MasonLiu/PyBot
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

2.0大版本更新

Browse Source
This commit is contained in:
MasonLiu 2026-05-24 19:54:12 +08:00
parent 1135e05b7b
commit cf5ff10e5d
16 changed files with 957 additions and 282 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
Dev_test.py
View File

@ -89,79 +89,19 @@ def check_avaliable(info_long, info_short, title):
time.sleep(15)
def send_job_RSS(time_1):
Doonsec_switch, Doonsec = get_keywords_config('Doonsec')
uni_switch, Unity = get_keywords_config('Unity')
# Seebug数据获取分发
# seebug_main()
seebug_results = Src_seebug(time_1)
if seebug_results != False:
result_seebug_long, result_seebug_short = seebug_results
# check_avaliable(result_seebug_long, result_seebug_short, "Seebug社区资讯")
else:
logger.info("Seebug数据为空跳过执行。")
# 安全客数据获取分发
anquanke_results = Src_anquanke(time_1)
if anquanke_results != False:
result_anquanke_long, result_anquanke_short = anquanke_results
# check_avaliable(result_anquanke_long, result_anquanke_short, "安全客资讯")
else:
logger.info("安全客数据为空,跳过执行。")
# 奇安信数据获取分发
qianxin_results = Src_qianxin(time_1)
if qianxin_results != False:
result_qianxin_long, result_qianxin_short = qianxin_results
# check_avaliable(result_qianxin_long, result_qianxin_short, "奇安信攻防社区资讯")
else:
logger.info("奇安信数据为空,跳过执行。")
# FreeBuf数据获取分发
freebuf_results = Src_freebuf(time_1)
if freebuf_results != False:
result_freebuf_long, result_freebuf_short = freebuf_results
# check_avaliable(result_freebuf_long, result_freebuf_short, "FreeBuf资讯")
else:
logger.info("FreeBuf数据为空跳过执行。")
# 先知数据获取分发
xianzhi_results = Src_xianzhi(time_1)
if xianzhi_results != False:
result_xianzhi_long, result_xianzhi_short = xianzhi_results
# check_avaliable(result_xianzhi_long, result_xianzhi_short, "先知社区资讯")
else:
logger.info("先知数据为空,跳过执行。")
# 4hou数据获取分发
# M_4hou_main()
M_4hou_results = Src_4hou(time_1)
if M_4hou_results != False:
result_4hou_long, result_4hou_short = M_4hou_results
# check_avaliable(result_4hou_long, result_4hou_short, "嘶吼资讯")
else:
logger.info("嘶吼数据为空,跳过执行。")
# 洞见微信安全数据获取分发
# doonsec_main()
doonsec_results = Src_doonsec(Doonsec_switch, Doonsec)
if doonsec_results != False:
result_doonsec_long, result_doonsec_short = doonsec_results
# check_avaliable(result_doonsec_long, result_doonsec_short, "洞见微信安全资讯")
else:
logger.info("洞见微信安全数据为空,跳过执行。")
# 聚合RSS数据获取分发
# uni_spider()
rss_results = Src_uni_rss(uni_switch, Unity)
if rss_results != False:
logger.info("聚合RSS数据获取完成")
result_rss_long, result_rss_short = rss_results
check_avaliable(result_rss_long, result_rss_short, "聚合RSS资讯")
else:
logger.info("聚合RSS数据为空跳过执行。")
def send_job_SX():
Sogou_WX = get_keywords_config('Sogou-WX')
# sougou_wx_main(Sogou_WX)
@ -241,6 +181,6 @@ if __name__ == "__main__":
# time.sleep(2 * 60)
send_job_RSS(2400)
send_job_baidu()
send_job_github(2400)
send_job_SX()
# send_job_baidu()
# send_job_github(2400)
# send_job_SX()

BIN
GotoSend/__pycache__/freebuf.cpython-312.pyc
View File

Binary file not shown.

BIN
GotoSend/__pycache__/uni_rss.cpython-312.pyc
View File

Binary file not shown.

40
GotoSend/uni_rss.py
View File

@ -22,10 +22,46 @@ def create_database():
conn.commit()
conn.close()
def parse_pub_date(pub_date_str):
if not pub_date_str:
return pub_date_str
# 定义多种日期格式
date_formats = [
# ISO 8601 格式(带 T
'%Y-%m-%dT%H:%M:%S',
'%Y-%m-%dT%H:%M:%S%z',
# 标准日期时间格式
'%Y-%m-%d %H:%M:%S',
'%Y-%m-%d %H:%M',
'%Y-%m-%d',
# RFC 822/1123 格式(英文星期和月份)
'%a, %d %b %Y %H:%M:%S %z',
'%a, %d %b %Y %H:%M:%S GMT',
'%a, %d %b %Y %H:%M:%S',
# 其他常见格式
'%d %b %Y %H:%M:%S %z',
'%d %b %Y %H:%M:%S',
]
for fmt in date_formats:
try:
pub_date = datetime.strptime(pub_date_str, fmt)
# 格式化输出为统一格式
return pub_date.strftime('%Y-%m-%d %H:%M:%S')
except ValueError:
continue
# 如果所有格式都失败,返回原始字符串
return pub_date_str
def insert_data(data):
conn = sqlite3.connect('./resources/db/uni_rss.db')
cursor = conn.cursor()
for entry in data:
# 使用新的日期解析函数
formatted_pub_date = parse_pub_date(entry['published'])
cursor.execute('''
SELECT 1 FROM articles WHERE title = ? AND author = ?
''', (entry['title'], entry['author']))
@ -34,7 +70,7 @@ def insert_data(data):
cursor.execute('''
INSERT INTO articles (title, link, author, description, pubDate, source)
VALUES (?, ?, ?, ?, ?, ?)
''', (entry['title'], entry['link'], entry['author'], entry['description'], entry['published'], entry['source']))
''', (entry['title'], entry['link'], entry['author'], entry['description'], formatted_pub_date, entry['source']))
conn.commit()
conn.close()
@ -77,7 +113,7 @@ def select_articles(uni_rss_switch, Unity):
# 获取当前日期和时间
now = datetime.now()
two_days_ago = now - timedelta(days=2)
two_days_ago = now - timedelta(days=200)
if uni_rss_switch == False:
# 查询指定时间段内的数据

BIN
config/__pycache__/check_config.cpython-312.pyc
View File

Binary file not shown.

3
config/uni_rss.yaml
View File

@ -1,8 +1,9 @@
link:
- 美团技术团队|https://tech.meituan.com/feed
# - 360 Netlab Blog|https://blog.netlab.360.com/rss 当前无法处理该时间格式
- 360 Netlab Blog|https://blog.netlab.360.com/rss # 当前无法处理该时间格式
- 知道创宇404实验室|https://paper.seebug.org/rss
- 腾讯安全响应中心|https://security.tencent.com/index.php/feed/blog
- Hacker News|https://hnrss.org/frontpage
wechat:
- 美团技术团队|https://wechat2rss.xlab.app/feed/294bc034c9941529cd86a8a4b8999d100186c04d.xml

431
monitor.php Normal file
View File

@ -0,0 +1,431 @@
<?php
// monitor.php - 系统文件监控页面
// 设置字符编码
header('Content-Type: text/html; charset=utf-8');
// 格式化文件大小函数
function formatFileSize($bytes) {
if ($bytes === 0) return '0 Bytes';
$k = 1024;
$sizes = ['Bytes', 'KB', 'MB', 'GB'];
$i = floor(log($bytes) / log($k));
return round($bytes / pow($k, $i), 2) . ' ' . $sizes[$i];
}
// 格式化时间函数
function formatTime($timestamp) {
if (!$timestamp) return '未知';
return date("Y-m-d H:i:s", $timestamp);
}
// 获取目录信息的函数
function getDirectoryInfo($dirPath, $displayName) {
$files = [];
if (!is_dir($dirPath)) {
return [
'name' => $displayName,
'path' => $dirPath,
'exists' => false,
'files' => [],
'totalSize' => 0,
'fileCount' => 0
];
}
$items = glob($dirPath . '/*');
$totalSize = 0;
$fileCount = 0;
foreach ($items as $item) {
if (is_file($item)) {
$fileInfo = [
'name' => basename($item),
'path' => $item,
'size' => filesize($item),
'modified' => filemtime($item),
'extension' => strtolower(pathinfo($item, PATHINFO_EXTENSION))
];
$files[] = $fileInfo;
$totalSize += $fileInfo['size'];
$fileCount++;
}
}
// 按修改时间降序排列
usort($files, function($a, $b) {
return $b['modified'] - $a['modified'];
});
return [
'name' => $displayName,
'path' => $dirPath,
'exists' => true,
'files' => $files,
'totalSize' => $totalSize,
'fileCount' => $fileCount
];
}
// 定义要监控的目录
$directories = [
getDirectoryInfo('./resources/log', 'SecPulse运行日志'),
getDirectoryInfo('./resources/db', '数据库文件'),
getDirectoryInfo('./resources/JSON', '中转JSON文件')
];
// 计算总体统计信息
$totalFiles = 0;
$totalSize = 0;
foreach ($directories as $dir) {
$totalFiles += $dir['fileCount'];
$totalSize += $dir['totalSize'];
}
$currentTime = date("Y-m-d H:i:s");
?>
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="shortcut icon" href="./static/favicon.ico" type="image/x-icon">
<title>SecPulse系统文件监控</title>
<!-- 引入 Layui CSS -->
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/layui-src/dist/css/layui.css">
<style>
* {
margin: 0;
padding: 0;
box-sizing: border-box;
}
body {
font-family: "Microsoft YaHei", Arial, sans-serif;
background-color: #f5f5f5;
padding: 20px;
line-height: 1.6;
}
.container {
max-width: 1200px;
margin: 0 auto;
background: white;
border-radius: 8px;
box-shadow: 0 2px 10px rgba(0,0,0,0.1);
overflow: hidden;
}
.header {
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
color: white;
padding: 20px;
text-align: center;
}
.header h1 {
font-size: clamp(1.5rem, 4vw, 2.5rem);
margin-bottom: 10px;
}
.header p {
font-size: clamp(0.9rem, 2vw, 1.1rem);
opacity: 0.9;
}
.stats-bar {
background: #f8f9fa;
padding: 15px 20px;
border-bottom: 1px solid #eee;
display: flex;
justify-content: space-around;
align-items: center;
flex-wrap: wrap;
gap: 15px;
}
.stat-item {
text-align: center;
min-width: 120px;
}
.stat-value {
font-size: 1.5rem;
font-weight: bold;
color: #667eea;
}
.stat-label {
font-size: 0.85rem;
color: #666;
margin-top: 5px;
}
.directory-section {
margin: 20px;
border: 1px solid #eee;
border-radius: 6px;
overflow: hidden;
}
.directory-header {
background: linear-gradient(135deg, #f093fb 0%, #f5576c 100%);
color: white;
padding: 15px 20px;
display: flex;
justify-content: space-between;
align-items: center;
flex-wrap: wrap;
gap: 10px;
}
.directory-title {
font-size: 1.2rem;
font-weight: bold;
}
.directory-info {
font-size: 0.9rem;
opacity: 0.9;
}
.file-table {
width: 100%;
border-collapse: collapse;
}
.file-table th {
background: #f8f9fa;
padding: 12px 15px;
text-align: left;
font-weight: 600;
color: #333;
border-bottom: 2px solid #eee;
}
.file-table td {
padding: 12px 15px;
border-bottom: 1px solid #f0f0f0;
color: #666;
}
.file-table tr:hover {
background: #f8f9ff;
}
.file-name {
font-weight: 500;
color: #333;
}
.file-size {
font-family: 'Consolas', monospace;
color: #667eea;
}
.file-time {
font-size: 0.85rem;
color: #888;
}
.empty-directory {
padding: 30px;
text-align: center;
color: #999;
font-style: italic;
}
.footer {
text-align: center;
padding: 15px;
background: #f8f9fa;
color: #666;
font-size: 0.85rem;
border-top: 1px solid #eee;
}
/* 响应式设计 */
@media (max-width: 768px) {
body {
padding: 10px;
}
.header {
padding: 15px;
}
.stats-bar {
flex-direction: column;
gap: 10px;
}
.stat-item {
min-width: auto;
}
.directory-section {
margin: 15px;
}
.directory-header {
flex-direction: column;
align-items: flex-start;
gap: 8px;
}
.file-table {
font-size: 0.85rem;
}
.file-table th,
.file-table td {
padding: 8px 10px;
}
}
@media (max-width: 480px) {
.header h1 {
font-size: 1.3rem;
}
.header p {
font-size: 0.85rem;
}
.directory-title {
font-size: 1rem;
}
.file-table {
font-size: 0.8rem;
}
.file-table th,
.file-table td {
padding: 6px 8px;
}
}
/* 滚动条样式 */
::-webkit-scrollbar {
width: 8px;
height: 8px;
}
::-webkit-scrollbar-track {
background: #f1f1f1;
border-radius: 4px;
}
::-webkit-scrollbar-thumb {
background: #c1c1c1;
border-radius: 4px;
}
::-webkit-scrollbar-thumb:hover {
background: #a8a8a8;
}
</style>
</head>
<body>
<div class="container">
<div class="header">
<h1>📊 系统文件监控</h1>
<p>实时监控系统资源文件状态</p>
</div>
<div class="stats-bar">
<div class="stat-item">
<div class="stat-value"><?php echo count($directories); ?></div>
<div class="stat-label">监控目录</div>
</div>
<div class="stat-item">
<div class="stat-value"><?php echo $totalFiles; ?></div>
<div class="stat-label">文件总数</div>
</div>
<div class="stat-item">
<div class="stat-value"><?php echo formatFileSize($totalSize); ?></div>
<div class="stat-label">总大小</div>
</div>
<div class="stat-item">
<div class="stat-value"><?php echo $currentTime; ?></div>
<div class="stat-label">更新时间</div>
</div>
</div>
<?php foreach ($directories as $dir): ?>
<div class="directory-section">
<div class="directory-header">
<div class="directory-title">📁 <?php echo htmlspecialchars($dir['name']); ?></div>
<div class="directory-info">
<?php if ($dir['exists']): ?>
<?php echo $dir['fileCount']; ?> 个文件 |
总大小: <?php echo formatFileSize($dir['totalSize']); ?>
<?php else: ?>
目录不存在
<?php endif; ?>
</div>
</div>
<?php if ($dir['exists'] && !empty($dir['files'])): ?>
<table class="file-table">
<thead>
<tr>
<th>文件名称</th>
<th>文件大小</th>
<th>更新时间</th>
<th>文件类型</th>
</tr>
</thead>
<tbody>
<?php foreach ($dir['files'] as $file): ?>
<tr>
<td class="file-name"><?php echo htmlspecialchars($file['name']); ?></td>
<td class="file-size"><?php echo formatFileSize($file['size']); ?></td>
<td class="file-time"><?php echo formatTime($file['modified']); ?></td>
<td><?php echo strtoupper(htmlspecialchars($file['extension'])); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php elseif ($dir['exists']): ?>
<div class="empty-directory">
该目录下暂无文件
</div>
<?php else: ?>
<div class="empty-directory">
目录路径: <?php echo htmlspecialchars($dir['path']); ?><br>
该目录不存在或无法访问
</div>
<?php endif; ?>
</div>
<?php endforeach; ?>
<div class="footer">
<p>© 2026 SecPulse 文件监控系统 | 自动刷新间隔: 60</p>
</div>
</div>
<script>
// 自动刷新功能
setTimeout(function() {
location.reload();
}, 60000); // 60秒自动刷新
// 添加加载动画效果
window.addEventListener('load', function() {
const container = document.querySelector('.container');
container.style.opacity = '0';
container.style.transform = 'translateY(20px)';
container.style.transition = 'all 0.5s ease';
setTimeout(() => {
container.style.opacity = '1';
container.style.transform = 'translateY(0)';
}, 100);
});
</script>
</body>
</html>

278
resources/JSON/freebuf.json
View File

@ -1,162 +1,162 @@
[
{
"title": "人工智能聊天机器人DeepSeek R1可被操纵用于创建恶意软件",
"link": "https://www.freebuf.com/articles/network/424572.html",
"description": "DeepSeek R1可被操纵生成恶意软件降低网络犯罪门槛尽管仍需手动修正但加速了恶意软件开发。",
"body": "<p>网络安全公司Tenable Research的最新分析揭示开源人工智能聊天机器人<strong>DeepSeek R1</strong>能够被操纵用于生成恶意软件包括键盘记录器和勒索软件。Tenable的研究团队评估了DeepSeek生成有害代码的能力重点测试了两种常见的恶意软件类型键盘记录器和勒索软件。</p><p>尽管DeepSeek无法直接“开箱即用”生成完全可用的恶意软件",
"category": "网络安全",
"pubDate": "Fri, 14 Mar 2025 00:51:27 +0800"
"title": "黑客利用单字母拼写错误的Go模块部署基于DNS的后门",
"link": "https://www.freebuf.com/articles/481976.html",
"description": "黑客利用单字母拼写错误的Go模块潜伏3年植入隐蔽DNS后门",
"body": "\n<p><img src=\"https://image.3001.net/images/20260520/1779282821948311_b79b9afbfa6c4129be05629890d868a1.webp!small\" alt=\"\"></p>\n<p>一个看似无害的Go模块拼写错误已悄然充当活跃后门近三年。安全研究人员发现名为<code>github.com/shopsprint/deci",
"category": "技术",
"pubDate": "Wed, 20 May 2026 12:30:23 +0800"
},
{
"title": "朝鲜威胁组织ScarCruft利用KoSpy恶意软件监控安卓用户",
"link": "https://www.freebuf.com/articles/es/424540.html",
"description": "朝鲜黑客组织ScarCruft通过伪装应用投放KoSpy恶意软件监控安卓用户攻击针对韩语和英语用户。",
"body": "<p><img src=\"https://image.3001.net/images/20250313/1741878280398181_a226a43ddb394530a82c72add0dcff49.png!small\" alt=\"image\" /></p><p>据报道与朝鲜有关的威胁组织ScarCruft开发了一种名为 <strong>KoSpy</strong>的安卓监控工具,专门针对韩",
"title": "GitHub证实被入侵4000个私有仓库被窃取",
"link": "https://www.freebuf.com/news/481866.html",
"description": "GitHub通过官方X原Twitter账号发布声明确认正在调查针对其内部代码仓库的未授权访问事件。",
"body": "<p>5月20日GitHub通过官方X原Twitter账号发布声明确认正在调查针对其内部代码仓库的未授权访问事件。该回应直接指向威胁组织“TeamPCP”此前宣称的大规模数据窃取行为。</p><h2 id=\"h2-1\">官方回应:客户数据暂未受影响</h2><p><img src=\"https://image.3001.net/images/20260520/1779249234_6a0d",
"category": "资讯",
"pubDate": "Wed, 20 May 2026 11:51:03 +0800"
},
{
"title": "NGINX 安全分析CVE202642945 漏洞解析",
"link": "https://www.freebuf.com/articles/web/481861.html",
"description": "该漏洞在 NGINX 源代码中存在 长达 18 年之久,波及几十亿请求路径和数百万服务实例。",
"body": "<h2 id=\"h2-1\">一、背景简介:互联网核心组件的历史性缺陷</h2><p>NGINX 是全球部署最广泛的高性能 HTTP 服务器、反向代理和负载均衡器承载无数网站、API、微服务等关键业务。2026 年安全界爆出一个震惊业界的漏洞——<strong>CVE202642945</strong>,该漏洞在 NGINX 源代码中存在 <strong>长达 18 年</strong>之久,",
"category": "Web安全",
"pubDate": "Wed, 20 May 2026 11:19:25 +0800"
},
{
"title": "组件投毒预警atool npm 维护者账户被接管317个包遭凭证蠕虫攻击",
"link": "https://www.freebuf.com/articles/vuls/481859.html",
"description": "此次受影响的软件包覆盖面极广,既包括前端开发中的高频基础依赖,也包括大量企业常用的数据可视化与图分析组件。",
"body": "<h1 id=\"activity-name\"><span>事件概述</span></h1><p id=\"js_content\"></p><p>近日安全玻璃盒供应链安全威胁情报中心检测到npm生态爆发一起高危供应链投毒事件。公开情报显示npm账户 <strong>atooli@hust.cc</strong>于 <strong>2026 年 5 月 19 日</strong>被攻击者劫持,随",
"category": "漏洞",
"pubDate": "Wed, 20 May 2026 11:11:09 +0800"
},
{
"title": "职等你来,同花顺招聘安全工程师",
"link": "https://www.freebuf.com/articles/481850.html",
"description": "职等你来,同花顺招聘安全工程师",
"body": "<h2 class=\"tinymce-p\" id=\"h2-1\">招聘岗位</h2><h3 id=\"h3-1\">基础安全工程师/专家 (30-90K)</h3><p class=\"tinymce-p\"><strong>岗位职责:</strong></p><p class=\"tinymce-p\">1.负责公司基础信息系统安全建设。以黑客视角对基础设施进行安全风险识别与评估,并给出安全加固建议;</p>",
"category": "安全招聘",
"pubDate": "Wed, 20 May 2026 10:06:54 +0800"
},
{
"title": "CVE Lite CLI开源依赖项漏洞扫描工具",
"link": "https://www.freebuf.com/articles/development/481895.html",
"description": "\"开源工具CVE Lite CLI让依赖漏洞扫描提前到开发终端秒级定位高危风险\"",
"body": "\n<p>在 JavaScript 和 TypeScript 项目中,依赖项漏洞扫描长期以来都处于开发管道的末端。开发者提交拉取请求后,持续集成系统开始运行,安全扫描器返回一系列 CVE 编号,而此时开发者往往需要花费数小时甚至数天时间来处理这些漏洞。作为 OWASP 官方认证的孵化项目CVE Lite CLI 将这项检查工作提前到了开发者终端阶段。</p>\n<p>这款由 Sonu Kapoor ",
"category": "开发安全",
"pubDate": "Wed, 20 May 2026 06:00:59 +0800"
},
{
"title": "华为0Day漏洞被指导致2025年卢森堡全国通信瘫痪",
"link": "https://www.freebuf.com/articles/ics-articles/481893.html",
"description": "华为0Day漏洞致卢森堡全国通信瘫痪漏洞未修复仍存隐患",
"body": "\n<p><img src=\"https://image.3001.net/images/20260520/1779260600782542_674120c2a01844d08d096249af3caf3f.jpg!small\" alt=\"\"></p>\n<h2>华为路由器0Day漏洞引发卢森堡全国通信中断</h2>\n<p>2025年7月23日卢森堡遭遇全国性通信中断事件据调查由华为企业路由器中一",
"category": "关基安全",
"pubDate": "Wed, 20 May 2026 05:30:04 +0800"
},
{
"title": "GitHub 遭入侵:员工设备遭恶意扩展攻击致内部源码仓库泄露",
"link": "https://www.freebuf.com/articles/database/481971.html",
"description": "GitHub员工遭恶意扩展攻击3800个内部源码仓库泄露",
"body": "\n<p><img src=\"https://image.3001.net/images/20260520/1779280305659712_201420402a6c414ea57c5a7ab5e56403.webp!small\" alt=\"\"></p>\n<p>2026年5月20日GitHub通过系列官方声明证实其检测到某员工设备因安装恶意Visual Studio Code扩展而遭入侵导致内",
"category": "数据安全",
"pubDate": "Wed, 20 May 2026 04:47:29 +0800"
},
{
"title": "AI Agent 安全:自动化工作流时如何规避提示注入与数据泄露风险",
"link": "https://www.freebuf.com/articles/ai-security/481829.html",
"description": "AI Agent权限越大风险越高提示注入可致数据泄露",
"body": "<p class=\"tinymce-p\"><img src=\"https://image.3001.net/images/20260520/1779246191_6a0d246fa6e1d68d408d0.jpg!small\" width=\"690\" height=\"388\" alt=\"\" />AI Agent 安全始于一个简单事实Agent 权限越大,其访问控制就需越严格。仅能总结文档的 AI",
"category": "AI安全",
"pubDate": "Tue, 19 May 2026 21:13:08 +0800"
},
{
"title": "FreeBuf早报 | Mythos Preview 实现自动化漏洞研究中 PoC 漏洞利用链构建n8n漏洞使自动化节点面临完整RCE风险",
"link": "https://www.freebuf.com/news/481732.html",
"description": "AI模型可自动构建漏洞利用链安全边界面临重构。",
"body": "<h2 id=\"h2-1\">全球网安事件速递</h2><h3 id=\"h3-1\">1. Mythos Preview 实现自动化漏洞研究中 PoC 漏洞利用链构建</h3><p>Anthropic的AI模型Mythos Preview实现突破能串联漏洞生成可验证的PoC利用链填补漏洞发现与利用间的技术鸿沟。需定制化框架优化结果但安全防护仍需额外措施凸显攻防时间窗缩短的紧迫性。【<a hre",
"category": "资讯",
"pubDate": "Tue, 19 May 2026 18:17:06 +0800"
},
{
"title": "DirtyDecrypt Linux 内核漏洞 PoC 利用代码公开",
"link": "https://www.freebuf.com/articles/system/481812.html",
"description": "高危漏洞DirtyDecrypt曝光Linux本地提权风险加剧容器逃逸威胁企业安全。",
"body": "\n<p><img src=\"https://image.3001.net/images/20260520/1779213934717431_fbd338cb0e024d0ba4f1d28e73d86e72.webp!small\" alt=\"\"></p>\n<p>针对一个被命名为 DirtyDecrypt亦被追踪为 DirtyCBC的高危 Linux 内核本地提权漏洞的概念验证PoC利用代码已",
"category": "系统安全",
"pubDate": "Tue, 19 May 2026 17:18:30 +0800"
},
{
"title": "威胁情报落地的三大SOC战术",
"link": "https://www.freebuf.com/articles/es/481821.html",
"description": "被动安全难抵风险累积三大SOC战术让威胁情报落地提速",
"body": "\n<p><img src=\"https://image.3001.net/images/20260520/1779217503385468_e8ec77053d1742bcb9a4f775553f99f9.webp!small\" alt=\"3 SOC Tactics for Threat Intelligence\"></p>\n<p>数据泄露事件可能只会上头条一天,但其造成的损害却会持续数年。关键业",
"category": "企业安全",
"pubDate": "Thu, 13 Mar 2025 19:53:00 +0800"
"pubDate": "Tue, 19 May 2026 17:12:12 +0800"
},
{
"title": "大模型越狱(通常)比你想象的容易——一种基于伪造对话历史的攻击算法",
"link": "https://www.freebuf.com/vuls/424360.html",
"description": "一种基于伪造会话历史的大模型对抗算法",
"body": "<h1>1.摘要</h1><p>微软的研究团队提出了一种名为“上下文一致性攻击”Context Compliance Attack以下简称CCA算法的大模型越狱攻击算法这种攻击算法相对轻巧既不需要复杂的提示词工程也不要消耗大量算力来迭代优化恶意提示词。</p><p>CCA算法利用了目前大模型架构中一个漏洞——会话历史的无状态性。即用户可以伪造会话历史输入给大模型而大模型在无法分辨该对",
"category": "漏洞",
"pubDate": "Thu, 13 Mar 2025 16:37:29 +0800"
"title": "新型钓鱼点击OAuth授权如何绕过多因素认证",
"link": "https://www.freebuf.com/articles/ai-security/481770.html",
"description": "OAuth钓鱼攻击绕过MFA窃取企业数据刷新令牌成黑客新武器",
"body": "\n<p><img src=\"https://image.3001.net/images/20260519/1779195846621043_1d6c880720b84255aa9dbabb26ac1bf0.jpg!small\" alt=\"image\"></p>\n<p>2026年2月名为EvilTokens的钓鱼即服务PhaaS平台开始运作。短短五周内该平台就成功入侵了五个国家超过340家微",
"category": "AI安全",
"pubDate": "Tue, 19 May 2026 17:00:00 +0800"
},
{
"title": "CISA警告苹果WebKit越界写入漏洞已被野外利用",
"link": "https://www.freebuf.com/vuls/424562.html",
"description": "苹果WebKit越界写入漏洞CVE-2025-24201已被野外利用攻击者可执行未经授权的代码。",
"body": "<p><img src=\"https://image.3001.net/images/20250314/1741889032347357_5c64ed0a88814dc4bc5fd233083566e8.webp!small\" alt=\"image\" /></p><p>美国网络安全和基础设施安全局CISA近日警告称苹果WebKit浏览器引擎中存在一个被野外利用的零日漏洞编号为CVE-202",
"category": "漏洞",
"pubDate": "Thu, 13 Mar 2025 16:21:31 +0800"
"title": "Pwn2Own Berlin 2026落幕0Day漏洞奖金总额达130万美元",
"link": "https://www.freebuf.com/articles/481792.html",
"description": "Pwn2Own柏林赛狂揽47个0Day奖金近130万美元",
"body": "<p><img src=\"https://image.3001.net/images/20260520/1779245390_6a0d214e84c1e53d92ea6.jpg!small\" width=\"690\" height=\"388\" alt=\"\" /></p><p>2026年5月16日备受期待的Pwn2Own Berlin 2026黑客大赛在OffensiveCon会议期间经过三天激烈角",
"category": "技术",
"pubDate": "Tue, 19 May 2026 15:59:01 +0800"
},
{
"title": "微信小程序测试技巧总结",
"link": "https://www.freebuf.com/articles/web/424498.html",
"description": "测试微信小程序跟web网站基本相同抓包测试接口逆向看小程序源码。",
"body": "<h2 id=\"h2-1\">前言</h2><p>目前越来越多的企业都开始开发微信小程序如果在web测试过程中没有结果不如换个思路去看看微信小程序是否有问题。</p><p>测试微信小程序跟web网站基本相同抓包测试接口逆向看小程序源码。本篇文章就来看看如何进行微信小程序抓包以及逆向。</p><p><br /></p><h2 id=\"h2-2\">微信小程序抓包</h2><p>要测试微信小程序",
"category": "Web安全",
"pubDate": "Thu, 13 Mar 2025 16:16:54 +0800"
"title": "Orchid Security安全报告三分之二非人类账户处于失控状态",
"link": "https://www.freebuf.com/articles/es/481795.html",
"description": "&quot;企业身份暗物质失控AI时代埋下致命隐患&quot;",
"body": "<p><img src=\"https://image.3001.net/images/20260520/1779207353112015_f86eae1a3ccd4966a6209094af950edf.webp!small\" alt=\"\" /></p><p><strong>美国纽约2026年5月19日CyberNewswire电</strong><strong>新研究表明身份暗物质持续扩张,",
"category": "企业安全",
"pubDate": "Tue, 19 May 2026 15:37:57 +0800"
},
{
"title": "全美29州逾8.6万名医护人员信息因AWS S3存储桶配置错误遭泄露",
"link": "https://www.freebuf.com/articles/database/424561.html",
"description": "全美29州逾8.6万名医护人员信息因AWS S3存储桶配置错误遭泄露包含敏感PII和医疗文件。",
"body": "<p><img src=\"https://image.3001.net/images/20250314/1741889027627786_9dbc9c95718140af8ac0145800762e1c.webp!small\" alt=\"image\" /></p><p>近日一起涉及医护人员敏感信息的大规模数据泄露事件被发现总部位于新泽西州的健康科技公司ESHYFT的超过8.6万条记录被暴露。<",
"title": "GitHub缩减漏洞赏金计划提醒用户安全责任需共担",
"link": "https://www.freebuf.com/articles/ai-security/481793.html",
"description": "GitHub因AI垃圾报告泛滥缩减漏洞赏金警告用户需自担安全风险。",
"body": "\n<h2>代码托管平台呼吁研究者减少AI生成的低质报告</h2>\n<p><img src=\"https://image.3001.net/images/20260520/1779207203294546_1db731e7b91849f687c029395a13791e.jpg!small\" alt=\"通过GitHub供应链发起的攻击\"></p>\n<p>面对漏洞赏金计划提交量的激增GitHub正对",
"category": "AI安全",
"pubDate": "Tue, 19 May 2026 15:28:48 +0800"
},
{
"title": "Apache Flink 高危漏洞可导致远程代码执行攻击",
"link": "https://www.freebuf.com/articles/database/481799.html",
"description": "高危漏洞Apache Flink SQL注入可致集群沦陷速升级",
"body": "\n<p><img src=\"https://image.3001.net/images/20260520/1779207728416657_85c769744ebd4e9ba16508b0f2df642c.webp!small\" alt=\"\"></p>\n<p>Apache Flink 近日披露一个编号为 CVE-2026-35194 的高危漏洞,该漏洞通过平台代码生成引擎中的 SQL 注入缺陷,使",
"category": "数据安全",
"pubDate": "Thu, 13 Mar 2025 16:09:35 +0800"
"pubDate": "Tue, 19 May 2026 15:03:10 +0800"
},
{
"title": "黑客滥用微软Copilot发动高仿钓鱼攻击",
"link": "https://www.freebuf.com/news/424552.html",
"description": "黑客利用微软Copilot发起高仿钓鱼攻击通过伪造发票邮件和虚假登录页面窃取用户凭据威胁企业安全。",
"body": "<p><img src=\"https://image.3001.net/images/20250314/1741885485840984_47bf608e967345259deb66fcf48bec25.webp!small\" alt=\"image\" /></p><p>随着越来越多企业将微软Copilot集成到其日常工作中网络犯罪分子瞄准了这一AI助手的用户发起了高度复杂的钓鱼攻击。微软Cop",
"category": "资讯",
"pubDate": "Thu, 13 Mar 2025 16:07:50 +0800"
"title": "Linux应急响应入侵排查篇",
"link": "https://www.freebuf.com/articles/defense/481696.html",
"description": "在日常安全运营中Linux 服务器被入侵是非常常见的应急场景。",
"body": "<p>在日常安全运营中Linux 服务器被入侵是非常常见的应急场景。攻击者通过弱口令、Web 漏洞、组件漏洞、密钥泄露等方式进入主机,随后进行提权、植入后门、横向移动、挖矿、代理转发或数据窃取。</p><h2 id=\"h2-1\"><strong>一、Linux入侵排查思路</strong></h2><p><strong>1.系统信息收集</strong></p><p>主要是收集系统的版本内核信息",
"category": "攻防演练",
"pubDate": "Tue, 19 May 2026 15:01:07 +0800"
},
{
"title": "FreeBuf早报 | 特朗普提名Sean Plankey掌权CISA勒索病毒袭美逾300关键机构",
"link": "https://www.freebuf.com/news/424478.html",
"description": "特朗普提名Sean Plankey掌权CISA勒索病毒袭美逾300关键机构",
"body": "<h2 id=\"h2-1\">全球网安事件速递</h2><h3 id=\"h3-1\">1. Win10 / Win11 装机镜像不再“裸奔”,微软发布 Defender 更新填补安全漏洞</h3><p>微软针对 Windows 10、Windows 11 和 Windows Server 安装镜像,发布了新版 Defender 更新,解决安装镜像中可能存在的旧版反恶意软件问题,提升系统安全性和性能。 ",
"category": "资讯",
"pubDate": "Thu, 13 Mar 2025 14:10:05 +0800"
},
{
"title": "新手友好spring内存马学习篇二",
"link": "https://www.freebuf.com/articles/web/424441.html",
"description": "这是spring内存马第二篇主要学习实战中如何打内存马",
"body": "<h2 id=\"h2-1\">反序列化注入内存马</h2><h3 id=\"h3-1\">Fastjson靶场搭建</h3><p>我们在前面的springboot项目上引入fastjson模拟一下漏洞环境</p><p><img src=\"https://image.3001.net/images/20250306/1741255427_67c97303619323cef3b85.png!small\" ",
"category": "Web安全",
"pubDate": "Thu, 13 Mar 2025 09:17:22 +0800"
},
{
"title": "D-link: 轻量级正反向文件同步后渗透持久化控制",
"link": "https://www.freebuf.com/sectool/424419.html",
"description": "#后渗透 #文件同步 #轻量 #持久化 #正/反向隧道 #C++ #D-Link",
"body": "<h1>D-link</h1><p>D-link 是一款用 C++ 编写的轻量级 Linux 文件同步工具。</p><ol><li><p>支持反向文件同步操作。</p></li><li><p>目录监控,实时更新。</p></li><li><p>访问控制:客户端只能自动上传和删除文件,无法从服务器下载敏感文件。就算同步的文件在服务器端被删掉,客户端还是会自动恢复。</p></li><li><p>客户",
"category": "工具",
"pubDate": "Thu, 13 Mar 2025 00:45:10 +0800"
},
{
"title": "多视角解码大模型安全:以 AI 制衡 AI突破安全困局",
"link": "https://www.freebuf.com/fevents/424379.html",
"description": "“模型有界、安全无疆”主题技术研讨会在西安圆满落幕。",
"body": "<p>在人工智能快速发展的今天,大模型已经成为了推动各行业变革的核心技术之一,从医疗诊断到智能交通,从金融风险控制到教育个性化推荐,各行各业中都出现了大模型的身影。</p><p>根据Gartner的预测2026年将有超过80%的企业部署启用生成式人工智能GenAI的应用而2023年这一比例尚不足5%,可以说大模型正以前所未有的速度重塑着我们的世界。</p><p>技术突飞猛进的同时,也伴生着",
"category": "活动",
"pubDate": "Wed, 12 Mar 2025 17:31:35 +0800"
},
{
"title": "超400个IP地址协同攻击利用多个SSRF漏洞发起网络攻势",
"link": "https://www.freebuf.com/vuls/424412.html",
"description": "至少400个IP地址被发现同时利用多个SSRF漏洞攻击尝试之间表现出显著的重叠。",
"body": "\n<p><img src=\"https://image.3001.net/images/20250312/1741788137072942_62d5d71c105a40c7a1be5eeb33fbab11.png!small\" alt=\"image\"></p>\n<p>威胁情报公司GreyNoise发出警告称近期针对多个平台的服务器端请求伪造SSRF漏洞利用活动出现了“协同激增”现象。</p>",
"category": "漏洞",
"pubDate": "Wed, 12 Mar 2025 17:26:00 +0800"
},
{
"title": "AI会取代渗透测试工程师吗",
"link": "https://www.freebuf.com/articles/neopoints/424414.html",
"description": "关于哪些职业会受到AI冲击的讨论从未停止而渗透测试Pentesting最近也被推到了风口浪尖。",
"body": "<p><img src=\"https://image.3001.net/images/20250312/1741788229145520_ea88f496d23c41d9b5a2c92b14a8910e.png!small\" alt=\"image\" /></p><p>多年来我们一直在听到同样的说法AI将会取代你的工作。事实上2017年麦肯锡发布了一份报告《消失与新增的岗位自动化时代下的劳动",
"category": "观点",
"pubDate": "Wed, 12 Mar 2025 15:55:00 +0800"
},
{
"title": "FreeBuf早报 | 微软与VMware零日漏洞紧急修复指南TP-Link漏洞感染超6000台设备",
"link": "https://www.freebuf.com/news/424346.html",
"description": "微软与VMware零日漏洞紧急修复指南TP-Link漏洞感染超6000台设备",
"body": "<h2 id=\"h2-1\">全球网安事件速递</h2><h3 id=\"h3-1\">1. Manus代码遭越狱季逸超本人回应“团队一直有开源传统”</h3><p>北京时间3月10日清晨推特用户jianxliao发布推文称成功“越狱”了Manus AI的代码据其透露他只是简单地要求Manus提供\"/opt/.manus/\"目录下的文件系统便直接提供了沙盒运行时代码并揭示了Manus使用C",
"category": "资讯",
"pubDate": "Wed, 12 Mar 2025 14:30:42 +0800"
},
{
"title": "API攻击威胁加剧2025年如何确保API安全",
"link": "https://www.freebuf.com/articles/web/424399.html",
"description": "API攻击威胁加剧59%的组织开放API“写入”权限黑客可未经授权访问导致数据窃取、账户接管等重大风险。",
"body": "<p><img src=\"https://image.3001.net/images/20250312/1741780939666956_d18f4fcfe4ab4b048c66f1169504989e.png!small\" alt=\"image\" /></p><p>API攻击正持续增加<strong>一项令人担忧的研究</strong>显示59%的组织为至少一半的API开放了“写入”权限这",
"category": "Web安全",
"pubDate": "Wed, 12 Mar 2025 11:29:24 +0800"
},
{
"title": "攻击者开始利用MFA漏洞在内的高级手段绕过多因素身份验证",
"link": "https://www.freebuf.com/articles/web/424386.html",
"description": "这些高级技术利用了身份验证工作流程中的漏洞,而非身份验证因素本身。",
"body": "<p><img src=\"https://image.3001.net/images/20250312/1741773779537870_8402efd7d8fa46fa8d2f0067903712ee.webp!small\" alt=\"image\" /></p><p>研究人员最近发现了一种令人不安的攻击趋势这些攻击专门设计来绕过多因素身份验证MFA的保护机制。这些高级技术利用了身份验证工作",
"category": "Web安全",
"pubDate": "Wed, 12 Mar 2025 09:53:49 +0800"
},
{
"title": "Hessian反序列化原理到武器化利用",
"link": "https://www.freebuf.com/articles/web/424308.html",
"description": "今天和大家共同探讨Java安全领域中一种常见的安全威胁也就是Hessian反序列化漏洞。",
"body": "<p>今天和大家共同探讨Java安全领域中一种常见的安全威胁也就是Hessian反序列化漏洞。作为贯穿Java生态的RPC通信基石Hessian协议如同微服务架构的\"神经网络\"其安全风险直接影响多个Java核心组件的命脉如近几年披露的一些Hessian协议相关的安全组件漏洞Seata Hessian 反序列化漏洞、Nacos 集群 Hessian 反序列化漏洞、xxl-job Hessi",
"category": "Web安全",
"pubDate": "Wed, 12 Mar 2025 09:42:19 +0800"
},
{
"title": "新型XCSSET恶意软件利用增强混淆技术攻击macOS用户",
"link": "https://www.freebuf.com/articles/web/424375.html",
"description": "新型XCSSET恶意软件利用增强混淆技术攻击macOS用户感染Xcode项目窃取敏感信息采用复杂持久化机制威胁开发者安全。",
"body": "<p><img src=\"https://image.3001.net/images/20250312/1741770276931049_1ffd07215f97425f8ba4f5216c276ae5.webp!small\" alt=\"image\" /></p><p>微软威胁情报团队发现了一种新型的XCSSET变种这是一种复杂的模块化macOS恶意软件能够感染Xcode项目并在开发者构建这",
"category": "Web安全",
"pubDate": "Wed, 12 Mar 2025 07:44:44 +0800"
},
{
"title": "AI 辅助的虚假 GitHub 仓库窃取敏感数据,包括登录凭证",
"link": "https://www.freebuf.com/articles/database/424374.html",
"description": "AI 辅助的虚假 GitHub 仓库窃取敏感数据,伪装合法项目分发 Lumma Stealer 恶意软件。",
"body": "<p><img src=\"https://image.3001.net/images/20250312/1741770262754508_969bbeb5d15b4a8795a84388a5078ab3.webp!small\" alt=\"image\" /></p><p>近期发现了一种复杂的恶意软件活动,该活动利用人工智能创建具有欺骗性的 GitHub 仓库,并分发 SmartLoader 负载,最",
"title": "攻击者利用Cloudflare存储节点从被入侵网络窃取文件",
"link": "https://www.freebuf.com/articles/database/481791.html",
"description": "攻击者利用Cloudflare存储节点窃取政府企业数据定制化工具规避检测。",
"body": "<p><img src=\"https://image.3001.net/images/20260519/1779203091162279_635083f446bd4b7e9241ec9f5e05ffb4.webp!small\" alt=\"\" /></p><p>攻击者发现了一种从被入侵网络静默窃取数据的新方法——这次他们隐藏在人们熟悉的Cloudflare服务背后。安全研究人员发现一起针对性入侵行动",
"category": "数据安全",
"pubDate": "Wed, 12 Mar 2025 07:40:26 +0800"
"pubDate": "Tue, 19 May 2026 14:01:55 +0800"
},
{
"title": "谷歌紧急警告Chromecast用户切勿进行出厂重置",
"link": "https://www.freebuf.com/news/424361.html",
"description": "谷歌紧急警告别对Chromecast进行出厂重置。过期证书导致2000万台设备无法正常运行用户陷入“变砖”困境。",
"body": "<p><img src=\"https://image.3001.net/images/20250312/1741766697560974_acdc23f708a34b058255dc1d9a0b0fcd.webp!small\" alt=\"image\" /></p><p>谷歌已向第二代Chromecast2015年和Chromecast Audio设备的所有者发出紧急通知警告不要进行出厂重置",
"category": "资讯",
"pubDate": "Wed, 12 Mar 2025 07:10:20 +0800"
"title": "CVE-2026-42945 深度解析 NGINX Rift 潜伏18年的堆溢出漏洞分析与防御指南",
"link": "https://www.freebuf.com/articles/vuls/481654.html",
"description": "NGINX Rift漏洞极其罕见地在 NGINX 的核心源码库中潜伏了大约 18 年之久。据溯源分析,该缺陷最早在 2008 年左右的提交中被引入。",
"body": "<p>在全球互联网基础设施的底层架构中NGINX 凭借其极致的异步非阻塞事件驱动模型和极低的内存消耗,长期占据着 Web 服务器、反向代理、负载均衡器以及 API 网关领域的统治地位。NGINX的安全性影响全球数以千万计在线服务。2026年5月13日一项被正式命名为 “NGINX Rift” 的严重内存破坏漏洞CVE-2026-42945的公开披露在网络安全业界引发了强烈的震动。</p>",
"category": "漏洞",
"pubDate": "Tue, 19 May 2026 09:33:04 +0800"
}
]

190
resources/JSON/uni_rss.json
View File

@ -84,7 +84,7 @@
"link": "https://blog.netlab.360.com/911s5/",
"author": "lvxing",
"description": "<h1 id=\"%E6%A6%82%E8%BF%B0\">&#x6982;&#x8ff0;</h1><p>2024&#x5e74;5&#x6708;29&#x65e5;&#xff0c;&#x7f8e;&#x56fd;&#x53f8;&#x6cd5;&#x90e8;&#x53d1;&#x5e03;&#x901a;&#x544a;&#xff0c;&#x58f0;&#x79f0;&#x5176;&#x6267;&#x6cd5;&#x6d3b;&#x52a8;&#x6467;&#x6bc1;&#x4e86;&quot;&#x53f2;&#x4e0a;&#x6700;&#x5927;&#x7684;&#x50f5;&#x5c38;&#x7f51;&#x7edc;&quot; 911 S5&#xff0c;&#x67e5;&#x5c01;&#x4e86;&#x76f8;&#x5173;&#x57df;&#x540d;</p>",
"published": "Fri, 14 Jun 2024 09:20:11 GMT",
"published": "2024-06-14 17:20:11",
"source": "360 Netlab Blog"
},
{
@ -92,7 +92,7 @@
"link": "https://blog.netlab.360.com/headsup_xdr33_variant_of_ciahive_emeerges/",
"author": "Alex.Turing",
"description": "<h1 id=\"overview\">Overview</h1>\n<p>On Oct 21, 2022, 360Netlab&apos;s honeypot system captured a suspicious ELF file <code>ee07a74d12c0bb3594965b51d0e45b6f</code>, which propagated via F5 vulnerability with zero VT detection, our system observces that it communicates with IP <code>45.9.150.144</code> using SSL with <strong>forged Kaspersky certificates</strong>, this caught our attention. After further lookup,</p>",
"published": "Tue, 10 Jan 2023 14:00:37 GMT",
"published": "2023-01-10 22:00:37",
"source": "360 Netlab Blog"
},
{
@ -100,7 +100,7 @@
"link": "https://blog.netlab.360.com/warning-hive-variant-xdr33-is-coming_cn/",
"author": "Alex.Turing",
"description": "<!--kg-card-begin: markdown--><h1 id=\"id\">&#x6982;&#x8ff0;</h1>\n<p>2022&#x5e74;10&#x6708;21&#x65e5;&#xff0c;360Netlab&#x7684;&#x871c;&#x7f50;&#x7cfb;&#x7edf;&#x6355;&#x83b7;&#x4e86;&#x4e00;&#x4e2a;&#x901a;&#x8fc7;F5&#x6f0f;&#x6d1e;&#x4f20;&#x64ad;&#xff0c;VT 0&#x68c0;&#x6d4b;&#x7684;&#x53ef;&#x7591;ELF&#x6587;&#x4ef6;<code>ee07a74d12c0bb3594965b51d0e45b6f</code>&#xff0c;&#x6d41;&#x91cf;&#x76d1;&#x63a7;&#x7cfb;&#x7edf;&#x63d0;&#x793a;&#x5b83;&#x548c;</p>",
"published": "Mon, 09 Jan 2023 03:13:20 GMT",
"published": "2023-01-09 11:13:20",
"source": "360 Netlab Blog"
},
{
@ -108,7 +108,7 @@
"link": "https://blog.netlab.360.com/new-ddos-botnet-wszeor/",
"author": "Hui Wang",
"description": "<!--kg-card-begin: markdown--><h2 id=\"id\">&#x6982;&#x8ff0;</h2>\n<p>&#x8fd1;&#x671f;&#xff0c;&#x6211;&#x4eec;&#x7684;BotMon&#x7cfb;&#x7edf;&#x8fde;&#x7eed;&#x6355;&#x83b7;&#x5230;&#x4e00;&#x4e2a;&#x7531;Go&#x7f16;&#x5199;&#x7684;DDoS&#x7c7b;&#x578b;&#x7684;&#x50f5;&#x5c38;&#x7f51;&#x7edc;&#x5bb6;&#x65cf;&#xff0c;&#x5b83;&#x7528;&#x4e8e;DDoS&#x653b;&#x51fb;&#xff0c;&#x4f7f;&#x7528;&#x4e86;&#x5305;&#x62ec;SSH/Telnet&#x5f31;&#x53e3;</p>",
"published": "Wed, 07 Dec 2022 12:58:21 GMT",
"published": "2022-12-07 20:58:21",
"source": "360 Netlab Blog"
},
{
@ -116,7 +116,7 @@
"link": "https://blog.netlab.360.com/p2p-botnets-review-status-continuous-monitoring/",
"author": "360Netlab",
"description": "<h1 id=\"origins\">Origins</h1>\n<p>P2P networks are more scalable and robust than traditional C/S structures, and these advantages were recognized by the botnet authors early on and used in their botnets. In terms of time, <a href=\"https://en.wikipedia.org/wiki/Storm_botnet?ref=blog.netlab.360.com\">Storm</a>, which appeared in 2007, can be considered the progenitor of this area, when botnet threats were</p>",
"published": "Thu, 03 Nov 2022 14:00:00 GMT",
"published": "2022-11-03 22:00:00",
"source": "360 Netlab Blog"
},
{
@ -124,7 +124,7 @@
"link": "https://blog.netlab.360.com/p2p-botnet-monitor/",
"author": "360Netlab",
"description": "<h1 id=\"%E7%BC%98%E8%B5%B7\">&#x7f18;&#x8d77;</h1>\n<p>P2P&#x7ed3;&#x6784;&#x7684;&#x7f51;&#x7edc;&#x6bd4;&#x4f20;&#x7edf;&#x7684;C/S&#x7ed3;&#x6784;&#x5177;&#x6709;&#x66f4;&#x597d;&#x7684;&#x53ef;&#x6269;&#x5c55;&#x6027;&#x548c;&#x5065;&#x58ee;&#x6027;&#xff0c;&#x8fd9;&#x4e9b;&#x4f18;&#x70b9;&#x5f88;&#x65e9;&#x5c31;&#x4e3a;botnet&#x7684;&#x4f5c;&#x8005;&#x6240;&#x8ba4;&#x8bc6;&#x5230;&#x5e76;&#x88ab;&#x7528;&#x5230;</p>",
"published": "Wed, 02 Nov 2022 03:11:33 GMT",
"published": "2022-11-02 11:11:33",
"source": "360 Netlab Blog"
},
{
@ -132,7 +132,7 @@
"link": "https://blog.netlab.360.com/fodcha-is-coming-back-with-rddos/",
"author": "Alex.Turing",
"description": "<h1 id=\"background\">Background</h1>\n<p>On April 13, 2022, 360Netlab first disclosed the <code>Fodcha</code> botnet. After our article was published, Fodcha suffered a crackdown from the relevant authorities, and its authors quickly responded by leaving <code>&quot;Netlab pls leave me alone I surrender&quot;</code> in an updated sample.No surprise, Fodcha&apos;s authors</p>",
"published": "Mon, 31 Oct 2022 14:00:00 GMT",
"published": "2022-10-31 22:00:00",
"source": "360 Netlab Blog"
},
{
@ -140,7 +140,7 @@
"link": "https://blog.netlab.360.com/ddosmonster_the_return_of__fodcha_cn/",
"author": "Alex.Turing",
"description": "<h1 id=\"%E8%83%8C%E6%99%AF\">&#x80cc;&#x666f;</h1>\n<p>2022&#x5e74;4&#x6708;13&#x65e5;&#xff0c;360Netlab&#x9996;&#x6b21;&#x5411;&#x793e;&#x533a;&#x62ab;&#x9732;&#x4e86;Fodcha&#x50f5;&#x5c38;&#x7f51;&#x7edc;&#xff0c;&#x5728;&#x6211;&#x4eec;&#x7684;&#x6587;&#x7ae0;&#x53d1;&#x8868;&#x4e4b;&#x540e;&#xff0c;Fodcha&#x906d;&#x53d7;&#x5230;&#x76f8;&#x5173;&#x90e8;&#x95e8;&#x7684;&#x6253;&#x51fb;&#xff0c;&#x5176;&#x4f5c;&#x8005;</p>",
"published": "Thu, 27 Oct 2022 02:49:26 GMT",
"published": "2022-10-27 10:49:26",
"source": "360 Netlab Blog"
},
{
@ -148,7 +148,7 @@
"link": "https://blog.netlab.360.com/purecrypter-is-busy-pumping-out-various-malicious-malware-families/",
"author": "wanghao",
"description": "<p>In our daily botnet analysis work, it is common to encounter various loaders.Compared to other types of malware, loaders are unique in that they are mainly used to &quot;promote&quot;, i.e., download and run other malware on the infected machine. According to our observations, most loaders are</p>",
"published": "Mon, 29 Aug 2022 13:00:00 GMT",
"published": "2022-08-29 21:00:00",
"source": "360 Netlab Blog"
},
{
@ -156,7 +156,7 @@
"link": "https://blog.netlab.360.com/purecrypter/",
"author": "wanghao",
"description": "<!--kg-card-begin: markdown--><p>&#x5728;&#x6211;&#x4eec;&#x7684;&#x65e5;&#x5e38;botnet&#x5206;&#x6790;&#x5de5;&#x4f5c;&#x4e2d;&#xff0c;&#x78b0;&#x5230;&#x5404;&#x79cd;loader&#x662f;&#x5e38;&#x4e8b;&#x3002;&#x8ddf;&#x5176;&#x5b83;&#x79cd;&#x7c7b;&#x7684;malware&#x76f8;&#x6bd4;&#xff0c;loader&#x7684;&#x7279;&#x6b8a;&#x4e4b;&#x5904;&#x5728;&#x4e8e;&#x5b83;&#x4e3b;&#x8981;&#x7528;&#x6765;&#x201c;&#x63a8;&#x5e7f;&#x201d;&#xff0c;</p>",
"published": "Mon, 29 Aug 2022 01:20:17 GMT",
"published": "2022-08-29 09:20:17",
"source": "360 Netlab Blog"
},
{
@ -164,7 +164,7 @@
"link": "https://blog.netlab.360.com/a-new-botnet-orchard-generates-dga-domains-with-bitcoin-transaction-information/",
"author": "daji",
"description": "<p>DGA is one of the classic techniques for botnets to hide their C2s, attacker only needs to selectively register a very small number of C2 domains, while for the defenders, it is difficult to determine in advance which domain names will be generated and registered.</p><p>360 netlab has long focused</p>",
"published": "Fri, 05 Aug 2022 14:00:00 GMT",
"published": "2022-08-05 22:00:00",
"source": "360 Netlab Blog"
},
{
@ -172,7 +172,7 @@
"link": "https://blog.netlab.360.com/orchard-dga/",
"author": "daji",
"description": "<!--kg-card-begin: markdown--><p>DGA&#x662f;&#x4e00;&#x79cd;&#x7ecf;&#x5178;&#x7684;botnet&#x5bf9;&#x6297;&#x68c0;&#x6d4b;&#x7684;&#x6280;&#x672f;&#xff0c;&#x5176;&#x539f;&#x7406;&#x662f;&#x4f7f;&#x7528;&#x67d0;&#x79cd;DGA&#x7b97;&#x6cd5;&#xff0c;&#x7ed3;&#x5408;&#x7279;&#x5b9a;&#x7684;&#x79cd;&#x5b50;&#x548c;&#x5f53;&#x524d;&#x65e5;&#x671f;&#xff0c;&#x5b9a;&#x671f;&#x751f;&#x6210;&#x5927;&#x91cf;&#x7684;&#x57df;&#x540d;</p>",
"published": "Fri, 05 Aug 2022 03:31:07 GMT",
"published": "2022-08-05 11:31:07",
"source": "360 Netlab Blog"
},
{
@ -180,7 +180,7 @@
"link": "https://blog.netlab.360.com/public-cloud-threat-intelligence-202204/",
"author": "360Netlab",
"description": "<!--kg-card-begin: markdown--><h2 id=\"id\">&#x6982;&#x8ff0;</h2>\n<!--kg-card-end: markdown--><blockquote>&#x672c;&#x6587;&#x805a;&#x7126;&#x4e8e;&#x4e91;&#x4e0a;&#x91cd;&#x70b9;&#x8d44;&#x4ea7;&#x7684;&#x626b;&#x63cf;&#x653b;&#x51fb;&#x3001;&#x4e91;&#x670d;&#x52a1;&#x5668;&#x603b;&#x4f53;&#x653b;&#x51fb;&#x60c5;&#x51b5;&#x5206;&#x6790;&#x3001;&#x70ed;&#x95e8;&#x6f0f;&#x6d1e;&#x53ca;&#x6076;&#x610f;&#x7a0b;&#x5e8f;&#x7684;&#x653b;&#x51fb;&#x5a01;&#x80c1;&#x3002;</blockquote><!--kg-card-begin: markdown--><ul>\n<li><a href=\"https://netlab.360.com/zh/honeypot?ref=blog.netlab.360.com\">360&#x9ad8;&#x7ea7;</a></li></ul>",
"published": "Wed, 11 May 2022 02:53:55 GMT",
"published": "2022-05-11 10:53:55",
"source": "360 Netlab Blog"
},
{
@ -188,7 +188,7 @@
"link": "https://blog.netlab.360.com/public-cloud-threat-intelligence-202203/",
"author": "360Netlab",
"description": "<h3 id=\"-\">&#x6982;&#x8ff0;</h3><blockquote>&#x672c;&#x6587;&#x805a;&#x7126;&#x4e8e;&#x4e91;&#x4e0a;&#x91cd;&#x70b9;&#x8d44;&#x4ea7;&#x7684;&#x626b;&#x63cf;&#x653b;&#x51fb;&#x3001;&#x4e91;&#x670d;&#x52a1;&#x5668;&#x603b;&#x4f53;&#x653b;&#x51fb;&#x60c5;&#x51b5;&#x5206;&#x6790;&#x3001;&#x70ed;&#x95e8;&#x6f0f;&#x6d1e;&#x53ca;&#x6076;&#x610f;&#x7a0b;&#x5e8f;&#x7684;&#x653b;&#x51fb;&#x5a01;&#x80c1;&#x3002;</blockquote><ul><li><a href=\"https://netlab.360.com/zh/honeypot?ref=blog.netlab.360.com\">360&#x9ad8;&#x7ea7;</a></li></ul>",
"published": "Tue, 19 Apr 2022 02:24:17 GMT",
"published": "2022-04-19 10:24:17",
"source": "360 Netlab Blog"
},
{
@ -196,7 +196,7 @@
"link": "https://blog.netlab.360.com/fodcha-a-new-ddos-botnet/",
"author": "Hui Wang",
"description": "<h2 id=\"overview\">Overview</h2><p>Recently, CNCERT and 360netlab worked together and discovered a rapidly spreading DDoS botnet on the Internet. The global infection looks fairly big as just in China there are more than 10,000 daily active bots (IPs) and alsomore than 100 DDoS victims beingtargeted on a daily basis. We named</p>",
"published": "Wed, 13 Apr 2022 14:01:14 GMT",
"published": "2022-04-13 22:01:14",
"source": "360 Netlab Blog"
},
{
@ -479,6 +479,166 @@
"published": "2020-03-18 16:55:51",
"source": "腾讯安全响应中心"
},
{
"title": "Nobel laureate Olga Tokarczuk apparently used AI to write her latest novel",
"link": "https://lithub.com/nobel-laureate-olga-tokarczuk-apparently-used-ai-to-write-her-latest-novel/",
"author": "bookofjoe",
"description": "<p>Article URL: <a href=\"https://lithub.com/nobel-laureate-olga-tokarczuk-apparently-used-ai-to-write-her-latest-novel/\">https://lithub.com/nobel-laureate-olga-tokarczuk-apparently-used-ai-to-write-her-latest-novel/</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48209112\">https://news.ycombinator.com/item?id=48209112</a></p>\n<p>Points: 33</p>\n<p># Comments: 41</p>",
"published": "2026-05-20 23:10:43",
"source": "Hacker News"
},
{
"title": "Testing distributed systems with AI agents",
"link": "https://github.com/shenli/distributed-system-testing",
"author": "shenli3514",
"description": "<p>Article URL: <a href=\"https://github.com/shenli/distributed-system-testing\">https://github.com/shenli/distributed-system-testing</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48208685\">https://news.ycombinator.com/item?id=48208685</a></p>\n<p>Points: 19</p>\n<p># Comments: 1</p>",
"published": "2026-05-20 22:40:42",
"source": "Hacker News"
},
{
"title": "Victory: Tennessee man jailed 37 days for Trump meme wins $835,000 settlement",
"link": "https://www.fire.org/news/victory-tennessee-man-jailed-37-days-trump-meme-wins-835000-settlement-after-first-amendment",
"author": "ceejayoz",
"description": "<p>Article URL: <a href=\"https://www.fire.org/news/victory-tennessee-man-jailed-37-days-trump-meme-wins-835000-settlement-after-first-amendment\">https://www.fire.org/news/victory-tennessee-man-jailed-37-days-trump-meme-wins-835000-settlement-after-first-amendment</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48208502\">https://news.ycombinator.com/item?id=48208502</a></p>\n<p>Points: 178</p>\n<p># Comments: 74</p>",
"published": "2026-05-20 22:30:47",
"source": "Hacker News"
},
{
"title": "America's Greatest Strategic Blunder: The Imprisonment of Qian Xuesen",
"link": "https://danieltan.weblog.lol/2026/05/americas-greatest-strategic-blunder-the-imprisonment-of-qian-xuesen",
"author": "danieltanfh95",
"description": "<p>Article URL: <a href=\"https://danieltan.weblog.lol/2026/05/americas-greatest-strategic-blunder-the-imprisonment-of-qian-xuesen\">https://danieltan.weblog.lol/2026/05/americas-greatest-strategic-blunder-the-imprisonment-of-qian-xuesen</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48207251\">https://news.ycombinator.com/item?id=48207251</a></p>\n<p>Points: 66</p>\n<p># Comments: 30</p>",
"published": "2026-05-20 21:19:36",
"source": "Hacker News"
},
{
"title": "Goodbye Visa and Mastercard: 130M Europeans switching to sovereign payment",
"link": "https://www.lesnumeriques.com/banque-en-ligne/adieu-visa-et-mastercard-130-millions-d-europeens-basculent-vers-un-paiement-100-souverain-des-2026-n250918.html",
"author": "healsdata",
"description": "<p>Article URL: <a href=\"https://www.lesnumeriques.com/banque-en-ligne/adieu-visa-et-mastercard-130-millions-d-europeens-basculent-vers-un-paiement-100-souverain-des-2026-n250918.html\">https://www.lesnumeriques.com/banque-en-ligne/adieu-visa-et-mastercard-130-millions-d-europeens-basculent-vers-un-paiement-100-souverain-des-2026-n250918.html</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48207004\">https://news.ycombinator.com/item?id=48207004</a></p>\n<p>Points: 499</p>\n<p># Comments: 414</p>",
"published": "2026-05-20 21:02:30",
"source": "Hacker News"
},
{
"title": "Meta blocks human rights accounts from reaching audiences in Arabia and the UAE",
"link": "https://www.alqst.org/ar/posts/1190",
"author": "giuliomagnifico",
"description": "<p>Article URL: <a href=\"https://www.alqst.org/ar/posts/1190\">https://www.alqst.org/ar/posts/1190</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48206768\">https://news.ycombinator.com/item?id=48206768</a></p>\n<p>Points: 519</p>\n<p># Comments: 202</p>",
"published": "2026-05-20 20:43:41",
"source": "Hacker News"
},
{
"title": "Anna's Archive Hit with $19.5M Default Judgment and Global Domain Takedown Order",
"link": "https://torrentfreak.com/annas-archive-hit-with-19-5m-default-judgment-and-global-domain-takedown-order/",
"author": "iamnothere",
"description": "<p>Article URL: <a href=\"https://torrentfreak.com/annas-archive-hit-with-19-5m-default-judgment-and-global-domain-takedown-order/\">https://torrentfreak.com/annas-archive-hit-with-19-5m-default-judgment-and-global-domain-takedown-order/</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48206640\">https://news.ycombinator.com/item?id=48206640</a></p>\n<p>Points: 168</p>\n<p># Comments: 126</p>",
"published": "2026-05-20 20:30:58",
"source": "Hacker News"
},
{
"title": "Saying Goodbye to Asm.js",
"link": "https://spidermonkey.dev/blog/2026/05/20/saying-goodbye-to-asmjs.html",
"author": "eqrion",
"description": "<p>Article URL: <a href=\"https://spidermonkey.dev/blog/2026/05/20/saying-goodbye-to-asmjs.html\">https://spidermonkey.dev/blog/2026/05/20/saying-goodbye-to-asmjs.html</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48206340\">https://news.ycombinator.com/item?id=48206340</a></p>\n<p>Points: 138</p>\n<p># Comments: 65</p>",
"published": "2026-05-20 20:01:56",
"source": "Hacker News"
},
{
"title": "College students drown out AI-praising commencement speeches with boos",
"link": "https://www.tomshardware.com/tech-industry/artificial-intelligence/college-students-drown-out-ai-praising-commencement-speeches-with-boos-deal-with-it-one-speaker-fires-back-as-students-heckle-positive-pitches-for-ais-role",
"author": "iancmceachern",
"description": "<p>Article URL: <a href=\"https://www.tomshardware.com/tech-industry/artificial-intelligence/college-students-drown-out-ai-praising-commencement-speeches-with-boos-deal-with-it-one-speaker-fires-back-as-students-heckle-positive-pitches-for-ais-role\">https://www.tomshardware.com/tech-industry/artificial-intelligence/college-students-drown-out-ai-praising-commencement-speeches-with-boos-deal-with-it-one-speaker-fires-back-as-students-heckle-positive-pitches-for-ais-role</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48206241\">https://news.ycombinator.com/item?id=48206241</a></p>\n<p>Points: 266</p>\n<p># Comments: 244</p>",
"published": "2026-05-20 19:51:32",
"source": "Hacker News"
},
{
"title": "Google's AI is being manipulated. The search giant is quietly fighting back",
"link": "https://www.bbc.com/future/article/20260519-google-tackles-attempts-to-hack-its-ai-results",
"author": "tigerlily",
"description": "<p>Article URL: <a href=\"https://www.bbc.com/future/article/20260519-google-tackles-attempts-to-hack-its-ai-results\">https://www.bbc.com/future/article/20260519-google-tackles-attempts-to-hack-its-ai-results</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48205782\">https://news.ycombinator.com/item?id=48205782</a></p>\n<p>Points: 97</p>\n<p># Comments: 58</p>",
"published": "2026-05-20 18:57:09",
"source": "Hacker News"
},
{
"title": "Map of Metal",
"link": "https://mapofmetal.com/",
"author": "robin_reala",
"description": "<p>Article URL: <a href=\"https://mapofmetal.com/\">https://mapofmetal.com/</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48205699\">https://news.ycombinator.com/item?id=48205699</a></p>\n<p>Points: 234</p>\n<p># Comments: 76</p>",
"published": "2026-05-20 18:47:20",
"source": "Hacker News"
},
{
"title": "Qwen3.7-Max: The Agent Frontier",
"link": "https://qwen.ai/blog?id=qwen3.7",
"author": "kevinsimper",
"description": "<p>Article URL: <a href=\"https://qwen.ai/blog?id=qwen3.7\">https://qwen.ai/blog?id=qwen3.7</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48205626\">https://news.ycombinator.com/item?id=48205626</a></p>\n<p>Points: 313</p>\n<p># Comments: 115</p>",
"published": "2026-05-20 18:35:02",
"source": "Hacker News"
},
{
"title": "Learnings from 100K lines of Rust with AI (2025)",
"link": "https://zfhuang99.github.io/rust/claude%20code/codex/contracts/spec-driven%20development/2025/12/01/rust-with-ai.html",
"author": "pramodbiligiri",
"description": "<p>Article URL: <a href=\"https://zfhuang99.github.io/rust/claude%20code/codex/contracts/spec-driven%20development/2025/12/01/rust-with-ai.html\">https://zfhuang99.github.io/rust/claude%20code/codex/contracts/spec-driven%20development/2025/12/01/rust-with-ai.html</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48205415\">https://news.ycombinator.com/item?id=48205415</a></p>\n<p>Points: 106</p>\n<p># Comments: 104</p>",
"published": "2026-05-20 18:04:28",
"source": "Hacker News"
},
{
"title": "Everything in C is undefined behavior",
"link": "https://blog.habets.se/2026/05/Everything-in-C-is-undefined-behavior.html",
"author": "lycopodiopsida",
"description": "<p>Article URL: <a href=\"https://blog.habets.se/2026/05/Everything-in-C-is-undefined-behavior.html\">https://blog.habets.se/2026/05/Everything-in-C-is-undefined-behavior.html</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48203698\">https://news.ycombinator.com/item?id=48203698</a></p>\n<p>Points: 374</p>\n<p># Comments: 524</p>",
"published": "2026-05-20 14:07:22",
"source": "Hacker News"
},
{
"title": "Infomaniak transitions to a foundation model to protect user data privacy",
"link": "https://news.infomaniak.com/en/infomaniak-foundation-sovereign-cloud/",
"author": "darktoto",
"description": "<p>Article URL: <a href=\"https://news.infomaniak.com/en/infomaniak-foundation-sovereign-cloud/\">https://news.infomaniak.com/en/infomaniak-foundation-sovereign-cloud/</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48203536\">https://news.ycombinator.com/item?id=48203536</a></p>\n<p>Points: 133</p>\n<p># Comments: 35</p>",
"published": "2026-05-20 13:43:51",
"source": "Hacker News"
},
{
"title": "Japan is gripped by mass allergies. A 1950s project is to blame",
"link": "https://www.bbc.com/future/article/20260515-the-1950s-blunder-which-causes-mass-hay-fever-in-japan",
"author": "ranit",
"description": "<p>Article URL: <a href=\"https://www.bbc.com/future/article/20260515-the-1950s-blunder-which-causes-mass-hay-fever-in-japan\">https://www.bbc.com/future/article/20260515-the-1950s-blunder-which-causes-mass-hay-fever-in-japan</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48202047\">https://news.ycombinator.com/item?id=48202047</a></p>\n<p>Points: 255</p>\n<p># Comments: 121</p>",
"published": "2026-05-20 09:43:06",
"source": "Hacker News"
},
{
"title": "FiveThirtyEight articles on the Internet Archive",
"link": "https://fivethirtyeightindex.com/",
"author": "ChocMontePy",
"description": "<p>Article URL: <a href=\"https://fivethirtyeightindex.com/\">https://fivethirtyeightindex.com/</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48201973\">https://news.ycombinator.com/item?id=48201973</a></p>\n<p>Points: 312</p>\n<p># Comments: 73</p>",
"published": "2026-05-20 09:34:19",
"source": "Hacker News"
},
{
"title": "Remove-AI-Watermarks CLI and library for removing AI watermarks from images",
"link": "https://github.com/wiltodelta/remove-ai-watermarks",
"author": "janalsncm",
"description": "<p>Article URL: <a href=\"https://github.com/wiltodelta/remove-ai-watermarks\">https://github.com/wiltodelta/remove-ai-watermarks</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48200569\">https://news.ycombinator.com/item?id=48200569</a></p>\n<p>Points: 350</p>\n<p># Comments: 217</p>",
"published": "2026-05-20 06:30:31",
"source": "Hacker News"
},
{
"title": "OpenAI Adopts Google's SynthID Watermark for AI Images with Verification Tool",
"link": "https://openai.com/index/advancing-content-provenance/",
"author": "smooke",
"description": "<p>Article URL: <a href=\"https://openai.com/index/advancing-content-provenance/\">https://openai.com/index/advancing-content-provenance/</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48198291\">https://news.ycombinator.com/item?id=48198291</a></p>\n<p>Points: 317</p>\n<p># Comments: 171</p>",
"published": "2026-05-20 03:34:30",
"source": "Hacker News"
},
{
"title": "Mistral AI acquires Emmi AI",
"link": "https://www.emmi.ai/news/mistral-ai-acquires-emmi-ai",
"author": "doener",
"description": "<p>Article URL: <a href=\"https://www.emmi.ai/news/mistral-ai-acquires-emmi-ai\">https://www.emmi.ai/news/mistral-ai-acquires-emmi-ai</a></p>\n<p>Comments URL: <a href=\"https://news.ycombinator.com/item?id=48197995\">https://news.ycombinator.com/item?id=48197995</a></p>\n<p>Points: 310</p>\n<p># Comments: 91</p>",
"published": "2026-05-20 03:14:12",
"source": "Hacker News"
},
{
"title": "美团SRC助力 | 你敢信他们都来了HPW白帽世界大会2026全议程发布",
"link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247494896&idx=1&sn=5b3d4f7d62a8e7212d9dff1cc4910a45",

BIN
resources/db/freebuf.db
View File

Binary file not shown.

BIN
resources/db/uni_rss.db
View File

Binary file not shown.

BIN
resources/db/web.db
View File

Binary file not shown.

16
resources/log/core.log
View File

@ -1,16 +0,0 @@
2026-05-19 23:10:27 - DEBUG - config.check_config:get_core_config:22 - Debug mode is on
2026-05-19 23:10:27 - DEBUG - config.check_config:get_core_config:23 - Loaded config: {'fs_activate': True, 'fs_key': 'aa04a02f-d7bf-4279-bd48-44c4f28c8f74', 'fs_secret': '4tq65T4jm1MO2IlxvHxBWe', 'wx_activate': False, 'wx_key': '9a3dd6ff-75d6-4208-bc4b-77724a5805d6', 'ding_activate': False, 'ding_key': None, 'lx_activate': False, 'lx_key': None, 'mail_host': 'smtp.masonliu.com', 'mail_user': 'test@masonliu.com', 'mail_pass': 'Test123456', 'sender': 'test@masonliu.com', 'receivers': ['2857911564@qq.com'], 'e_hour': 4, 'time_mode': 1, 'mode': [0, 1, 2, 3], 'url': 'https://info.masonliu.com/', 'debug': True}
2026-05-19 23:10:27 - INFO - __main__:<module>:237 - 程序正在运行当中。
2026-05-19 23:10:27 - INFO - __main__:send_job_RSS:130 - FreeBuf数据为空跳过执行。
2026-05-19 23:10:28 - INFO - __main__:send_job_RSS:157 - 洞见微信安全数据为空,跳过执行。
2026-05-19 23:10:28 - INFO - __main__:send_job_RSS:163 - 聚合RSS数据为空跳过执行。
2026-05-19 23:10:28 - INFO - __main__:send_job_baidu:193 - 百度搜索数据为空,跳过执行。
2026-05-19 23:10:28 - INFO - __main__:send_job_SX:172 - 微信公众号数据为空,跳过执行。
2026-05-19 23:19:56 - DEBUG - config.check_config:get_core_config:22 - Debug mode is on
2026-05-19 23:19:56 - DEBUG - config.check_config:get_core_config:23 - Loaded config: {'fs_activate': True, 'fs_key': 'aa04a02f-d7bf-4279-bd48-44c4f28c8f74', 'fs_secret': '4tq65T4jm1MO2IlxvHxBWe', 'wx_activate': False, 'wx_key': '9a3dd6ff-75d6-4208-bc4b-77724a5805d6', 'ding_activate': False, 'ding_key': None, 'lx_activate': False, 'lx_key': None, 'mail_host': 'smtp.masonliu.com', 'mail_user': 'test@masonliu.com', 'mail_pass': 'Test123456', 'sender': 'test@masonliu.com', 'receivers': ['2857911564@qq.com'], 'e_hour': 4, 'time_mode': 1, 'mode': [0, 1, 2, 3], 'url': 'https://info.masonliu.com/', 'debug': True}
2026-05-19 23:19:56 - INFO - __main__:<module>:237 - 程序正在运行当中。
2026-05-19 23:19:56 - INFO - __main__:send_job_RSS:130 - FreeBuf数据为空跳过执行。
2026-05-19 23:19:57 - INFO - __main__:send_job_RSS:157 - 洞见微信安全数据为空,跳过执行。
2026-05-19 23:19:58 - INFO - __main__:send_job_RSS:161 - 聚合RSS数据获取完成
2026-05-19 23:19:58 - INFO - __main__:send_job_baidu:191 - 百度搜索已完成
2026-05-19 23:19:59 - INFO - __main__:send_job_SX:172 - 微信公众号数据为空,跳过执行。

BIN
spider/__pycache__/common.cpython-312.pyc
View File

Binary file not shown.

BIN
spider/__pycache__/freebuf.cpython-312.pyc
View File

Binary file not shown.

203
spider/freebuf.py
View File

@ -1,49 +1,168 @@
# # -*- coding: utf-8 -*-
# import os
# import requests
# import xml.etree.ElementTree as ET
# import json
# from requests.exceptions import RequestException
# from loguru import logger
# # 测试用爬虫请求头
# headers = {
# "Content-Type": "application/json",
# "Cache-Control": "no-cache",
# "Upgrade-Insecure-Requests": "1",
# "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.55 Safari/537.36",
# "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
# "Sec-Fetch-Site": "same-origin",
# "Sec-Fetch-Mode": "navigate",
# "Sec-Fetch-User": "?1",
# "Sec-Fetch-Dest": "document",
# "Accept-Language": "zh-CN,zh;q=0.9"
# }
# def fetch_rss(url, headers, timeout=20):
# try:
# response = requests.get(url, headers=headers, timeout=timeout)
# response.raise_for_status() # 检查请求是否成功
# return response.content
# except requests.Timeout:
# logger.warning(f"请求 {url} 超时,跳过保存操作。")
# return None
# except RequestException as e:
# logger.warning(f"请求 {url} 时发生错误: {e}")
# return None # 返回None表示请求失败
# def parse_rss(rss_content):
# items = []
# root = ET.fromstring(rss_content)
# for item in root.findall('.//item'):
# item_dict = {}
# for child in item:
# tag = child.tag
# # 将一标签替换名称方便处理
# if tag.startswith('{http://purl.org/rss/1.0/modules/content/}'):
# tag = 'body'
# item_dict[tag] = child.text
# items.append(item_dict)
# return items
# def save_to_json(data, filename):
# with open(filename, 'w', encoding='utf-8') as f:
# json.dump(data, f, ensure_ascii=False, indent=4)
# def freebuf_main():
# url = "https://www.freebuf.com/feed"
# rss_content = fetch_rss(url, headers)
# if rss_content is None:
# logger.warning("无法获取Freebuf RSS内容跳过保存操作。")
# return
# try:
# items = parse_rss(rss_content)
# # 确保目录存在
# os.makedirs(os.path.dirname('./resources/JSON/freebuf.json'), exist_ok=True)
# # 将解析后的数据保存到 JSON 文件
# save_to_json(items, './resources/JSON/freebuf.json')
# logger.info("数据已保存到 ./resources/JSON/freebuf.json")
# except Exception as e:
# logger.warning(f"解析或保存Freebuf RSS内容时发生错误: {e}")
# if __name__ == '__main__':
# freebuf_main()
# -*- coding: utf-8 -*-
import os
import requests
import subprocess
import xml.etree.ElementTree as ET
import json
from requests.exceptions import RequestException
from loguru import logger
# 测试用爬虫请求头
headers = {
"Content-Type": "application/json",
"Cache-Control": "no-cache",
"Upgrade-Insecure-Requests": "1",
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.55 Safari/537.36",
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
"Sec-Fetch-Site": "same-origin",
"Sec-Fetch-Mode": "navigate",
"Sec-Fetch-User": "?1",
"Sec-Fetch-Dest": "document",
"Accept-Language": "zh-CN,zh;q=0.9"
}
def fetch_rss(url, headers, timeout=20):
def fetch_rss_curl(url, timeout=30):
"""使用 curl 直接 GET 请求获取 RSS 内容"""
try:
response = requests.get(url, headers=headers, timeout=timeout)
response.raise_for_status() # 检查请求是否成功
return response.content
except requests.Timeout:
logger.warning(f"请求 {url} 超时,跳过保存操作。")
# 最简单的 curl GET 请求
cmd = [
'curl',
'-s', # 静默模式
'-L', # 跟随重定向
'--max-time', str(timeout),
url
]
# 执行 curl 命令
result = subprocess.run(
cmd,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
timeout=timeout + 10
)
if result.returncode != 0:
logger.warning(f"curl 命令执行失败: {result.stderr.decode('utf-8', errors='ignore')}")
return None
content = result.stdout
# 检查是否为空
if not content or len(content) < 100:
logger.warning(f"curl 返回的内容过短或为空,长度: {len(content)}")
return None
logger.info(f"成功通过 curl 获取 Freebuf RSS内容长度: {len(content)}")
return content
except FileNotFoundError:
logger.error("系统中未找到 curl 命令,请确保已安装 curl")
return None
except subprocess.TimeoutExpired:
logger.warning(f"curl 命令执行超时({timeout}秒)")
return None
except Exception as e:
logger.warning(f"使用 curl 获取 RSS 时发生错误: {e}")
return None
except RequestException as e:
logger.warning(f"请求 {url} 时发生错误: {e}")
return None # 返回None表示请求失败
def parse_rss(rss_content):
"""解析 RSS 内容"""
items = []
root = ET.fromstring(rss_content)
for item in root.findall('.//item'):
item_dict = {}
for child in item:
tag = child.tag
# 将一标签替换名称方便处理
if tag.startswith('{http://purl.org/rss/1.0/modules/content/}'):
tag = 'body'
item_dict[tag] = child.text
items.append(item_dict)
if rss_content is None:
return items
try:
# 清理可能的 BOM
if isinstance(rss_content, bytes):
if rss_content.startswith(b'\xef\xbb\xbf'):
rss_content = rss_content[3:]
rss_text = rss_content.decode('utf-8', errors='ignore')
else:
rss_text = rss_content
# 查找第一个 < 字符
first_lt = rss_text.find('<')
if first_lt != -1:
rss_text = rss_text[first_lt:]
root = ET.fromstring(rss_text)
for item in root.findall('.//item'):
item_dict = {}
for child in item:
tag = child.tag
if tag.startswith('{http://purl.org/rss/1.0/modules/content/}'):
tag = 'body'
item_dict[tag] = child.text
items.append(item_dict)
except ET.ParseError as e:
logger.warning(f"XML 解析错误: {e}")
except Exception as e:
logger.warning(f"解析 RSS 时发生错误: {e}")
return items
def save_to_json(data, filename):
@ -52,7 +171,9 @@ def save_to_json(data, filename):
def freebuf_main():
url = "https://www.freebuf.com/feed"
rss_content = fetch_rss(url, headers)
logger.info("开始获取 Freebuf RSS 内容...")
rss_content = fetch_rss_curl(url)
if rss_content is None:
logger.warning("无法获取Freebuf RSS内容跳过保存操作。")
@ -61,12 +182,14 @@ def freebuf_main():
try:
items = parse_rss(rss_content)
# 确保目录存在
os.makedirs(os.path.dirname('./resources/JSON/freebuf.json'), exist_ok=True)
if not items:
logger.warning("解析后的 Freebuf RSS 数据为空。")
return
# 将解析后的数据保存到 JSON 文件
os.makedirs(os.path.dirname('./resources/JSON/freebuf.json'), exist_ok=True)
save_to_json(items, './resources/JSON/freebuf.json')
logger.info("数据已保存到 ./resources/JSON/freebuf.json")
logger.info(f"数据已保存到 ./resources/JSON/freebuf.json{len(items)} 条记录。")
except Exception as e:
logger.warning(f"解析或保存Freebuf RSS内容时发生错误: {e}")