf29116e9&chksm=f36e798ac419f09c4674ed1ba0a3d10573e7a3ba50adc72984e3afc698d37c2172cb8076dc0b&scene=58&subscene=0#rd)
+  - [【安全圈】Ivanti VPN 零日漏洞正在被黑客利用](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=3&sn=8eb5cc6c0a00bef351ca6ec387133310&chksm=f36e798ac419f09cca9472d89e0009706062cc803d7b61065e39083441ba8c9e646c932b6efe&scene=58&subscene=0#rd)
+- 迪哥讲事
+  - [从 SQL 注入到远程代码执行](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496813&idx=1&sn=eab6d19d242d637c1797d76ec3ae43fa&chksm=e8a5fe0edfd277188a3ce54336fe9ddf992716daadef1e899d9d6e4de34f5c25335a2222782c&scene=58&subscene=0#rd)
+- GobySec
+  - [锦鲤揭秘时刻！快来看看锦鲤礼包花落谁家吧~](https://mp.weixin.qq.com/s?__biz=MzI4MzcwNTAzOQ==&mid=2247545717&idx=1&sn=309283dd2ed10d791e052cf798b5e174&chksm=eb84d8d5dcf351c3ade60c164cef5dcf834d3e5db4c15add66752b789281fb770f82226b0664&scene=58&subscene=0#rd)
+- Over Security - Cybersecurity news aggregator
+  - [Scammers file first — Get your IRS Identity Protection PIN now](https://www.bleepingcomputer.com/news/security/scammers-file-first-get-your-irs-identity-protection-pin-now/)
+  - [Fake LDAPNightmware exploit on GitHub spreads infostealer malware](https://www.bleepingcomputer.com/news/security/fake-ldapnightmware-exploit-on-github-spreads-infostealer-malware/)
+- 山石网科安全技术研究院
+  - [2024年度重大数据泄露事件盘点-国外版](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247509629&idx=1&sn=29247d0381639fa3501942c67c219470&chksm=fa5273c3cd25fad5d99967bf051e1337733f3c3082433d432cf1da5a2100a7b651661c585277&scene=58&subscene=0#rd)
+- 吴鲁加
+  - [我工作里使用的软件和工作流](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485135&idx=1&sn=0510f35c72516e30adcd494474dd6df1&chksm=c01a8bfef76d02e8f7fb3e9696d8b0cee09ab8dee030fe992b916e71468791be793abbc80527&scene=58&subscene=0#rd)
+- ICT Security Magazine
+  - [Living-off-the-Land Binaries (LOLBins) negli attacchi fileless: Analisi Tecnica e Implicazioni per la Sicurezza](https://www.ictsecuritymagazine.com/articoli/living-off-the-land-binaries-lolbins/)
+- Deep Web
+  - [Would you like this reward?](https://www.reddit.com/r/deepweb/comments/1hz9bjv/would_you_like_this_reward/)
+- Information Security
+  - [Open Source Shadow IT Detection](https://www.reddit.com/r/Information_Security/comments/1hyoren/open_source_shadow_it_detection/)
+- Computer Forensics
+  - [How do you read a $MFT? (First Computer Forensics class)](https://www.reddit.com/r/computerforensics/comments/1hyvbdc/how_do_you_read_a_mft_first_computer_forensics/)
+- Your Open Hacker Community
+  - [Getting infinite lives in Prehistorik on Windows 11](https://www.reddit.com/r/HowToHack/comments/1hz6pee/getting_infinite_lives_in_prehistorik_on_windows/)
+  - [How to convert a password protected zip file into a RAR file?](https://www.reddit.com/r/HowToHack/comments/1hz3bgu/how_to_convert_a_password_protected_zip_file_into/)
+  - [recovering google account](https://www.reddit.com/r/HowToHack/comments/1hyx8qq/recovering_google_account/)
+  - [Has anyone tried hijacking school Apple TVs for a prank?](https://www.reddit.com/r/HowToHack/comments/1hz3nxz/has_anyone_tried_hijacking_school_apple_tvs_for_a/)
+  - [Help](https://www.reddit.com/r/HowToHack/comments/1hyzqf5/help/)
+  - [Can anyone help me with a teleg private group(pls dm me)](https://www.reddit.com/r/HowToHack/comments/1hyzpji/can_anyone_help_me_with_a_teleg_private_grouppls/)
+  - [I need to find someone's IP address or something](https://www.reddit.com/r/HowToHack/comments/1hyzxt3/i_need_to_find_someones_ip_address_or_something/)
+- OnionSec
+  - [短文：对现实里网络安全领域的新认识](https://mp.weixin.qq.com/s?__biz=MzUyMTUwMzI3Ng==&mid=2247485562&idx=1&sn=8b6790ca85055bf567130a044261ebda&chksm=f9db5f39ceacd62f1d9d93c36893e92be17a408acced658927b37d165077e523234bfe823d95&scene=58&subscene=0#rd)
+- 银针安全
+  - [高版本Fastjson在Java原生反序列化中的利用](https://mp.weixin.qq.com/s?__biz=Mzg2MDY2ODc5MA==&mid=2247484185&idx=1&sn=9068c43597d87c94568fe70974fd6365&chksm=ce239500f9541c160287b545120d6495c7a2aa9c5c75e0ad101c7a3d3600e86ea6b64ef75f63&scene=58&subscene=0#rd)
+- 希潭实验室
+  - [第112篇：美国APT震网病毒入侵伊朗核工厂后续与启示（第4篇）](https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247487306&idx=1&sn=00dc7cf337a613d22207cecd7674ec88&chksm=c25fc031f5284927d968a7121718ccfa82db72798405bf0100bd1d248c3cb88d1360e288e491&scene=58&subscene=0#rd)
+- Technical Information Security Content & Discussion
+  - [$2m laundered: the YouTube crypto tutorials’ huge scam (investigation)](https://www.reddit.com/r/netsec/comments/1hz54x4/2m_laundered_the_youtube_crypto_tutorials_huge/)
+  - [Gayfemboy: A Botnet Deliver Through a Four-Faith Industrial Router 0-day Exploit.](https://www.reddit.com/r/netsec/comments/1hyjjpb/gayfemboy_a_botnet_deliver_through_a_fourfaith/)
+- Blackhat Library: Hacking techniques and research
+  - [Telefonica Breach: Infostealer Malware Opens Door for Social Engineering Tactics](https://www.reddit.com/r/blackhat/comments/1hysvc3/telefonica_breach_infostealer_malware_opens_door/)
+- The Hacker News
+  - [Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation](https://thehackernews.com/2025/01/microsoft-sues-hacking-group-exploiting.html)
+  - [DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering](https://thehackernews.com/2025/01/doj-indicts-three-russians-for.html)
+- Security Affairs
+  - [DoJ charged three Russian citizens with operating crypto-mixing services](https://securityaffairs.com/172957/cyber-crime/doj-charged-russian-citizens-with-operating-crypto-mixing-services.html)
+  - [U.S. cannabis dispensary STIIIZY disclosed a data breach](https://securityaffairs.com/172950/data-breach/marijuana-dispensary-stiiizy-data-breach.html)
+  - [A novel PayPal phishing campaign hijacks accounts](https://securityaffairs.com/172935/cyber-crime/paypal-phishing-campaign-hijacks-accounts.html)
+- Social Engineering
+  - [The hidden psychology of abusers](https://www.reddit.com/r/SocialEngineering/comments/1hyxk74/the_hidden_psychology_of_abusers/)
diff --git a/today.md b/today.md
index f34cfc308..8b66ab8cd 100644
--- a/today.md
+++ b/today.md
@@ -1,285 +1,125 @@
-# 每日安全资讯（2025-01-11）
+# 每日安全资讯（2025-01-12）
 
-- Trustwave Blog
-  - [Why Vulnerability Scanning Alone Isn’t Enough: The Case for Penetration Testing](https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/why-vulnerability-scanning-alone-isnt-enough-the-case-for-penetration-testing/)
-- Security Boulevard
-  - [2025 SaaS Security Word of the Year: Adaptability | Grip](https://securityboulevard.com/2025/01/2025-saas-security-word-of-the-year-adaptability-grip/)
-  - [Strategic Approaches to Enhance Data Security](https://securityboulevard.com/2025/01/strategic-approaches-to-enhance-data-security/)
-  - [The Cost of Complacency in Credential Hygiene](https://securityboulevard.com/2025/01/the-cost-of-complacency-in-credential-hygiene/)
-  - [Below the Surface Winter 2024 Edition – The Year in Review](https://securityboulevard.com/2025/01/below-the-surface-winter-2024-edition-the-year-in-review/)
-  - [New Paper: “Future of SOC: Transform the ‘How’” (Paper 5)](https://securityboulevard.com/2025/01/new-paper-future-of-soc-transform-the-how-paper-5/)
-  - [Hackers Attack PowerSchool, Expose K-12 Teacher and Student Data](https://securityboulevard.com/2025/01/hackers-attack-powerschool-expose-k-12-teacher-and-student-data/)
-  - [Unlock collaboration and efficiency in software management with SBOMs](https://securityboulevard.com/2025/01/unlock-collaboration-and-efficiency-in-software-management-with-sboms/)
-  - [SonarQube for IDE: Our journey this year, and sneak peek into 2025](https://securityboulevard.com/2025/01/sonarqube-for-ide-our-journey-this-year-and-sneak-peek-into-2025/)
-  - [Cybersecurity Insights with Contrast CISO David Lindner | 01/10/25](https://securityboulevard.com/2025/01/cybersecurity-insights-with-contrast-ciso-david-lindner-01-10-25/)
-  - [DPDP Rules 2025: What Everything You Need to Know](https://securityboulevard.com/2025/01/dpdp-rules-2025-what-everything-you-need-to-know/)
+- Twitter @Nicolas Krassas
+  - [HTB: Sightless https://0xdf.gitlab.io/2025/01/11/htb-sightless.html](https://x.com/Dinosn/status/1878163997142213087)
+  - [Re @piedpiper1616 Looks like chatgpt wrote this](https://x.com/Dinosn/status/1878038502257877501)
+  - [DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering https://thehackernews.com/2025/01/doj-indicts-three-russians-for....](https://x.com/Dinosn/status/1878003388274688322)
+  - [Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation https://thehackernews.com/2025/01/microsoft-sues-hacking-group-exploitin...](https://x.com/Dinosn/status/1878003262273491307)
+  - [LDAP Watchdog: monitor record changes in an LDAP directory in real-time https://meterpreter.org/ldap-watchdog-monitor-record-changes-in-an-ldap-direct...](https://x.com/Dinosn/status/1877972215808852393)
+  - [MemProcFS Analyzer: Automated Forensic Analysis of Windows Memory Dumps https://meterpreter.org/memprocfs-analyzer-automated-forensic-analysis-of-wind...](https://x.com/Dinosn/status/1877967099139694902)
+  - [legba: multiprotocol credentials bruteforcer / password sprayer and enumerator https://meterpreter.org/legba-multiprotocol-credentials-bruteforcer-pas...](https://x.com/Dinosn/status/1877926759175159937)
+  - [CVE-2024-12847 (CVSS 9.8): NETGEAR Router Flaw Exploited in the Wild for Years, PoC Published https://securityonline.info/cve-2024-12847-cvss-9-8-netg...](https://x.com/Dinosn/status/1877926466765066607)
+  - [RT watchTowr: 🫡](https://x.com/Dinosn/status/1877926930000822468)
 - Recent Commits to cve:main
-  - [Update Fri Jan 10 20:11:13 UTC 2025](https://github.com/trickest/cve/commit/35ab00cc0e2f9453ab25383a9a5c9d4cfa1182d1)
-  - [Update Fri Jan 10 12:19:12 UTC 2025](https://github.com/trickest/cve/commit/bb4ddf1816df72235be5cd596f20b2ed83504f0c)
-  - [Update Fri Jan 10 04:22:20 UTC 2025](https://github.com/trickest/cve/commit/0eba4829b48b6e4109d4f696f205771712d068c3)
-- SecWiki News
-  - [SecWiki News 2025-01-10 Review](http://www.sec-wiki.com/?2025-01-10)
+  - [Update Sat Jan 11 20:16:57 UTC 2025](https://github.com/trickest/cve/commit/a529fd5d50c90c432baec70219470b5f625a25a0)
+  - [Update Sat Jan 11 12:19:24 UTC 2025](https://github.com/trickest/cve/commit/4ee809fb0c944239e63a757ad04299a07cefae04)
+  - [Update Sat Jan 11 04:10:25 UTC 2025](https://github.com/trickest/cve/commit/b1d77c9032f2c34f807b30264034a2a5ea416a0b)
+- Security Boulevard
+  - [Advancements in Machine Identity Protections](https://securityboulevard.com/2025/01/advancements-in-machine-identity-protections/)
+  - [From Chaos to Control: Building Your Company’s Access Management Foundation](https://securityboulevard.com/2025/01/from-chaos-to-control-building-your-companys-access-management-foundation/)
+  - [DEF CON 32 –  Porn & Privacy – ET](https://securityboulevard.com/2025/01/def-con-32-porn-privacy-et/)
 - InfoSec Write-ups - Medium
-  - [SOC176 — RDP Brute Force Detected](https://infosecwriteups.com/soc176-rdp-brute-force-detected-dde4163e03c2?source=rss----7b722bfd1b8d---4)
-  - [How Spanning Tree Protocol (STP) Works](https://infosecwriteups.com/how-spanning-tree-protocol-stp-works-bfa348490673?source=rss----7b722bfd1b8d---4)
-  - [Introduction to Network File Sharing with NFS and Samba](https://infosecwriteups.com/introduction-to-network-file-sharing-with-nfs-and-samba-62a818a312c6?source=rss----7b722bfd1b8d---4)
-  - [Unlock the Ultimate Resource Hub for Security Researchers](https://infosecwriteups.com/unlock-the-ultimate-resource-hub-for-security-researchers-9fa52bbff1ff?source=rss----7b722bfd1b8d---4)
-  - [Race Condition to Bypass Rate-Limiting: A new technique made by Nillsx](https://infosecwriteups.com/race-condition-to-bypass-rate-limiting-a-new-technique-made-by-nillsx-6a60f41dbae6?source=rss----7b722bfd1b8d---4)
-  - [Hacking CozyHosting on HackTheBox: A Step-By-Step OSCP Journey](https://infosecwriteups.com/hacking-cozyhosting-on-hackthebox-a-step-by-step-oscp-journey-7514ceede24f?source=rss----7b722bfd1b8d---4)
-  - [Windows Active Directory Hacking Lab Setup — Part 2, Setting up Users Machines and Groups](https://infosecwriteups.com/windows-active-directory-hacking-lab-setup-part-2-setting-up-users-machines-and-groups-a24fbe2971c7?source=rss----7b722bfd1b8d---4)
-  - [My Journey with RTO 2 ( CRTL ): A Review](https://infosecwriteups.com/my-journey-with-rto-2-crtl-a-review-2f32a463effb?source=rss----7b722bfd1b8d---4)
-  - [Windows Active Directory Hacking Lab Part 3 — Joining Machines to the Domain](https://infosecwriteups.com/windows-active-directory-hacking-lab-part-3-joining-machines-to-the-domain-a9f9a40a77d1?source=rss----7b722bfd1b8d---4)
-  - [Blind OS Command Injection with Output Redirection](https://infosecwriteups.com/blind-os-command-injection-with-output-redirection-1d08c3793ff1?source=rss----7b722bfd1b8d---4)
-- paper - Last paper
-  - [Self-changing Data Type - CVE-2024-40676 漏洞分析](https://paper.seebug.org/3266/)
-- 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
-  - [国家网络安全通报中心：重点防范境外恶意网址和恶意IP](https://www.4hou.com/posts/VW2o)
-  - [Check Point：企业如何应对复杂网络挑战？](https://www.4hou.com/posts/W1Ko)
-- ElcomSoft blog
-  - [iPhone and iPad Acquisition Methods: Yet Another Comparison](https://blog.elcomsoft.com/2025/01/iphone-and-ipad-acquisition-methods-yet-another-comparison/)
-- 安全客-有思想的安全新媒体
-  - [入选“磐安”教育应用优秀案例！360打造人才培育标杆](https://www.anquanke.com/post/id/303426)
-  - [初始访问代理（IAB）如何出售用户证书](https://www.anquanke.com/post/id/303423)
-  - [注册过期域名，4000 多个后门被劫持](https://www.anquanke.com/post/id/303420)
-  - [俄罗斯 ISP 证实乌克兰黑客“摧毁”了其网络](https://www.anquanke.com/post/id/303417)
-  - [医疗计费公司 Medusind 披露漏洞影响 36 万人](https://www.anquanke.com/post/id/303411)
-  - [黑客利用 KerioControl 防火墙漏洞窃取管理员 CSRF 标记](https://www.anquanke.com/post/id/303408)
-  - [SonicWall 敦促管理员立即修补可被利用的 SSLVPN 漏洞](https://www.anquanke.com/post/id/303404)
-  - [未修补的关键缺陷影响 Fancy Product Designer WordPress 插件](https://www.anquanke.com/post/id/303401)
-  - [2025 年的网络安全： 全球冲突、成熟的人工智能和群众的智慧](https://www.anquanke.com/post/id/303398)
+  - [Linux Shells [Cyber Security 101] Learning Path TryHackMe Writeup | Detailed Walkthrough](https://infosecwriteups.com/linux-shells-cyber-security-101-learning-path-tryhackme-writeup-detailed-walkthrough-440e6863fb1a?source=rss----7b722bfd1b8d---4)
+  - [Windows PowerShell [Cyber Security 101 ] Learning Path TryHackMe Writeup | Detailed Walkthrough](https://infosecwriteups.com/windows-powershell-cyber-security-101-learning-path-tryhackme-writeup-detailed-walkthrough-958e3f1ec51b?source=rss----7b722bfd1b8d---4)
+  - [SQLMap: The Basics [ Cyber Security 101 ] TryHackMe Writeup | Detailed Walkthrough | THM Premium…](https://infosecwriteups.com/sqlmap-the-basics-cyber-security-101-tryhackme-writeup-detailed-walkthrough-thm-premium-9c04f57cc574?source=rss----7b722bfd1b8d---4)
+  - [Reversing, Discovering, And Exploiting A TP-Link Router Vulnerability — CVE-2024–54887](https://infosecwriteups.com/reversing-discovering-and-exploiting-a-tp-link-router-vulnerability-cve-2024-54887-341552c4b104?source=rss----7b722bfd1b8d---4)
+  - [Revisiting a Simple SQL Injection Methodology](https://infosecwriteups.com/revisiting-a-simple-sql-injection-methodology-ecd42634a21e?source=rss----7b722bfd1b8d---4)
+  - [Hacking Cicada on HackTheBox: An OSCP Step-by-Step Journey](https://infosecwriteups.com/hacking-cicada-on-hackthebox-an-oscp-step-by-step-journey-abd7e56ab53e?source=rss----7b722bfd1b8d---4)
 - 一个被知识诅咒的人
-  - [【Python】深入Python元类：动态生成类与对象的艺术](https://blog.csdn.net/nokiaguy/article/details/145055724)
-  - [【Python】深入探索 Python 装饰器链：创建组合装饰器的技巧与应用](https://blog.csdn.net/nokiaguy/article/details/145055719)
-- 安全脉搏
-  - [后门函数技术在二进制对抗中的应用](https://www.secpulse.com/archives/205266.html)
-  - [靶场战神为何会陨落？](https://www.secpulse.com/archives/205395.html)
+  - [【人工智能】构建智能语音助手：使用Python实现语音识别与合成的全面指南](https://blog.csdn.net/nokiaguy/article/details/145075956)
+  - [【人工智能】用Python进行对象检测：从OpenCV到YOLO的全面指南](https://blog.csdn.net/nokiaguy/article/details/145075935)
+- SecWiki News
+  - [SecWiki News 2025-01-11 Review](http://www.sec-wiki.com/?2025-01-11)
 - Bug Bounty in InfoSec Write-ups on Medium
-  - [Unlock the Ultimate Resource Hub for Security Researchers](https://infosecwriteups.com/unlock-the-ultimate-resource-hub-for-security-researchers-9fa52bbff1ff?source=rss----7b722bfd1b8d--bug_bounty)
-  - [Race Condition to Bypass Rate-Limiting: A new technique made by Nillsx](https://infosecwriteups.com/race-condition-to-bypass-rate-limiting-a-new-technique-made-by-nillsx-6a60f41dbae6?source=rss----7b722bfd1b8d--bug_bounty)
-  - [Blind OS Command Injection with Output Redirection](https://infosecwriteups.com/blind-os-command-injection-with-output-redirection-1d08c3793ff1?source=rss----7b722bfd1b8d--bug_bounty)
-  - [Finding Hidden Subdomains with OSINT Tools](https://infosecwriteups.com/finding-hidden-subdomains-with-osint-tools-ad7e411587ee?source=rss----7b722bfd1b8d--bug_bounty)
+  - [Revisiting a Simple SQL Injection Methodology](https://infosecwriteups.com/revisiting-a-simple-sql-injection-methodology-ecd42634a21e?source=rss----7b722bfd1b8d--bug_bounty)
 - Reverse Engineering
-  - [One Dog v. the Windows 3.1 Graphics Stack](https://www.reddit.com/r/ReverseEngineering/comments/1hyhhvq/one_dog_v_the_windows_31_graphics_stack/)
-  - [Parsing the c64 Bubble Bobble Wind Currents](https://www.reddit.com/r/ReverseEngineering/comments/1hy2u3c/parsing_the_c64_bubble_bobble_wind_currents/)
-- SentinelOne
-  - [The Good, the Bad and the Ugly in Cybersecurity – Week 2](https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-2-6/)
-- Malwarebytes
-  - [BayMark Health Services sends breach notifications after ransomware attack](https://www.malwarebytes.com/blog/news/2025/01/baymark-health-services-sends-breach-notifications-after-ransomware-attack)
-- Intigriti
-  - [Intigriti Bug Bytes #220 - January 2025 🚀](https://www.intigriti.com/researchers/blog/bug-bytes/bug-bytes-220-january-2025)
-- PortSwigger Blog
-  - [Make Burp Suite your own: high-powered extensibility to customize and enhance your testing. 🛠️](https://portswigger.net/blog/make-burp-suite-your-own-high-powered-extensibility-to-customize-and-enhance-your-testing)
-- FreeBuf网络安全行业门户
-  - [CVE-2024-6768漏洞分析](https://www.freebuf.com/vuls/419530.html)
-  - [YAK-SSA，古希腊掌管PHP代码审计的神](https://www.freebuf.com/articles/web/419509.html)
-  - [【论文速读】| 利用大语言模型在灰盒模糊测试中生成初始种子](https://www.freebuf.com/articles/network/419499.html)
-  - [FreeBuf周报 | AWS屡曝严重RCE漏洞；2025年需要防范这五大恶意软件](https://www.freebuf.com/news/419455.html)
-  - [超4000个Web后门通过注册过期域名被劫持](https://www.freebuf.com/news/419479.html)
-  - [Banshee Stealer新变种正借Apple XProtect加密技术躲避杀毒软件](https://www.freebuf.com/news/419475.html)
-  - [给DevOps加点料：融入安全性的DevSecOps](https://www.freebuf.com/news/419443.html)
-- 绿盟科技技术博客
-  - [【漏洞通告】Ivanti多款产品缓冲区溢出漏洞(CVE-2025-0282)](https://blog.nsfocus.net/cve-2025-0282/)
-- darkless
-  - [云原生安全学习小记](https://darkless.cn/2025/01/10/cloud-native-security/)
+  - [Reverse-engineering meets AI: My new benchmark asks you to deduce hidden byte transforms—thoughts?](https://www.reddit.com/r/ReverseEngineering/comments/1hyuf9w/reverseengineering_meets_ai_my_new_benchmark_asks/)
+- HAHWUL
+  - [ZAP 2.16 Review ⚡️](https://www.hahwul.com/2025/01/11/zap-2-16-review/)
+- Malware-Traffic-Analysis.net - Blog Entries
+  - [2025-01-09: CVE-2017-0199 XLS --> HTA --> VBS --> steganography --> DBatLoader/GuiLoader style malware](https://www.malware-traffic-analysis.net/2025/01/09/index.html)
+- HAHWUL
+  - [ZAP 2.16 Review ⚡️](https://www.hahwul.com/2025/01/11/zap-2-16-review/)
 - 奇客Solidot–传递最新科技情报
-  - [独立分析认为巴勒斯坦卫生部严重低估了加沙死亡人数](https://www.solidot.org/story?sid=80300)
-  - [四分之一淡水动物面临灭绝](https://www.solidot.org/story?sid=80299)
-  - [美国司法部准备出售扣押的丝绸之路比特币](https://www.solidot.org/story?sid=80298)
-  - [法官拒绝了试图从垃圾堆里挖出 8000 比特币的诉讼](https://www.solidot.org/story?sid=80297)
-  - [三星量产笔记本用的卷轴 OLED 显示屏](https://www.solidot.org/story?sid=80296)
-  - [2024 年是平均气温比工业化前水平高出1.5 摄氏度的第一年](https://www.solidot.org/story?sid=80295)
-  - [氟化物暴露与 IQ 分数低相关](https://www.solidot.org/story?sid=80294)
-  - [中国在前沿 AI 研究上紧追美国](https://www.solidot.org/story?sid=80293)
-  - [中国风投让失败的创业者成为失信债务人](https://www.solidot.org/story?sid=80292)
-  - [ispace 准备再次发射登月舱](https://www.solidot.org/story?sid=80291)
-  - [乳腺癌是最常见的癌症肺癌是最致命的癌症](https://www.solidot.org/story?sid=80290)
-  - [拜登计划在离任前对 AI 芯片出口实施新限制](https://www.solidot.org/story?sid=80289)
-- HackerNews
-  - [PowerSchool 的学生和教师信息数据库表在网络攻击中被盗](https://hackernews.cc/archives/56820)
-  - [“白厅进程”应对商业黑客工具泛滥：忧虑多过解决方案](https://hackernews.cc/archives/56817)
-  - [黑客利用 KerioControl 防火墙漏洞窃取管理员 CSRF 标记](https://hackernews.cc/archives/56811)
-  - [美国最大成瘾治疗服务提供商通知患者数据泄露](https://hackernews.cc/archives/56809)
-  - [新型 Banshee Stealer 变种利用类似苹果的加密技术绕过杀毒软件](https://hackernews.cc/archives/56798)
-  - [SonicWall、Palo Alto Expedition 及 Aviatrix 控制器重大漏洞已修复](https://hackernews.cc/archives/56795)
+  - [物理学家发现新粒子分数激子](https://www.solidot.org/story?sid=80307)
+  - [YouTube 主播向 AI 公司出售未发布视频去训练 AI](https://www.solidot.org/story?sid=80306)
+  - [世界最强超算 El Capitan 正式启用](https://www.solidot.org/story?sid=80305)
+  - [StackOverflow 新问题数量大幅减少](https://www.solidot.org/story?sid=80304)
+  - [德国众多大学机构集体宣布退出 X](https://www.solidot.org/story?sid=80303)
+  - [Automattic 大幅缩减对 WordPress.org 的支持](https://www.solidot.org/story?sid=80302)
+  - [巴西给 Meta 72 小时时间解释其事实核查政策的变化](https://www.solidot.org/story?sid=80301)
+- 杨龙
+  - [-2209017943](https://www.yanglong.pro/2209017943-2/)
+- 黑海洋 - IT技术知识库
+  - [Fluent Read：上下文语境的人工智能翻译引擎（浏览器插件）](https://blog.upx8.com/4651)
+- 长亭安全应急响应中心
+  - [【已复现】Ivanti Connect Secure 堆栈溢出致远程代码执行漏洞（CVE-2025-0282）](https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247492691&idx=1&sn=e1d64db4b8957907e6417a61d2c40fa4&chksm=96f7fb3ea1807228c78b8469fdfa3a9fad83374094781eb88c48ae6e598331b3bd87ae4c659c&scene=58&subscene=0#rd)
 - 看雪学苑
-  - [VMProtect本地授权锁的分析与破解](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=1&sn=f7ad4ebbe10787b233f29e316423ebc0&chksm=b18c251686fbac000c0d9e48e4e58a84a1b590532c52b8d159cc104abf0757844caf4d8eb544&scene=58&subscene=0#rd)
-  - [超4000个后门通过注册过期域名被劫持](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=2&sn=59a0f2be5e5bacf99eec4b02e9d3c5b6&chksm=b18c251686fbac006a376e63c212d61451edceb7ec989fea2e2c5c0b1c38d098c6729bf85e3e&scene=58&subscene=0#rd)
-  - [本周职位大更新！众多企业抛出橄榄枝，你的心动岗位来了吗？](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588572&idx=3&sn=abdd6a29e3e32a98636c35e70688f0aa&chksm=b18c251686fbac006bd5419dfb500501416d0536da5467876cade8cc988f21cde5cef1bc230e&scene=58&subscene=0#rd)
-- 绿盟科技CERT
-  - [【漏洞通告】Ivanti多款产品缓冲区溢出漏洞(CVE-2025-0282)](https://mp.weixin.qq.com/s?__biz=Mzk0MjE3ODkxNg==&mid=2247488825&idx=1&sn=5e77e5178823b42679dcaa1914251bf3&chksm=c2c64232f5b1cb24e14a80899dc4fedc64d3489130f642d9a59175803b8acb8d6455c3e2f7d2&scene=58&subscene=0#rd)
-- 锦行科技
-  - [为民立命 有你皆安](https://mp.weixin.qq.com/s?__biz=MzIxNTQxMjQyNg==&mid=2247493604&idx=1&sn=f55d84097f6ddb9e0003210e450ddce3&chksm=979a1c41a0ed95578df3916b75adf84b4e80f1c1293be8bff28598fcb76a955be2bcbf6c5b14&scene=58&subscene=0#rd)
+  - [CTF自毁程序密码：逆向分析](https://mp.weixin.qq.com/s?__biz=MjM5NTc2MDYxMw==&mid=2458588573&idx=1&sn=c40b84e0094dfcbca49818f166d4c1f8&chksm=b18c251786fbac0172b4c573bca3dbdc17e0efad3bf6e5dace210a9b96023fdf89feccf64ba1&scene=58&subscene=0#rd)
 - 安全内参
-  - [AI Agents越来越火，它可能存在一个严重安全隐患](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513463&idx=1&sn=b35ecbae92733cf9b66597ee744d842b&chksm=ebfaf257dc8d7b416ce794352466d8ad74c53bfe8a79bf635dfaf0d4187386f3da80fab3ef45&scene=58&subscene=0#rd)
-  - [首次！欧盟官方因违反数据保护法规向用户赔偿3000元](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513463&idx=2&sn=b2d4253ee32d9fc32803935873f93db4&chksm=ebfaf257dc8d7b418d97da9d0d19a8213331ca808d892243fd9e63ad78142b36470304149cde&scene=58&subscene=0#rd)
-- 丁爸 情报分析师的工具箱
-  - [【资料】网络的三张面孔：网络和平活动家，间谍，攻击者](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148492&idx=1&sn=e284a7e43cbcb6ab36ec5a1f003ab059&chksm=f1af27f6c6d8aee040256534a8be599a13aa1d52d2e03ec456307340c1fd877521c5f767fb35&scene=58&subscene=0#rd)
-- 奇安信威胁情报中心
-  - [每周高级威胁情报解读(2025.01.03~01.09)](https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247513719&idx=1&sn=7ba22c6c00a862dcc9bd46f1f73fc77d&chksm=ea664100dd11c8160f008b33f2a15aa0b4839d1559f4b3481539f9536f92c79c36c5b9357879&scene=58&subscene=0#rd)
-- 代码卫士
-  - [DNA测序设备运行老旧BIOS，影响临床研究](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522035&idx=1&sn=a607aca6553fbf1ed41e27c839e45bea&chksm=ea94a799dde32e8f87b51465ef7f6ed4449ddc0857c8c220dcc378283ba9fd8b9880b6e27544&scene=58&subscene=0#rd)
-  - [Palo Alto Networks 修复退市 Migration Tool中的高危漏洞](https://mp.weixin.qq.com/s?__biz=MzI2NTg4OTc5Nw==&mid=2247522035&idx=2&sn=71c00b294647fadae4e56ffc500f1300&chksm=ea94a799dde32e8fec367a20f0630181350a5ca556cc26cfaa9fcbefdac76ae3c3831523c87e&scene=58&subscene=0#rd)
-- 青衣十三楼飞花堂
-  - [智能汽车的强大功能](https://mp.weixin.qq.com/s?__biz=MzUzMjQyMDE3Ng==&mid=2247487868&idx=1&sn=38f654feb41f7697779f05deda25a854&chksm=fab2d243cdc55b55c5f372aeb393d132f828265e4f572b79938e9332ace4bd70a4e34e18deee&scene=58&subscene=0#rd)
-- ChaMd5安全团队
-  - [共赴商用密码盛事，开启创新发展新篇--2025第三届商用密码展将于6月11日-13日在上海举办！](https://mp.weixin.qq.com/s?__biz=MzIzMTc1MjExOQ==&mid=2247511835&idx=1&sn=74578ef36cfe67c4677beb96c5d15795&chksm=e89d87c3dfea0ed56fbfb4aaa6133aa385822fce6524d09512079841830c9e533d5a57e3d129&scene=58&subscene=0#rd)
+  - [网站域名遭非法盗用篡改，郑州两家公司被行政处罚](https://mp.weixin.qq.com/s?__biz=MzI4NDY2MDMwMw==&mid=2247513467&idx=1&sn=3ea80990fd1c334a5bbf3e29305787b1&chksm=ebfaf25bdc8d7b4dad90dcea755636cf357c28f3dcec82aaf943cbeefa88a5b135fbdc372038&scene=58&subscene=0#rd)
 - 威努特安全网络
-  - [从全年重大网络安全事件，观2025年威胁走势和行业发展](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130288&idx=1&sn=3bc2382268d5fe7ce39f24acbdad0f6e&chksm=80e71300b7909a16105976d01df0935ffee83e178b812014b8e38c0ab6bc1398f7c8aaced5c9&scene=58&subscene=0#rd)
-- 奇安信病毒响应中心
-  - [每周勒索威胁摘要](https://mp.weixin.qq.com/s?__biz=MzI5Mzg5MDM3NQ==&mid=2247498230&idx=1&sn=1bb3e3b09b57458fc4b2f0b9fd3ca424&chksm=ec6989dedb1e00c86bf7d7fea369ccd3f9712b4fb1c02711d2ae2af119b3943bdf107ef28197&scene=58&subscene=0#rd)
-- leveryd
-  - [没想到x-waf还可以用来测rasp](https://mp.weixin.qq.com/s?__biz=MzkyMDIxMjE5MA==&mid=2247485491&idx=1&sn=9e4d62e3c2d058cba9fa930fd49aa2b7&chksm=c1970f82f6e0869445bca851e6fb22753206fbbbb42ffe7fbac3ed702da4b9fb08fef0e81a46&scene=58&subscene=0#rd)
-- 数世咨询
-  - [解锁DSPM的价值：全面提升数据安全](https://mp.weixin.qq.com/s?__biz=MzkxNzA3MTgyNg==&mid=2247533977&idx=1&sn=90efd3be6f2ded1fe885486889a0db92&chksm=c1443724f633be320e1f457d145081f6d0c7281486fff91ac016d0f2df8e0f983e02a2cfafdb&scene=58&subscene=0#rd)
-- 网络空间安全科学学报
-  - [学术前沿 | 基于尺寸变换的图像级特征增强隐写分析方法](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504586&idx=1&sn=667f8402bebdb572ddabe5ecd419bfca&chksm=e9bfc674dec84f6234750fd856ba4bfd720b2739fd6d525d5cf469d492beaac34d64762021e2&scene=58&subscene=0#rd)
-- PortSwigger Blog
-  - [Make Burp Suite your own: high-powered extensibility to customize and enhance your testing. 🛠️](https://portswigger.net/blog/make-burp-suite-your-own-high-powered-extensibility-to-customize-and-enhance-your-testing)
-- 极客公园
-  - [26.3 万，特斯拉焕新 Model Y 突然上市，雷军「发贺电」](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071793&idx=1&sn=3f07ac1e0a74b594446d172b6befabfa&chksm=7e57d40749205d111364fb0ebdb1493de6a3d45c0dcad2921ffbc85a307b04963edeab946d87&scene=58&subscene=0#rd)
-  - [2025 年 CES，为什么变成了世界最大「眼镜城」？](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071781&idx=1&sn=dca04f483bca99394f6c3d127dcfc9ac&chksm=7e57d41349205d05c6dcd85def9e879d572cf93f982b13b01c05aa53447eab4c6350e6b57877&scene=58&subscene=0#rd)
-  - [B 站成春晚「独家弹幕视频平台」；西藏地震「小孩被埋」AI 生成图将被追责；加州大火危及好莱坞等景点 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071702&idx=1&sn=7edc49de07482379ea1a9dbd199dc069&chksm=7e57d4e049205df61a63b790d9e5e6242217bc39d86a43681249ef2057e91f76a9ed5ff3e317&scene=58&subscene=0#rd)
-- 安全研究GoSSIP
-  - [G.O.S.S.I.P 阅读推荐 2025-01-10 北约中出了叛徒](https://mp.weixin.qq.com/s?__biz=Mzg5ODUxMzg0Ng==&mid=2247499599&idx=1&sn=aaff9bb2d932f3d15da87fd721e4b5ee&chksm=c063d196f714588069633ee369d1c821a9ce001298b2e69b28a3157796203208d8b50ce1d9da&scene=58&subscene=0#rd)
-- 黑海洋 - IT技术知识库
-  - [windows日志分析工具](https://blog.upx8.com/4650)
-- M01N Team
-  - [每周蓝军技术推送（2025.1.4-1.10）](https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247493958&idx=1&sn=fc9a1bbf6caf95a8b7e36393cad78eda&chksm=c1842957f6f3a0415494df511f9508dc96bd52859b394da2d476577ba2244cf005425fb0422e&scene=58&subscene=0#rd)
-- 威胁猎人Threat Hunter
-  - [【黑产大数据】恶意贷款中介揭秘](https://mp.weixin.qq.com/s?__biz=MzI3NDY3NDUxNg==&mid=2247498437&idx=1&sn=5c259f2e9ba6de730bc41e763ee2d2dd&chksm=eb12dcfedc6555e8683ea4e9d3ef00a820ab4767b92370d3181b0f11552e01f1c8081d185d44&scene=58&subscene=0#rd)
-- 中国信息安全
-  - [通知 | 国家网信办就《网络信息内容多渠道分发服务机构相关业务活动管理规定（草案稿）》公开征求意见（附全文）](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=1&sn=af17f45f731d0c43256ce450f1d66690&chksm=8b59ff84bc2e7692f51814ffc268d5308bbd8679786942b61f1698a65e23c06a719f2e4f91b3&scene=58&subscene=0#rd)
-  - [专家解读 | 张金平：个人信息保护认证的中国创新方案](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=2&sn=a02c27826be18902ca053d25a2e5522b&chksm=8b59ff84bc2e769235dba763756fd24e2891c73c13e32d630a4cbbbec0b85918576265190726&scene=58&subscene=0#rd)
-  - [解读 | 《网络数据安全管理条例》有哪些亮点？](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=3&sn=bad4d027f0d756a436be1f46a3d63af6&chksm=8b59ff84bc2e769270a72ca471da37713cc209a6abcfa9d95c9a38987d76559afb93501fca7c&scene=58&subscene=0#rd)
-  - [公安部：公安机关2024年办理网暴案件8600余起](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=4&sn=bb86fc6ef4b9ac1b523049d343d2cf93&chksm=8b59ff84bc2e7692c756205917a14db9a101220f4c93944f14dcad1669a1d5a7e6c182dee584&scene=58&subscene=0#rd)
-  - [发布 | 中国信通院发布《城市全域数字化转型行业洞察报告（2024年）》（附下载）](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=5&sn=9e22dc9b697d9182120297617fff2713&chksm=8b59ff84bc2e7692e221e04bb2de5a7f021ac72afcac3f11536f59e4c14f1404a0c9804cb06d&scene=58&subscene=0#rd)
-  - [评论 | 用AI生成“地震被埋图”存在诸多不妥](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=6&sn=f4dfe25b2035fdf63eed7cc30883651d&chksm=8b59ff84bc2e7692345e58297f5dcd2ed4d71c9834c440ac19ecfdf7fe8be2bacd7d3a3d0c93&scene=58&subscene=0#rd)
-  - [关注 | 勇闯“春运”，要注意这些问题！](https://mp.weixin.qq.com/s?__biz=MzA5MzE5MDAzOA==&mid=2664234365&idx=7&sn=26075d2a4c3c7515c08c1b7d9fd68c01&chksm=8b59ff84bc2e76929ea213b189e5dd0cc52a2f9e91a3ed315e497e449d3d1e69c05f3cf29062&scene=58&subscene=0#rd)
-- 安全分析与研究
-  - [海莲花APT钓鱼样本分析-下](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489899&idx=1&sn=e632c0c221f0dfd7da57d0f9e6395910&chksm=902fb643a7583f5581237165cb513c8ae2848334de49c6fe3a037dc46f7b707baa995d7b6703&scene=58&subscene=0#rd)
+  - [我国牵头的国际标准发布，联合国航空数据库遭入侵 | 一周特辑](https://mp.weixin.qq.com/s?__biz=MzAwNTgyODU3NQ==&mid=2651130318&idx=1&sn=322960576db32a5d4485b1c0dc16d542&chksm=80e7137eb7909a680deaa85714119cb89492b504024287b112b4cab04f1b3fdc24bbab99c3e0&scene=58&subscene=0#rd)
 - dotNet安全矩阵
-  - [接二连三，通过 .NET AppDomain 注入后门实现权限维持](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498124&idx=1&sn=34076b04cb96fa929b7d8a8cbae565cc&chksm=fa595761cd2ede7736fb0ecec4ef46c342c1320893e64801929a44e06a7d4c2b387f41f899a1&scene=58&subscene=0#rd)
-  - [.NET 安全基础入门学习知识库](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498124&idx=2&sn=4ea7c449c3918b19d0dbc98deac36034&chksm=fa595761cd2ede772a770f375217321f3d306206ea48e79b69d580bfd14adece2f9ca4fa0032&scene=58&subscene=0#rd)
-  - [来来来，喝酒不够持久的都不配叫APT玩家！](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498124&idx=3&sn=764005c46751c846ff68b2d7b52522b1&chksm=fa595761cd2ede779c023189b1b634746fe96cf81f90b0705cd4910d47db55c81a8d4f8e0183&scene=58&subscene=0#rd)
-- 安全客
-  - [首次！欧盟委员会因违反数据隐私法规被追责，向个人支付赔偿金](https://mp.weixin.qq.com/s?__biz=MzA5ODA0NDE2MA==&mid=2649787718&idx=1&sn=595ef4ff6fd363b4a5ef609a5edbb03c&chksm=8893bd29bfe4343f1dc30aec83f8a2a219d20f2068a6c361ed62f6122690c1864311788597e5&scene=58&subscene=0#rd)
-- 情报分析师
-  - [​致人民警察的一封信](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=1&sn=2049a81dea035595445267831bbf8eba&chksm=87117fdcb066f6ca90663192d96ff49aed9c05534fe81b7648f73162d5573546a71af8d1bf83&scene=58&subscene=0#rd)
-  - [深挖缅甸妙瓦底 KK 园区：电信诈骗的阴暗角落与跨国打击的艰难之路](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=2&sn=425102a0a5e829f41bce07b26f791afb&chksm=87117fdcb066f6ca21d4a5bc70df0464f5c0045f99e6be6137f53a7c7185427bf4511495f63e&scene=58&subscene=0#rd)
-  - [2025年日本国防战略调整分析](https://mp.weixin.qq.com/s?__biz=MzA3Mjc1MTkwOA==&mid=2650558871&idx=3&sn=5dc7c0bf081673ac6520dbd2dd7aec61&chksm=87117fdcb066f6cae78b04d12794725fee009f42e9b6f3afe33590cd3d1fe9a7b6ae8e9c49f1&scene=58&subscene=0#rd)
-- 复旦白泽战队
-  - [复旦白泽天梯多轮对话专项天梯结果出炉](https://mp.weixin.qq.com/s?__biz=MzU4NzUxOTI0OQ==&mid=2247492826&idx=1&sn=488d035b0ded0b568d5556b3f1b6b236&chksm=fde860a4ca9fe9b2256b7824f2c6a0194a6196776cfb30fc1a38a18a9c49960ca335769238d8&scene=58&subscene=0#rd)
-- 嘶吼专业版
-  - [【急聘】京东集团信息安全部招人啦~~](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580725&idx=1&sn=b63dd1e7fcbf3c546ef2120ab62800cc&chksm=e9146c0fde63e519ca57b762b500b310a8d68a3c49aed5115723adb48468e79935456c477c21&scene=58&subscene=0#rd)
-  - [国家网络安全通报中心：重点防范境外恶意网址和恶意IP](https://mp.weixin.qq.com/s?__biz=MzI0MDY1MDU4MQ==&mid=2247580725&idx=2&sn=63fd746c589e9cd1b6647a823ca163d3&chksm=e9146c0fde63e519285ec50431f0b8a8d25de8216245362a6d0c32046f930271a801895c78e0&scene=58&subscene=0#rd)
-- NOVASEC
-  - [Hawkeye 一款Windows综合应急响应工具](https://mp.weixin.qq.com/s?__biz=MzUzODU3ODA0MA==&mid=2247490417&idx=1&sn=fe9dad38c72edfe0050a8f09afa05153&chksm=fad4c666cda34f704ce062d76decee29ad7ca69d6ac2c2a7d4c25273beae358cc3303fec21de&scene=58&subscene=0#rd)
-- 360数字安全
-  - [致敬警察节|警企携手，筑牢安全防护网！](https://mp.weixin.qq.com/s?__biz=MzA4MTg0MDQ4Nw==&mid=2247578636&idx=1&sn=13cefe2c13751df91b8d32c27800f0d1&chksm=9f8d2404a8faad12c120e53ebaadc85d8d03fcad4cfc00507ef69d50593b088ba16adc9e449d&scene=58&subscene=0#rd)
-- bellingcat
-  - [Seeing More With Satellite Imagery Using Band Combinations, Ratios and Indices](https://www.bellingcat.com/resources/2025/01/10/satellite-imagery-bands-guide/)
-- 吴鲁加
-  - [来组队运动打卡](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485130&idx=1&sn=9ac53212495be2d6d3ae106527dc1009&chksm=c01a8bfbf76d02edf3bf046517683cdf658dd75a6a766df06f5e25848753313bd5f19050a436&scene=58&subscene=0#rd)
-- 火绒安全
-  - [诚邀渠道合作伙伴共启新征程](https://mp.weixin.qq.com/s?__biz=MzI3NjYzMDM1Mg==&mid=2247521496&idx=2&sn=bdaa413a8417b3ecd5583b9fe9fc3b65&chksm=eb704ae7dc07c3f1b01fc69498a1ea604c8c4bdf26b76844d6e141500693739c5cb578317b77&scene=58&subscene=0#rd)
-- ICT Security Magazine
-  - [Perché le aziende dovrebbero prepararsi agli attacchi informatici durante le festività](https://www.ictsecuritymagazine.com/notizie/attacchi-informatici-semperis/)
-  - [La Remediation nella Sicurezza Informatica: sfide e prospettive](https://www.ictsecuritymagazine.com/articoli/remediation-sicurezza/)
-- 补天平台
-  - [2024补天平台【专属SRC】年度榜单发布！](https://mp.weixin.qq.com/s?__biz=MzI2NzY5MDI3NQ==&mid=2247507272&idx=1&sn=4dda0db202724e951d5e867b98fbb1be&chksm=eaf99504dd8e1c125b693c288f80a10c9a88fd21edea65a6ab9f6a61d5e21822f182145141ed&scene=58&subscene=0#rd)
-- IT Service Management News
-  - [Sull'incidente InfoCert](http://blog.cesaregallotti.it/2025/01/sullincidente-infocert.html)
+  - [.NET 第54期红队武器库和资源汇总](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=1&sn=e082b4077e255091892be37fff847a78&chksm=fa595745cd2ede53bf9b66ae351f313cf7bf5dd1650cf01cd2dab30f1a615a0813a8427e859a&scene=58&subscene=0#rd)
+  - [国内最专业、最全面的 [ .NET 代码审计 ] 体系化学习交流社区](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=2&sn=68b7c98d93dba9cd5cb2feb37795f5c0&chksm=fa595745cd2ede5310d59456ace4b1b2d00ad3e60a2946ee0a394adc50759ab9b978584b956a&scene=58&subscene=0#rd)
+  - [无独有偶，通过.NET反序列化漏洞实现 Visual Studio 钓鱼攻击](https://mp.weixin.qq.com/s?__biz=MzUyOTc3NTQ5MA==&mid=2247498152&idx=3&sn=a45de16edbca5168f73ea7ed4ffeca36&chksm=fa595745cd2ede53cd0f763edff055aeced78d85bdeea1f2be5fd2d80d72a65ed86e0df928f3&scene=58&subscene=0#rd)
+- 丁爸 情报分析师的工具箱
+  - [【资料】创建开源情报机构的理由](https://mp.weixin.qq.com/s?__biz=MzI2MTE0NTE3Mw==&mid=2651148500&idx=1&sn=6cb5b45ccad95f39148ef2240c25d8f8&chksm=f1af27eec6d8aef85b73213a31ddbb5ff35a3ab0c56351b3885e6105b67a593a975858b141d8&scene=58&subscene=0#rd)
+- 安全分析与研究
+  - [新型Hellcat勒索病毒分析](https://mp.weixin.qq.com/s?__biz=MzA4ODEyODA3MQ==&mid=2247489905&idx=1&sn=d221af8624b76e73a62cffd81d4afb24&chksm=902fb659a7583f4f105f2bc9bb1490bdf8d2781611e9f73c12246ee56ca3b7525b5263d975bd&scene=58&subscene=0#rd)
+- 极客公园
+  - [特朗普上任前，Meta、微软等取消多元化项目；新 Model Y 上市，雷军隔空玩梗；京东 App 大改版 | 极客早知道](https://mp.weixin.qq.com/s?__biz=MTMwNDMwODQ0MQ==&mid=2653071834&idx=1&sn=9726e5881ed20e810b87b68ef06af200&chksm=7e57d46c49205d7a678f880e93b38ad8df5661f949d2dd27442559ef9f751a6af0d9bc2b6514&scene=58&subscene=0#rd)
+- 网络空间安全科学学报
+  - [学术前沿 | 鹏城实验室威胁情报团队：网络威胁情报共享与融合技术综述](https://mp.weixin.qq.com/s?__biz=MzI0NjU2NDMwNQ==&mid=2247504587&idx=1&sn=4eaf1ab6a4b15883ae9a77be4357a271&chksm=e9bfc675dec84f63b347462da5f7bce1abed74f36bf037a16432d25f075367ff3d1fd224cdf6&scene=58&subscene=0#rd)
 - 安全圈
-  - [【安全圈】日本炒作“中国疑似参与黑客攻击”，外交部：日方判断既不专业也不负责任](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=1&sn=a41ccbc8f9fc9de8ed0dfe5c7a296033&chksm=f36e79f7c419f0e1b35e1a159d0ecdc609b196301a8249fba8092baf5dfe98047bd31c2f61e2&scene=58&subscene=0#rd)
-  - [【安全圈】数百万电子邮件服务器因缺少 TLS 加密而暴露](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=2&sn=c42d9289f9097a99b0e9de5638c25da5&chksm=f36e79f7c419f0e10c2b64215d46af042d6d4538f0c26663174d24372c62af1b974a8b8a08ef&scene=58&subscene=0#rd)
-  - [【安全圈】超4000个Web后门通过注册过期域名被劫持](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067255&idx=3&sn=12454a2419a60abfe0219df1db8fc9ff&chksm=f36e79f7c419f0e1ce0df613111e8c48cf52ca20de42869051bf60a997f620888b67420c0ca5&scene=58&subscene=0#rd)
-- Over Security - Cybersecurity news aggregator
-  - [Marijuana dispensary STIIIZY warns of leaked IDs after November data breach](https://therecord.media/marijuana-dispensary-warns-of-data-breach)
-  - [NSO ruling is a victory for WhatsApp, but could have a small impact on spyware industry](https://therecord.media/nso-whatsapp-ruling-may-have-limited-impact-on-spyware-ecosystem)
-  - [New York sues to recover $2 million in crypto stolen in remote job scams](https://therecord.media/new-york-sues-recover-millions)
-  - [Telefónica confirms internal ticketing system breach after data leak](https://www.bleepingcomputer.com/news/security/telefonica-confirms-internal-ticketing-system-breach-after-data-leak/)
-  - [New Web3 attack exploits transaction simulations to steal crypto](https://www.bleepingcomputer.com/news/security/new-web3-attack-exploits-transaction-simulations-to-steal-crypto/)
-  - [Russian nationals arrested by US, accused of running crypto mixers Blender and Sinbad](https://therecord.media/russian-nationals-indicted-blender-sinbad-crypto-mixers)
-  - [US charges operators of cryptomixers linked to ransomware gangs](https://www.bleepingcomputer.com/news/security/us-charges-operators-of-cryptomixers-linked-to-ransomware-gangs/)
-  - [Flashpoint Intelligence: Delivering Actionable Data for a Safer World](https://flashpoint.io/blog/flashpoint-intelligence-delivering-actionable-data/)
-  - [Slovakia’s land registry hit by biggest cyberattack in country’s history, minister says](https://therecord.media/slovakia-registry-cyberattack-land-agriculture)
-  - [US government charges operators of crypto mixing service used by North Korea and ransomware gangs](https://techcrunch.com/2025/01/10/us-government-charges-operators-of-crypto-mixing-service-used-by-north-korea-and-ransomware-gangs/)
-  - [Treasury hackers also breached US foreign investments review office](https://www.bleepingcomputer.com/news/security/treasury-hackers-also-breached-us-foreign-investments-review-office/)
-  - [Docker Desktop blocked on Macs due to false malware alert](https://www.bleepingcomputer.com/news/security/docker-desktop-blocked-on-macs-due-to-false-malware-alert/)
-  - [Proton worldwide outage caused by Kubernetes migration, software change](https://www.bleepingcomputer.com/news/technology/proton-worldwide-outage-caused-by-kubernetes-migration-software-change/)
-  - [New amateurish ransomware group FunkSec using AI to develop malware](https://therecord.media/funksec-ransomware-using-ai-malware)
-  - [STIIIZY data breach exposes cannabis buyers’ IDs and purchases](https://www.bleepingcomputer.com/news/security/stiiizy-data-breach-exposes-cannabis-buyers-ids-and-purchases/)
-  - [Sintesi riepilogativa delle campagne malevole nella settimana del 4 – 10 gennaio](https://cert-agid.gov.it/news/sintesi-riepilogativa-delle-campagne-malevole-nella-settimana-del-4-10-gennaio/)
-  - [Microsoft to force install new Outlook on Windows 10 PCs in February](https://www.bleepingcomputer.com/news/microsoft/microsoft-to-force-install-new-outlook-on-windows-10-pcs-in-february/)
-  - [BlinkenCity: From Art Project to Europe-wide Blackout Scenario](https://positive.security/blog/blinkencity-38c3)
-  - [Bots identified pushing anti-NATO messages in Croatian presidential runoff](https://therecord.media/bots-pushing-anti-nato-messages-croatian-election)
-  - [U.S. Telecom, Zero-Day Attacks Show Need for Cybersecurity Hygiene](https://cyble.com/blog/us-telecom-zero-day-attacks-show-need-for-cybersecurity-hygiene/)
-  - [WorstFit: Unveiling Hidden Transformers in Windows ANSI!](https://blog.orange.tw/posts/2025-01-worstfit-unveiling-hidden-transformers-in-windows-ansi/)
-  - [Critical ICS Vulnerabilities Uncovered in Weekly Vulnerability Report](https://cyble.com/blog/new-ics-vulnerabilities-report/)
-- FuzzWiki
-  - [HirGen：针对深度学习编译器的模糊测试技术](https://mp.weixin.qq.com/s?__biz=MzU1NTEzODc3MQ==&mid=2247486850&idx=1&sn=dced461f84a7bc0c0fce0bc7d690ea72&chksm=fbd9a63eccae2f28d233d59f36d0bbff14a8c6daae02b28bae378464ea8a92da71dc90e8cde1&scene=58&subscene=0#rd)
+  - [【安全圈】江苏一男子利用小程序Bug逃匿28万加油费，法院判了](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=1&sn=5bef640b5980a10e736f5e8b28bb6773&chksm=f36e798ac419f09cdbd5129a3bf75829108cf7f7a7de0b1d6ac854dbbb635e3a6b7d50a7bd0d&scene=58&subscene=0#rd)
+  - [【安全圈】涉案3.3亿！有人非法搭建支付平台获利超200万](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=2&sn=792e4a8d18c9865be6e1131bf29116e9&chksm=f36e798ac419f09c4674ed1ba0a3d10573e7a3ba50adc72984e3afc698d37c2172cb8076dc0b&scene=58&subscene=0#rd)
+  - [【安全圈】Ivanti VPN 零日漏洞正在被黑客利用](https://mp.weixin.qq.com/s?__biz=MzIzMzE4NDU1OQ==&mid=2652067274&idx=3&sn=8eb5cc6c0a00bef351ca6ec387133310&chksm=f36e798ac419f09cca9472d89e0009706062cc803d7b61065e39083441ba8c9e646c932b6efe&scene=58&subscene=0#rd)
 - 迪哥讲事
-  - [记某次测试翻阅海量js语句黑盒出sql注入](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496807&idx=1&sn=44a86c5974f7824fcfd2d43bc5bd70b3&chksm=e8a5fe04dfd277126cdac3b07133c0a9ac6eaa4ef20c878e69b9c97e40377d22ed09e081aacd&scene=58&subscene=0#rd)
-- SANS Internet Storm Center, InfoCON: green
-  - [ISC Stormcast For Friday, January 10th, 2025 https://isc.sans.edu/podcastdetail/9274, (Fri, Jan 10th)](https://isc.sans.edu/diary/rss/31576)
-  - [Windows Defender Chrome Extension Detection, (Fri, Jan 10th)](https://isc.sans.edu/diary/rss/31574)
-- Tide安全团队
-  - [Pwn入门之格式化字符串漏洞](https://mp.weixin.qq.com/s?__biz=Mzg2NTA4OTI5NA==&mid=2247519568&idx=1&sn=a136e2cd3ab3db52ce3b8f15811f0411&chksm=ce5daf31f92a2627e42e6f140583642241a9cce471e1727c960141e4bda457f55374ea16de47&scene=58&subscene=0#rd)
-- Security Affairs
-  - [Banshee macOS stealer supports new evasion mechanisms](https://securityaffairs.com/172918/malware/new-version-of-the-banshee-macos-stealer.html)
-  - [Researchers disclosed details of a now-patched Samsung zero-click flaw](https://securityaffairs.com/172909/hacking/samsung-zero-click-flaw.html)
-  - [Phishers abuse CrowdStrike brand targeting job seekers with cryptominer](https://securityaffairs.com/172900/cyber-crime/crowdstrike-phishing-campaign-recruitment-branding.html)
-  - [China-linked APT group MirrorFace targets Japan](https://securityaffairs.com/172890/apt/china-linked-apt-mirrorface-targets-japan.html)
-- Computer Forensics
-  - [CREST Certs (CPIA|CRIA)](https://www.reddit.com/r/computerforensics/comments/1hyahq4/crest_certs_cpiacria/)
-  - [Mac OS - need application logs](https://www.reddit.com/r/computerforensics/comments/1hxtfyh/mac_os_need_application_logs/)
-  - [Macbook M4/M4 Pro Collections](https://www.reddit.com/r/computerforensics/comments/1hxtktu/macbook_m4m4_pro_collections/)
+  - [从 SQL 注入到远程代码执行](https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496813&idx=1&sn=eab6d19d242d637c1797d76ec3ae43fa&chksm=e8a5fe0edfd277188a3ce54336fe9ddf992716daadef1e899d9d6e4de34f5c25335a2222782c&scene=58&subscene=0#rd)
+- GobySec
+  - [锦鲤揭秘时刻！快来看看锦鲤礼包花落谁家吧~](https://mp.weixin.qq.com/s?__biz=MzI4MzcwNTAzOQ==&mid=2247545717&idx=1&sn=309283dd2ed10d791e052cf798b5e174&chksm=eb84d8d5dcf351c3ade60c164cef5dcf834d3e5db4c15add66752b789281fb770f82226b0664&scene=58&subscene=0#rd)
+- Over Security - Cybersecurity news aggregator
+  - [Scammers file first — Get your IRS Identity Protection PIN now](https://www.bleepingcomputer.com/news/security/scammers-file-first-get-your-irs-identity-protection-pin-now/)
+  - [Fake LDAPNightmware exploit on GitHub spreads infostealer malware](https://www.bleepingcomputer.com/news/security/fake-ldapnightmware-exploit-on-github-spreads-infostealer-malware/)
+- 山石网科安全技术研究院
+  - [2024年度重大数据泄露事件盘点-国外版](https://mp.weixin.qq.com/s?__biz=MzUzMDUxNTE1Mw==&mid=2247509629&idx=1&sn=29247d0381639fa3501942c67c219470&chksm=fa5273c3cd25fad5d99967bf051e1337733f3c3082433d432cf1da5a2100a7b651661c585277&scene=58&subscene=0#rd)
+- 吴鲁加
+  - [我工作里使用的软件和工作流](https://mp.weixin.qq.com/s?__biz=Mzg5NDY4ODM1MA==&mid=2247485135&idx=1&sn=0510f35c72516e30adcd494474dd6df1&chksm=c01a8bfef76d02e8f7fb3e9696d8b0cee09ab8dee030fe992b916e71468791be793abbc80527&scene=58&subscene=0#rd)
+- ICT Security Magazine
+  - [Living-off-the-Land Binaries (LOLBins) negli attacchi fileless: Analisi Tecnica e Implicazioni per la Sicurezza](https://www.ictsecuritymagazine.com/articoli/living-off-the-land-binaries-lolbins/)
+- Deep Web
+  - [Would you like this reward?](https://www.reddit.com/r/deepweb/comments/1hz9bjv/would_you_like_this_reward/)
 - Information Security
-  - [Organized my cybersecurity bookmarks into a GitHub repo (300+ sources)](https://www.reddit.com/r/Information_Security/comments/1hy0exs/organized_my_cybersecurity_bookmarks_into_a/)
-  - [RBI PA-PG (Payment Aggregators & Payment Gateways) Audit](https://www.reddit.com/r/Information_Security/comments/1hxz9tj/rbi_papg_payment_aggregators_payment_gateways/)
+  - [Open Source Shadow IT Detection](https://www.reddit.com/r/Information_Security/comments/1hyoren/open_source_shadow_it_detection/)
+- Computer Forensics
+  - [How do you read a $MFT? (First Computer Forensics class)](https://www.reddit.com/r/computerforensics/comments/1hyvbdc/how_do_you_read_a_mft_first_computer_forensics/)
 - Your Open Hacker Community
-  - [A question](https://www.reddit.com/r/HowToHack/comments/1hyauea/a_question/)
-  - [Help](https://www.reddit.com/r/HowToHack/comments/1hyhuu9/help/)
-  - [Question about windows](https://www.reddit.com/r/HowToHack/comments/1hye2lu/question_about_windows/)
-  - [Could anyone help me in understanding this "Not Operational or Intended Public Access" vulnerability ?](https://www.reddit.com/r/HowToHack/comments/1hy7xk7/could_anyone_help_me_in_understanding_this_not/)
-  - [Is this Vulnerable ?](https://www.reddit.com/r/HowToHack/comments/1hyi8hk/is_this_vulnerable/)
-  - [How to hack a new ai website?](https://www.reddit.com/r/HowToHack/comments/1hyhm2r/how_to_hack_a_new_ai_website/)
-  - [Any idea how to gg cpm2 ?](https://www.reddit.com/r/HowToHack/comments/1hy96jp/any_idea_how_to_gg_cpm2/)
-  - [how to loop a cctv camera](https://www.reddit.com/r/HowToHack/comments/1hy7y62/how_to_loop_a_cctv_camera/)
-  - [Wardriving Question](https://www.reddit.com/r/HowToHack/comments/1hy5hha/wardriving_question/)
-  - [Taking down Defender experiment](https://www.reddit.com/r/HowToHack/comments/1hxtxzr/taking_down_defender_experiment/)
-- Schneier on Security
-  - [Friday Squid Blogging: Cotton-and-Squid-Bone Sponge](https://www.schneier.com/blog/archives/2025/01/friday-squid-blogging-cotton-and-squid-bone-sponge.html)
-  - [Apps That Are Spying on Your Location](https://www.schneier.com/blog/archives/2025/01/apps-that-are-spying-on-your-location.html)
-- 安全419
-  - [【观演指南】| 明晚 | 摇滚黑客2025演唱会北京现场见！](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=1&sn=0b14341dacc638097b304b34c2fce4b7&chksm=f9ebe83ace9c612ca4bedf40cd1a69fd40513b21d20cb4e73812294b7534c71420f3211ccbda&scene=58&subscene=0#rd)
-  - [听摇滚黑客2025演唱会 享滴滴打车五折优惠](https://mp.weixin.qq.com/s?__biz=MzUyMDQ4OTkyMg==&mid=2247546519&idx=2&sn=9c53a50b2d2fd5f2dd014e5726399bac&chksm=f9ebe83ace9c612c3d89c04885de278be3a60f45746a387b90ef49a61b6c52b882ccab8a1a96&scene=58&subscene=0#rd)
-- The Hacker News
-  - [Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices](https://thehackernews.com/2025/01/google-project-zero-researcher-uncovers.html)
-  - [Taking the Pain Out of Cybersecurity Reporting: A Practical Guide for MSPs](https://thehackernews.com/2025/01/taking-pain-out-of-cybersecurity.html)
-  - [AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics](https://thehackernews.com/2025/01/ai-driven-ransomware-funksec-targets-85.html)
-  - [Hands-On Walkthrough: Microsegmentation For all Users, Workloads and Devices by Elisity](https://thehackernews.com/2025/01/hands-on-walkthrough-microsegmentation.html)
-  - [RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns](https://thehackernews.com/2025/01/reddelta-deploys-plugx-malware-to.html)
-  - [CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer](https://thehackernews.com/2025/01/crowdstrike-warns-of-phishing-scam.html)
-- Deep Web
-  - [How safe is posting on forums on the darkweb?](https://www.reddit.com/r/deepweb/comments/1hy0bdu/how_safe_is_posting_on_forums_on_the_darkweb/)
-  - [Dark web purchase](https://www.reddit.com/r/deepweb/comments/1hy1wwb/dark_web_purchase/)
-- Hacking Exposed Computer Forensics Blog
-  - [Daily Blog #714: Forensic Lunch 1/10/25 with Ryatt Roesrma talking about fine tuning AI models](https://www.hecfblog.com/2025/01/daily-blog-714-forensic-lunch-11025.html)
-- Blackhat Library: Hacking techniques and research
-  - [Just question](https://www.reddit.com/r/blackhat/comments/1hyesag/just_question/)
-- Graham Cluley
-  - [Canadian man loses a cryptocurrency fortune to scammers – here’s how you can stop it happening to you](https://www.bitdefender.com/en-us/blog/hotforsecurity/canadian-man-loses-a-cryptocurrency-fortune-to-scammers-heres-how-you-can-stop-it-happening-to-you)
+  - [Getting infinite lives in Prehistorik on Windows 11](https://www.reddit.com/r/HowToHack/comments/1hz6pee/getting_infinite_lives_in_prehistorik_on_windows/)
+  - [How to convert a password protected zip file into a RAR file?](https://www.reddit.com/r/HowToHack/comments/1hz3bgu/how_to_convert_a_password_protected_zip_file_into/)
+  - [recovering google account](https://www.reddit.com/r/HowToHack/comments/1hyx8qq/recovering_google_account/)
+  - [Has anyone tried hijacking school Apple TVs for a prank?](https://www.reddit.com/r/HowToHack/comments/1hz3nxz/has_anyone_tried_hijacking_school_apple_tvs_for_a/)
+  - [Help](https://www.reddit.com/r/HowToHack/comments/1hyzqf5/help/)
+  - [Can anyone help me with a teleg private group(pls dm me)](https://www.reddit.com/r/HowToHack/comments/1hyzpji/can_anyone_help_me_with_a_teleg_private_grouppls/)
+  - [I need to find someone's IP address or something](https://www.reddit.com/r/HowToHack/comments/1hyzxt3/i_need_to_find_someones_ip_address_or_something/)
+- OnionSec
+  - [短文：对现实里网络安全领域的新认识](https://mp.weixin.qq.com/s?__biz=MzUyMTUwMzI3Ng==&mid=2247485562&idx=1&sn=8b6790ca85055bf567130a044261ebda&chksm=f9db5f39ceacd62f1d9d93c36893e92be17a408acced658927b37d165077e523234bfe823d95&scene=58&subscene=0#rd)
+- 银针安全
+  - [高版本Fastjson在Java原生反序列化中的利用](https://mp.weixin.qq.com/s?__biz=Mzg2MDY2ODc5MA==&mid=2247484185&idx=1&sn=9068c43597d87c94568fe70974fd6365&chksm=ce239500f9541c160287b545120d6495c7a2aa9c5c75e0ad101c7a3d3600e86ea6b64ef75f63&scene=58&subscene=0#rd)
+- 希潭实验室
+  - [第112篇：美国APT震网病毒入侵伊朗核工厂后续与启示（第4篇）](https://mp.weixin.qq.com/s?__biz=MzkzMjI1NjI3Ng==&mid=2247487306&idx=1&sn=00dc7cf337a613d22207cecd7674ec88&chksm=c25fc031f5284927d968a7121718ccfa82db72798405bf0100bd1d248c3cb88d1360e288e491&scene=58&subscene=0#rd)
 - Technical Information Security Content & Discussion
-  - [ACE up the sleeve: Hacking into Apple's new USB-C Controller](https://www.reddit.com/r/netsec/comments/1hy9t8i/ace_up_the_sleeve_hacking_into_apples_new_usbc/)
-  - [How to jailbreak most/all LLMs using Assistant Prefill](https://www.reddit.com/r/netsec/comments/1hy6snm/how_to_jailbreak_mostall_llms_using_assistant/)
-  - [Exploiting SSTI in a Modern Spring Boot Application (3.3.4)](https://www.reddit.com/r/netsec/comments/1hy06vj/exploiting_ssti_in_a_modern_spring_boot/)
-  - [Do Secure-By-Design Pledges Come With Stickers? - Ivanti Connect Secure RCE (CVE-2025-0282) - watchTowr Labs](https://www.reddit.com/r/netsec/comments/1hxt46x/do_securebydesign_pledges_come_with_stickers/)
-- netsecstudents: Subreddit for students studying Network Security and its related subjects
-  - [Passed Cisco 100-140 (CCST IT Support) Exam! Here's How I Prepared](https://www.reddit.com/r/netsecstudents/comments/1hy26je/passed_cisco_100140_ccst_it_support_exam_heres/)
-  - [What is the best practice to securely host an application in Linux?](https://www.reddit.com/r/netsecstudents/comments/1hxzw9c/what_is_the_best_practice_to_securely_host_an/)
-  - [What project should be added in resume as a cyber security beginner?](https://www.reddit.com/r/netsecstudents/comments/1hxvis0/what_project_should_be_added_in_resume_as_a_cyber/)
-  - [Guidance Needed for Safe Demonstration of GIF Malware Detection](https://www.reddit.com/r/netsecstudents/comments/1hxyr5d/guidance_needed_for_safe_demonstration_of_gif/)
-  - [Graduating soon at 19, Sec+ done - what’s the next cert or skill to pursue?](https://www.reddit.com/r/netsecstudents/comments/1hxra7i/graduating_soon_at_19_sec_done_whats_the_next/)
-- Security Weekly Podcast Network (Audio)
-  - [Robot Dogs, Ivanti, SonicWall, Banshee, Telegram, Motorola, Aaran Leyland, and more. - SWN #441](http://sites.libsyn.com/18678/robot-dogs-ivanti-sonicwall-banshee-telegram-motorola-aaran-leyland-and-more-swn-441)
+  - [$2m laundered: the YouTube crypto tutorials’ huge scam (investigation)](https://www.reddit.com/r/netsec/comments/1hz54x4/2m_laundered_the_youtube_crypto_tutorials_huge/)
+  - [Gayfemboy: A Botnet Deliver Through a Four-Faith Industrial Router 0-day Exploit.](https://www.reddit.com/r/netsec/comments/1hyjjpb/gayfemboy_a_botnet_deliver_through_a_fourfaith/)
+- Blackhat Library: Hacking techniques and research
+  - [Telefonica Breach: Infostealer Malware Opens Door for Social Engineering Tactics](https://www.reddit.com/r/blackhat/comments/1hysvc3/telefonica_breach_infostealer_malware_opens_door/)
+- The Hacker News
+  - [Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation](https://thehackernews.com/2025/01/microsoft-sues-hacking-group-exploiting.html)
+  - [DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering](https://thehackernews.com/2025/01/doj-indicts-three-russians-for.html)
+- Security Affairs
+  - [DoJ charged three Russian citizens with operating crypto-mixing services](https://securityaffairs.com/172957/cyber-crime/doj-charged-russian-citizens-with-operating-crypto-mixing-services.html)
+  - [U.S. cannabis dispensary STIIIZY disclosed a data breach](https://securityaffairs.com/172950/data-breach/marijuana-dispensary-stiiizy-data-breach.html)
+  - [A novel PayPal phishing campaign hijacks accounts](https://securityaffairs.com/172935/cyber-crime/paypal-phishing-campaign-hijacks-accounts.html)
+- Social Engineering
+  - [The hidden psychology of abusers](https://www.reddit.com/r/SocialEngineering/comments/1hyxk74/the_hidden_psychology_of_abusers/)