2024年5月29日,美国司法部发布通告,声称其执法活动摧毁了"史上最大的僵尸网络" 911 S5,查封了相关域名
", "published": "Fri, 14 Jun 2024 09:20:11 GMT", "source": "360 Netlab Blog" }, { "title": "Heads up! Xdr33, A Variant Of CIA’s HIVE Attack Kit Emerges", "link": "https://blog.netlab.360.com/headsup_xdr33_variant_of_ciahive_emeerges/", "author": "Alex.Turing", "description": "On Oct 21, 2022, 360Netlab's honeypot system captured a suspicious ELF file ee07a74d12c0bb3594965b51d0e45b6f, which propagated via F5 vulnerability with zero VT detection, our system observces that it communicates with IP 45.9.150.144 using SSL with forged Kaspersky certificates, this caught our attention. After further lookup,
2022年10月21日,360Netlab的蜜罐系统捕获了一个通过F5漏洞传播,VT 0检测的可疑ELF文件ee07a74d12c0bb3594965b51d0e45b6f,流量监控系统提示它和
近期,我们的BotMon系统连续捕获到一个由Go编写的DDoS类型的僵尸网络家族,它用于DDoS攻击,使用了包括SSH/Telnet弱口
", "published": "Wed, 07 Dec 2022 12:58:21 GMT", "source": "360 Netlab Blog" }, { "title": "P2P Botnets: Review - Status - Continuous Monitoring", "link": "https://blog.netlab.360.com/p2p-botnets-review-status-continuous-monitoring/", "author": "360Netlab", "description": "P2P networks are more scalable and robust than traditional C/S structures, and these advantages were recognized by the botnet authors early on and used in their botnets. In terms of time, Storm, which appeared in 2007, can be considered the progenitor of this area, when botnet threats were
", "published": "Thu, 03 Nov 2022 14:00:00 GMT", "source": "360 Netlab Blog" }, { "title": "P2P 僵尸网络:回顾·现状·持续监测", "link": "https://blog.netlab.360.com/p2p-botnet-monitor/", "author": "360Netlab", "description": "P2P结构的网络比传统的C/S结构具有更好的可扩展性和健壮性,这些优点很早就为botnet的作者所认识到并被用到
", "published": "Wed, 02 Nov 2022 03:11:33 GMT", "source": "360 Netlab Blog" }, { "title": "Fodcha Is Coming Back, Raising A Wave of Ransom DDoS", "link": "https://blog.netlab.360.com/fodcha-is-coming-back-with-rddos/", "author": "Alex.Turing", "description": "On April 13, 2022, 360Netlab first disclosed the Fodcha botnet. After our article was published, Fodcha suffered a crackdown from the relevant authorities, and its authors quickly responded by leaving "Netlab pls leave me alone I surrender" in an updated sample.No surprise, Fodcha's authors
2022年4月13日,360Netlab首次向社区披露了Fodcha僵尸网络,在我们的文章发表之后,Fodcha遭受到相关部门的打击,其作者
", "published": "Thu, 27 Oct 2022 02:49:26 GMT", "source": "360 Netlab Blog" }, { "title": "PureCrypter is busy pumping out various malicious malware families", "link": "https://blog.netlab.360.com/purecrypter-is-busy-pumping-out-various-malicious-malware-families/", "author": "wanghao", "description": "In our daily botnet analysis work, it is common to encounter various loaders.Compared to other types of malware, loaders are unique in that they are mainly used to "promote", i.e., download and run other malware on the infected machine. According to our observations, most loaders are
", "published": "Mon, 29 Aug 2022 13:00:00 GMT", "source": "360 Netlab Blog" }, { "title": "PureCrypter Loader持续活跃,已经传播了10多个其它家族", "link": "https://blog.netlab.360.com/purecrypter/", "author": "wanghao", "description": "在我们的日常botnet分析工作中,碰到各种loader是常事。跟其它种类的malware相比,loader的特殊之处在于它主要用来“推广”,
", "published": "Mon, 29 Aug 2022 01:20:17 GMT", "source": "360 Netlab Blog" }, { "title": "A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information", "link": "https://blog.netlab.360.com/a-new-botnet-orchard-generates-dga-domains-with-bitcoin-transaction-information/", "author": "daji", "description": "DGA is one of the classic techniques for botnets to hide their C2s, attacker only needs to selectively register a very small number of C2 domains, while for the defenders, it is difficult to determine in advance which domain names will be generated and registered.
360 netlab has long focused
", "published": "Fri, 05 Aug 2022 14:00:00 GMT", "source": "360 Netlab Blog" }, { "title": "DGA家族Orchard持续变化,新版本用比特币交易信息生成DGA域名", "link": "https://blog.netlab.360.com/orchard-dga/", "author": "daji", "description": "DGA是一种经典的botnet对抗检测的技术,其原理是使用某种DGA算法,结合特定的种子和当前日期,定期生成大量的域名
", "published": "Fri, 05 Aug 2022 03:31:07 GMT", "source": "360 Netlab Blog" }, { "title": "公有云网络安全威胁情报(202204)", "link": "https://blog.netlab.360.com/public-cloud-threat-intelligence-202204/", "author": "360Netlab", "description": "本文聚焦于云上重点资产的扫描攻击、云服务器总体攻击情况分析、热门漏洞及恶意程序的攻击威胁。
本文聚焦于云上重点资产的扫描攻击、云服务器总体攻击情况分析、热门漏洞及恶意程序的攻击威胁。", "published": "Tue, 19 Apr 2022 02:24:17 GMT", "source": "360 Netlab Blog" }, { "title": "Fodcha, a new DDos botnet", "link": "https://blog.netlab.360.com/fodcha-a-new-ddos-botnet/", "author": "Hui Wang", "description": "
Recently, CNCERT and 360netlab worked together and discovered a rapidly spreading DDoS botnet on the Internet. The global infection looks fairly big as just in China there are more than 10,000 daily active bots (IPs) and alsomore than 100 DDoS victims beingtargeted on a daily basis. We named
", "published": "Wed, 13 Apr 2022 14:01:14 GMT", "source": "360 Netlab Blog" }, { "title": "GLiGuard:面向大语言模型安全防护的模式条件分类方法", "link": "https://paper.seebug.org/3485", "author": "", "description": "作者:Urchade Zaratiana, Mary Newhauser, George Hurn-Maloney, Ash Lewis 译者:知道创宇404实验室翻译组 原文链接:https://arxiv.org/html/2605.07982v1 摘要 保障大语言模型(LLM)输出安全合规、符合政策要求,需要能跨多安全维度实时扩展的内容审核机制。然而,当前最优的安全护栏模型均基于70亿–27...", "published": "2026-05-11 16:40:13", "source": "知道创宇404实验室" }, { "title": "基于大语言模型的 AI 智能体安全威胁与防御系统性综述——分层攻击面框架", "link": "https://paper.seebug.org/3484", "author": "", "description": "作者:Kexin Chu 译者:知道创宇404实验室翻译组 原文链接:https://arxiv.org/pdf/2604.23338v2 摘要 智能体AI系统可跨多会话规划、保留记忆、调用外部工具并与对等智能体协同,无状态大语言模型则不具备这些能力。现有安全分类体系按攻击类型(如提示注入、越狱)划分威胁,却未说明脆弱的架构组件或威胁显现的时间尺度。本文直接解决这些结构性问题,提出分层攻击面模型(...", "published": "2026-05-09 16:53:56", "source": "知道创宇404实验室" }, { "title": "ReTokSync:面向生成式语言隐写的自同步分词消歧方法", "link": "https://paper.seebug.org/3481", "author": "", "description": "作者:Yaofei Wang, Rui Wang, Weilong Pang等 译者:知道创宇404实验室翻译组 原文链接:https://arxiv.org/html/2604.25486v1 摘要 生成式语言隐写(GLS)通过将秘密信息嵌入自然语言生成过程实现隐蔽通信。然而在实际部署中,GLS易受分词歧义影响:相同的表层文本在接收端可能被重新分词为不同的token序列,破坏通信双方共享的解码状...", "published": "2026-05-08 16:42:48", "source": "知道创宇404实验室" }, { "title": "素域 PINI:后量子 NTT 掩码的机器验证合成定理", "link": "https://paper.seebug.org/3480", "author": "", "description": "作者:Ray Iskander,Khaled Kirah 译者:知道创宇404实验室翻译组 原文链接:https://arxiv.org/abs/2604.25878v1 摘要 本文是后量子密码掩码数论变换(NTT)硬件形式化验证分析系列论文的第六篇。第一篇论文[1]建立了 QANARY 平台的结构依赖分析,第二篇论文[2]量化了部分 NTT 掩码下的安全裕度。布尔掩码的合成理论通过无干扰(NI)...", "published": "2026-05-06 16:44:36", "source": "知道创宇404实验室" }, { "title": "Google DeepMind:AI 智能体陷阱", "link": "https://paper.seebug.org/3479", "author": "", "description": "作者:Matija Franklin, Nenad Tomašev等 译者:知道创宇404实验室翻译组 原文链接:https://blog.qiaomu.ai/api/images/document/2026/04/603f0cae8cd8ab94-ai-agent-trap.pdf 摘要 自主AI智能体日益在网络中自主行动,它们面临一种全新挑战:信息环境本身。由此产生了一个关键安全漏洞,我们称之...", "published": "2026-04-24 16:54:27", "source": "知道创宇404实验室" }, { "title": "合法终端管理软件遭滥用:疑似银狐攻击事件分析与溯源", "link": "https://paper.seebug.org/3478", "author": "", "description": "作者:知道创宇高级威胁情报团队 一、事件概述 近期,我们在客户现场应急响应中排查到一起新型攻击事件。攻击者伪造常用工具安装包诱导执行,随即部署一款带有合法数字签名的终端管理软件。经技术溯源确认,该程序具备主机信息收集、远程控制等完整恶意能力,其 C2 基础设施与 “银狐” 高度关联。由于合法数字签名的天然 “免杀” 特性,该恶意程序可轻易绕过主流杀毒软件检测,实现隐蔽入侵与长期控制。 银狐简介 银...", "published": "2026-04-15 03:31:00", "source": "知道创宇404实验室" }, { "title": "SkillTrojan:针对基于技能的智能体系统的后门攻击", "link": "https://paper.seebug.org/3477", "author": "", "description": "作者:Yunhao Feng, Yifan Ding, Yingshui Tan等 译者:知道创宇404实验室翻译组 原文链接:https://arxiv.org/html/2604.06811v1/https://arxiv.org/html/2604.06811v1 摘要 基于技能的智能体系统通过组合可复用技能完成复杂任务,在提升模块化与可扩展性的同时,引入了尚未被充分研究的安全攻击面。本文提...", "published": "2026-04-09 08:26:00", "source": "知道创宇404实验室" }, { "title": "GUARD‑SLM:面向小语言模型、基于令牌激活的越狱攻击防御方法", "link": "https://paper.seebug.org/3476", "author": "", "description": "作者:Md. Jueal Mia1, Joaquin Molto1, Yanzhao Wu1, M. Hadi Amini 译者:知道创宇404实验室翻译组 原文链接:https://arxiv.org/html/2603.28817v1/https://arxiv.org/html/2603.28817v1 摘要 小语言模型(SLM)正成为大语言模型(LLM)高效且经济可行的替代方案,在计算成本...", "published": "2026-04-03 02:48:00", "source": "知道创宇404实验室" }, { "title": "静默颠覆:通过卫星系统供应链植入物实施的传感器欺骗攻击", "link": "https://paper.seebug.org/3475", "author": "", "description": "作者:Jack Vanlyssel, Gruia-Catalin Roman, Afsah Anwar 译者:知道创宇404实验室翻译组 原文链接:https://arxiv.org/html/2603.10388v1/https://arxiv.org/html/2603.10388v1 摘要 欺骗攻击是地面系统最具破坏性的网络威胁之一,而在太空中这类威胁愈发危险——卫星难以在轨维修,且运营方依...", "published": "2026-03-24 09:47:00", "source": "知道创宇404实验室" }, { "title": "增强网络入侵检测系统:一种抵御对抗攻击的多层集成方法", "link": "https://paper.seebug.org/3474", "author": "", "description": "作者:Nasim Soltani, Shayan Nejadshamsi等 译者:知道创宇404实验室翻译组 原文链接:https://arxiv.org/html/2603.10413v1/https://arxiv.org/html/2603.10413v1 摘要 对抗样本会对机器学习(ML)算法构成严重威胁。若被用于操控基于机器学习的网络入侵检测系统(NIDS)行为,将危及网络安全。本研究旨...", "published": "2026-03-23 08:31:00", "source": "知道创宇404实验室" }, { "title": "CUDA Agent:面向高性能 CUDA 内核生成的大规模智能体强化学习", "link": "https://paper.seebug.org/3473", "author": "", "description": "作者:Weinan Dai, Hanlin Wu, Qiying Yu等 译者:知道创宇404实验室翻译组 原文链接:https://arxiv.org/html/2602.24286v1/https://arxiv.org/html/2602.24286v1 摘要 GPU内核优化是现代深度学习的基础,但仍是一项高度专业化的任务,需要深厚的硬件专业知识。尽管大语言模型(LLM)在通用编程任务中表现...", "published": "2026-03-17 09:50:00", "source": "知道创宇404实验室" }, { "title": "Unmasking SilverFox’s New Trends: Decoding Evasion Tactics, Domain Impersonation, and Mass-Generated Fake Software", "link": "https://paper.seebug.org/3472", "author": "", "description": "Author: Knownsec 404 Advanced Threat Intelligence Team I. Introduction SilverFox has become one of the most active cyber threats in recent years, targeting managerial and finance staff in organization...", "published": "2026-03-13 08:30:00", "source": "知道创宇404实验室" }, { "title": "基于图像的提示注入:通过视觉嵌入的对抗性指令劫持多模态大语言模型", "link": "https://paper.seebug.org/3471", "author": "", "description": "作者:Neha Nagaraja, Lan Zhang, Zhilong Wang 译者:知道创宇404实验室翻译组 原文链接:https://arxiv.org/html/2603.03637v1/https://arxiv.org/html/2603.03637v1 摘要:多模态大语言模型(MLLMs)融合视觉与文本能力赋能各类应用,但这种融合也引入了新的安全漏洞。本文研究基于图像的提示注入(...", "published": "2026-03-11 01:29:00", "source": "知道创宇404实验室" }, { "title": "虚假 OpenClaw 安装程序如何传播 GhostSocks 恶意软件", "link": "https://paper.seebug.org/3470", "author": "", "description": "作者:Jai Minton, Ryan Dowd 原文链接:https://www.huntress.com/blog/openclaw-github-ghostsocks-infostealer/https://www.huntress.com/blog/openclaw-github-ghostsocks-infostealer 摘要 信息窃取型恶意软件是针对面向公众系统发起严重攻击的初始访问...", "published": "2026-03-10 01:45:00", "source": "知道创宇404实验室" }, { "title": "当 AI Agent 拥有系统权限:OpenClaw 安全风险全景分析", "link": "https://paper.seebug.org/3469", "author": "", "description": "作者:知道创宇积极防御实验室 完整的 OpenClaw 安全实践 Skill、自动化审计工具已在 GitHub 开源。项目地址:https://github.com/knownsec/openclaw-security/https://github.com/knownsec/openclaw-security 一、背景说明 随着 AI Agent 技术的快速演进,具备自动化决策与自主执行能力的开源...", "published": "2026-03-06 07:34:00", "source": "知道创宇404实验室" }, { "title": "我们扫描了五万个 Skill,发现危险仍然存在 | 朱雀实验室", "link": "https://security.tencent.com/index.php/blog/msg/224", "author": "", "description": "真正的问题不是扫出了什么,是:这个生态还有没有,有效的免疫系统? 腾讯安全平台部负责人 Coolc腾讯安全平台部负责人 Coolc", "published": "2026-04-26 15:51:04", "source": "腾讯安全响应中心" }, { "title": "从发现 33 个 0day 漏洞,看安全攻防的下半场 | 朱雀实验室", "link": "https://security.tencent.com/index.php/blog/msg/222", "author": "", "description": "2026 年 4 月 7 日,Anthropic 联合 Apple、Google、Microsoft 等 45 家机构发布 Project Glasswing 计划,并宣布其尚未公开发行的前沿模型 Claude Mythos Preview 在所有主要操作系统和浏览器中发现了数千个…", "published": "2026-04-10 17:45:09", "source": "腾讯安全响应中心" }, { "title": "从4.8亿下载量的 LiteLLM投毒事件,看 AI 基础设施安全攻与防 | 朱雀实验室", "link": "https://security.tencent.com/index.php/blog/msg/214", "author": "", "description": "近日,知名大模型网关工具 LiteLLM 遭遇供应链投毒,其 1.82.7和1.82.8 版本被植入恶意代码。由于该项目月下载量极高(近1亿月下载量),且被 DSPy 等众多主流…", "published": "2026-03-31 17:03:16", "source": "腾讯安全响应中心" }, { "title": "当AI学会背刺:深度剖析Agent Skills的安全陷阱 | 朱雀实验室", "link": "https://security.tencent.com/index.php/blog/msg/215", "author": "", "description": "你是否想过,当你让 AI 帮你写代码时,它可能正在你背后悄悄地干着其它事——比如,加密你的所有文件,然后弹出一个勒索提示?这不是吓唬你,而是我们研究后发现在各种…", "published": "2026-01-23 17:18:24", "source": "腾讯安全响应中心" }, { "title": "当 AI 成为代码贡献者,软件安全正在发生怎样的变化?", "link": "https://security.tencent.com/index.php/blog/msg/216", "author": "", "description": "随着 AI 技术加速融入软件研发流程,AI 已经成为新时代的“代码贡献者”。在显著提升研发效率的同时,AI 生成代码也对软件安全、漏洞治理和工程责任边界提出了新的挑战。", "published": "2026-01-05 17:37:14", "source": "腾讯安全响应中心" }, { "title": "A.S.E 2.0 正式发布 | 开放生态 · 动静协同 · 让 AI 编程安全可量化", "link": "https://security.tencent.com/index.php/blog/msg/217", "author": "", "description": "A.S.E (AI Code Generation Security Evaluation) - 你的 AI 鉴赏官,为你提供大模型安全实践工具,让你一眼就能选出最靠谱的 AI 队友。", "published": "2025-11-07 11:05:37", "source": "腾讯安全响应中心" }, { "title": "00后黑客落网!曾运营大型僵尸网络,频繁攻击腾讯游戏、DeepSeek、X平台", "link": "https://security.tencent.com/index.php/blog/msg/218", "author": "", "description": "据美国司法部通报,活跃多年的高危DDoS僵尸网络“RapperBot”(历史频繁攻击腾讯游戏、DeepSeek、X平台的幕后黑手)现已被成功取缔。该僵尸网络主谋、22岁的美国俄勒冈州男子Ethan…", "published": "2025-09-26 17:32:19", "source": "腾讯安全响应中心" }, { "title": "DeepSeek本地化部署有风险!快来看看你中招了吗?| 朱雀实验室", "link": "https://security.tencent.com/index.php/blog/msg/219", "author": "", "description": "2025年伊始,AI领域迎来一个重要变革 - DeepSeek R1开源发布,凭借着低成本、性能出众的优势,这个模型在短短几周内就获得空前关注。由于官网服务经常繁忙,大家开始选择使用Ollama+OpenWebUI、LM…", "published": "2025-02-18 16:04:12", "source": "腾讯安全响应中心" }, { "title": "AI 帮你高效构建代码安全策略【大模型应用实践系列四】", "link": "https://security.tencent.com/index.php/blog/msg/213", "author": "", "description": "腾讯啄木鸟代码安全团队,依托混元大模型的超强代码理解和安全分析能力,在SQL注入威胁检测场景验证中,新增识别上百个漏洞检测策略,相比传统方法人效比提升3.8倍,在Github高star项目上斩获10+0day漏洞。", "published": "2025-01-08 10:26:57", "source": "腾讯安全响应中心" }, { "title": "AI猎手:我们用大模型挖到了0day漏洞!【大模型应用实践系列三】", "link": "https://security.tencent.com/index.php/blog/msg/212", "author": "", "description": "AI版“赏金猎人”登场,基于混元大模型能力打造的自动漏洞挖掘工具,7*24小时自动感知、追踪、挖橱0day。 AI猎人VS黑客的角逐战正式开始。", "published": "2025-01-03 10:23:17", "source": "腾讯安全响应中心" }, { "title": "AI助力!明文密码泄漏无处遁形【大模型应用实践系列二】", "link": "https://security.tencent.com/index.php/blog/msg/211", "author": "", "description": "本文聚焦于密钥硬编码的问题,分析了传统检测策略的缺陷,并详细介绍了大模型在该场景下的优势、检测实施方案和效果。我们将继续推出更多关于大模型在研发安全、网络安全、威胁情报等领域的应用探索与总结", "published": "2024-12-05 17:14:13", "source": "腾讯安全响应中心" }, { "title": "大模型应用实践(一):AI助力Code Review安全漏洞发现", "link": "https://security.tencent.com/index.php/blog/msg/210", "author": "", "description": "借助混元大模型,腾讯啄木鸟代码安全团队在代码评审(Code Review,下文简称CR)场景下的安全漏洞检出能力取得显著提升,日均发现和阻断300+个代码安全风险,极大提升了公司核心数据资产安全性。", "published": "2024-11-27 10:39:46", "source": "腾讯安全响应中心" }, { "title": "红蓝对抗之隐蔽通信应用及防御", "link": "https://security.tencent.com/index.php/blog/msg/202", "author": "", "description": "腾讯蓝军和红军十多年案例经验、总结沉淀", "published": "2021-09-27 16:40:43", "source": "腾讯安全响应中心" }, { "title": "攻防启示:Chromium组件风险剖析与收敛", "link": "https://security.tencent.com/index.php/blog/msg/197", "author": "", "description": "Chromium内核的安全问题,早已悄无声息地牵动着互联网生活方方面面。基于对实战经历的复盘,本文将从Chromium架构及安全机制概况入手,剖析Chromium组件在多场景下给企业带来的安全风险并一探收敛方案。", "published": "2021-07-15 10:30:58", "source": "腾讯安全响应中心" }, { "title": "红蓝对抗中的云原生漏洞挖掘及利用实录", "link": "https://security.tencent.com/index.php/blog/msg/183", "author": "", "description": "分享攻防场景中的云原生相关漏洞挖掘及漏洞利用实例。", "published": "2021-03-02 09:00:26", "source": "腾讯安全响应中心" }, { "title": "腾讯蓝军安全通告:WebLogic远程代码执行漏洞(CVE-2020-14645)", "link": "https://security.tencent.com/index.php/blog/msg/157", "author": "", "description": "Oracle官方发布WebLogic安全更新,修复严重漏洞。", "published": "2020-07-15 16:16:05", "source": "腾讯安全响应中心" }, { "title": "红蓝对抗之Windows内网渗透", "link": "https://security.tencent.com/index.php/blog/msg/154", "author": "", "description": "无论是渗透测试,还是红蓝对抗,目的都是暴露风险,促进提升安全水平。企业往往在外网布置重兵把守,而内网防护相对来说千疮百孔,所以渗透高手往往通过攻击员工电脑、外网服务、职场WiFi等方式进入内网,然后发起内网渗透。而国内外红蓝对抗服务和开源攻击工具大多数以攻击Windows域为主,主要原因是域控拥有上帝能力,可以控制域内所有员工电脑,进而利用员工的合法权限获取目标权限和数据,达成渗透目的。", "published": "2020-06-30 19:02:37", "source": "腾讯安全响应中心" }, { "title": "现网发现新型DVR UDP反射攻击手法记实", "link": "https://security.tencent.com/index.php/blog/msg/146", "author": "", "description": "近日,游戏行业某云客户遭受到大流量DDoS攻击,宙斯盾团队跟进溯源。在对抓取的攻击样本进行深入分析之后,我们发现这是一种新的UDP反射放大攻击手法,相关情况也分享同步与业界同行。", "published": "2020-03-31 21:28:26", "source": "腾讯安全响应中心" }, { "title": "WAF建设运营及AI应用实践", "link": "https://security.tencent.com/index.php/blog/msg/145", "author": "", "description": "对于大型互联网公司而言,业务众多,网络流量巨大,涉及的域名、服务器资源均属海量,在这个规模下的WAF的设计、研发、运营将会有比较多的现实挑战。", "published": "2020-03-24 15:29:51", "source": "腾讯安全响应中心" }, { "title": "浅谈DDoS攻防对抗中的AI实践", "link": "https://security.tencent.com/index.php/blog/msg/144", "author": "", "description": "DDoS对抗不仅需要“降本”还需要“增效”,宙斯盾DDoS防护系统通过AI算法学习经验数据,形成具备自学习、自进化、自适应特性的流量模型,将‘被动应对’发展成为‘主动进化’,增强DDoS攻防能力。", "published": "2020-03-18 16:55:51", "source": "腾讯安全响应中心" }, { "title": "美团SRC助力 | 你敢信,他们都来了!HPW白帽世界大会2026全议程发布", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247494896&idx=1&sn=5b3d4f7d62a8e7212d9dff1cc4910a45", "author": "美团技术团队", "description": "顶尖AI安全红队亲自传授秘籍,HPW2026,所有议题一次解锁!", "published": "2026-05-06 17:00:00", "source": "微信公众号" }, { "title": "江湖征召令|美团SRC专测活动进行中", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247494896&idx=2&sn=62b64d34eb01c165640ce5b18fc56cf3", "author": "美团技术团队", "description": "活动时间:2026年4月27日 - 5月20日", "published": "2026-05-06 17:00:00", "source": "微信公众号" }, { "title": "江湖征召令|美团SRC专测活动正式开启", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247494891&idx=1&sn=15e081c3c53f5ab38a5dd3380e470121", "author": "美团技术团队", "description": "活动时间:2026年4月27日 - 5月20日", "published": "2026-04-27 10:08:00", "source": "微信公众号" }, { "title": "美团SRC发布|AI生成漏洞报告提交规范公告", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247494883&idx=1&sn=f6eba6477129792a9c38896caff14be0", "author": "美团技术团队", "description": "请白帽师傅们在提交报告时恪守本文规范", "published": "2026-04-24 14:23:00", "source": "微信公众号" }, { "title": "致敬代码背后的守护者,美团SRC 2025年度荣誉答谢", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247494861&idx=1&sn=d50a94a54627f3de0db0ce8a06ff598e", "author": "美团技术团队", "description": "一份关于技术与荣誉的年度总结", "published": "2026-01-22 19:21:00", "source": "微信公众号" }, { "title": "热招|美团安全邀你共赴新征途!", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247494835&idx=1&sn=c20429c5049a31399fed6b33469f0f4d", "author": "美团技术团队", "description": "欢迎你的加入,让我们奔赴热爱,无畏山海,共筑安全长城。", "published": "2025-12-11 12:18:00", "source": "微信公众号" }, { "title": "活动|秋日“挖洞”季,邀您来测!", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493937&idx=1&sn=4a134bd3c3e16a0177d3b7ccc56aee2f", "author": "美团技术团队", "description": "内含中秋礼品福利!请及时更新平台默认收货地址哦!", "published": "2025-09-24 18:37:00", "source": "微信公众号" }, { "title": "活动|Keeta安全专测英雄帖:邀您洞见非凡,守护新域!", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493924&idx=1&sn=0e8ab3b3a2af4d1b20e62b31fb82ccc2", "author": "美团技术团队", "description": "活动时间:2025年8月22日-9月5日", "published": "2025-08-21 18:30:00", "source": "微信公众号" }, { "title": "美团安全应急响应中心漏洞测试高压线V2.0", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493924&idx=2&sn=af01328cacbe1fb5c29a08e52a26457a", "author": "美团技术团队", "description": "为帮助所有白帽子在美团SRC测试过程中规避违规风险,保护平台和白帽子的安全和利益,确保平台漏洞奖励机制得以良性运作,美团安全应急响应中心发布《漏洞测试高压线V2.0》。", "published": "2025-08-21 18:30:00", "source": "微信公众号" }, { "title": "筑牢AI防线,大模型安全专测活动已开启!", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493903&idx=1&sn=1c69a453dfe76bcd593df539dda3c6a6", "author": "美团技术团队", "description": "活动时间:6月9日-6月22日", "published": "2025-06-09 10:01:00", "source": "微信公众号" }, { "title": "报名 | 美团技术沙龙【AI+安全:智能技术在安全领域的应用探索】", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493889&idx=1&sn=4701431171173014d00aef3e7050372d", "author": "美团技术团队", "description": "6月19日(周四) 14:00 - 17:30,线上直播,快来报名吧", "published": "2025-05-29 12:03:00", "source": "微信公众号" }, { "title": "活动 |「春风送暖,安全同行」美团直播专测召集令", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493762&idx=1&sn=5599435d2eeb9cce063cb57ec68f6acb", "author": "美团技术团队", "description": "活动时间:2025.03.24-04.03", "published": "2025-03-24 10:00:00", "source": "微信公众号" }, { "title": "荣誉 | 美团SRC2024年终奖励荣耀揭晓", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493717&idx=1&sn=fe94bf647a29fff908cc7ed29b70554c", "author": "美团技术团队", "description": "向每一位守护者致敬!", "published": "2025-01-17 18:01:00", "source": "微信公众号" }, { "title": "美团SRC邀您领取新年礼盒啦!", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493717&idx=2&sn=f317d3190e4e199c933d1b29fa2f2d94", "author": "美团技术团队", "description": "获取方式见文中。", "published": "2025-01-17 18:01:00", "source": "微信公众号" }, { "title": "鸿蒙应用签名实操及机制探究", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493695&idx=1&sn=89a37bdee61841877d1acf28b8a68cbf", "author": "美团技术团队", "description": "本文对鸿蒙公开资料进行了深入分析和解读,梳理了鸿蒙单框架应用的签名机制,拆解每一步的实操过程和背后的实现原理,并对源码分析整理签名的校验机制。", "published": "2024-12-31 10:01:00", "source": "微信公众号" }, { "title": "白帽世界大会 | 美团SRC期待与您在澳门相见", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493590&idx=1&sn=0281d8d3faa07d26a91b338102cb7c61", "author": "美团技术团队", "description": "HackProve World 2025,用真正的技术,验证数字世界的安全。", "published": "2024-12-19 17:31:00", "source": "微信公众号" }, { "title": "年末冲刺!2024漏洞马拉松『美团站』正式启动", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493372&idx=1&sn=f8ed6cc9dc514805d164f9d47277e8f5", "author": "美团技术团队", "description": "活动时间:即日起至2024年12月15日。", "published": "2024-12-03 18:30:00", "source": "微信公众号" }, { "title": "活动|短视频激励系统专测开启!", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493353&idx=1&sn=60d8aea7934fa17d1e2077e2b879d3ae", "author": "美团技术团队", "description": "活动时间:11月25日-11月28日", "published": "2024-11-25 10:00:00", "source": "微信公众号" }, { "title": "活动|美团SRC七周年,多重惊喜派送中!", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493342&idx=1&sn=5aadfd7e004ccab04ad3286741aeca6f", "author": "美团技术团队", "description": "活动时间:11月11日10: 00-11月18日0: 00", "published": "2024-11-11 10:08:00", "source": "微信公众号" }, { "title": "活动正式开启|美团SRC邀您加入双11安全保卫战", "link": "https://mp.weixin.qq.com/s?__biz=MzI5MDc4MTM3Mg==&mid=2247493302&idx=1&sn=38e8eb7b46ba68d83932055efcf06386", "author": "美团技术团队", "description": "美团SRC活动时间:2024.09.19-09.30", "published": "2024-09-19 10:01:00", "source": "微信公众号" } ]