SecWiki周刊(第621期)
2026/01/19-2026/01/25
安全资讯
可能影响未成年人身心健康的网络信息分类办法
https://www.cac.gov.cn/2026-01/23/c_1770728781060093.htm
https://www.cac.gov.cn/2026-01/23/c_1770728781060093.htm
安全技术
XXE到Chrome RCE:一次完整的不出网利用实践
https://mp.weixin.qq.com/s/Hz-zG8YNml4qciVgSVQ2RA
https://mp.weixin.qq.com/s/Hz-zG8YNml4qciVgSVQ2RA
自动化漏洞挖掘:过去、现在与未来——AI 的上限在哪里?
https://atum.li/cn/blog/ai-vuln-discovery-evolution/
https://atum.li/cn/blog/ai-vuln-discovery-evolution/
Jar-analyzer + Claude Skills审计探索
https://www.yuque.com/0cat/wclcea/kfp8bklrdch0hit1#%E3%80%8AJar-analyzer%20+%20Claude%20Skills%E5%AE%A1%E8%AE%A1%E6%8E%A2%E7%B4%A2%E3%80%8B
https://www.yuque.com/0cat/wclcea/kfp8bklrdch0hit1#%E3%80%8AJar-analyzer%20+%20Claude%20Skills%E5%AE%A1%E8%AE%A1%E6%8E%A2%E7%B4%A2%E3%80%8B
7B漏洞检测模型VulnLLM-R
https://mp.weixin.qq.com/s/PuTosiWnfW4cR-fPs4cdFA
https://mp.weixin.qq.com/s/PuTosiWnfW4cR-fPs4cdFA
OmniScan 综合漏洞扫描器
https://github.com/d3ckx1/OmniScan
https://github.com/d3ckx1/OmniScan
基于逆向工程的Starlink下行链路信号全特性分析报告
https://mp.weixin.qq.com/s/kXWGG-dqv4_kaI0uu8rgMQ
https://mp.weixin.qq.com/s/kXWGG-dqv4_kaI0uu8rgMQ
美军入侵委内瑞拉背后的网络作业能力频谱猜测与关联分析
https://mp.weixin.qq.com/s/MdFem_82szNaiG2uSBLXzw
https://mp.weixin.qq.com/s/MdFem_82szNaiG2uSBLXzw
Starlink ——低轨织网,独步苍穹,连接万物与万亿级TAM之路
https://mp.weixin.qq.com/s/ZFWQRs4RLT5oCKXD4ELlzg
https://mp.weixin.qq.com/s/ZFWQRs4RLT5oCKXD4ELlzg
大语言模型驱动的漏洞利用自动化时代来临
https://mp.weixin.qq.com/s/QtSmkvWeDD9qerLDIXnNpw
https://mp.weixin.qq.com/s/QtSmkvWeDD9qerLDIXnNpw
GitHub-CVE 监控平台
http://8.137.125.6:16001/
http://8.137.125.6:16001/
Jar Analyzer - 一个 JAR 包 GUI 分析工具
https://github.com/jar-analyzer/jar-analyzer
https://github.com/jar-analyzer/jar-analyzer
2026汽车及智能化设备网络安全威胁报告
https://www.callisto-auto.com/Report-2026-CN.pdf
https://www.callisto-auto.com/Report-2026-CN.pdf
VoidLink: Evidence That the Era of Advanced AI-Generated Malware
https://research.checkpoint.com/2026/voidlink-early-ai-generated-malware-framework/
https://research.checkpoint.com/2026/voidlink-early-ai-generated-malware-framework/
网络强国战略下实战创新型网安人才“三段三融合”培养模式的“方班”实践
https://achievement.fangban.net/detail/content_detail/6840fe18554c1a78ea56d0d7_68db9250300953297cf9f97e
https://achievement.fangban.net/detail/content_detail/6840fe18554c1a78ea56d0d7_68db9250300953297cf9f97e
Tesla LTE 安全分析
https://0x0root.com/2026/01/21/tesla_lte_analysis/
https://0x0root.com/2026/01/21/tesla_lte_analysis/
我对流量安全风险感知的思考和实践
https://mp.weixin.qq.com/s/plQpX5gBFauyc3jIWPbMSw
https://mp.weixin.qq.com/s/plQpX5gBFauyc3jIWPbMSw
API流量全链路可信防护体系演化与实践
https://mp.weixin.qq.com/s/sJVQQgtCrbVv3gvliaaJ4g
https://mp.weixin.qq.com/s/sJVQQgtCrbVv3gvliaaJ4g
第二届网络安全行业职业技能大赛-部分题解
https://mp.weixin.qq.com/s/QMqx156NRAMSYtty_kjnrQ
https://mp.weixin.qq.com/s/QMqx156NRAMSYtty_kjnrQ
国外星间组网技术发展调研报告
https://mp.weixin.qq.com/s/L2TOU28gICdOQ48gH1MPHg
https://mp.weixin.qq.com/s/L2TOU28gICdOQ48gH1MPHg
2025年全球国防网络空间情况综述(演习竞赛篇)
https://mp.weixin.qq.com/s/DSvI7NO4ZGbruS7WgFamkA
https://mp.weixin.qq.com/s/DSvI7NO4ZGbruS7WgFamkA
Annual Security Reports 年度安全报告
https://github.com/jacobdjwilson/awesome-annual-security-reports/tree/main/Annual%20Security%20Reports
https://github.com/jacobdjwilson/awesome-annual-security-reports/tree/main/Annual%20Security%20Reports
-----微信ID:SecWiki-----
SecWiki,14年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第621期)
