日期	订阅者增长	提及	频道
30 六月	+171
29 六月	+5
28 六月	+29
27 六月	+9
26 六月	+5
25 六月	+15
24 六月	+5
23 六月	+1
22 六月	+4
21 六月	+9
20 六月	+5
19 六月	+9
18 六月	+19
17 六月	+9
16 六月	+8
15 六月	+11
14 六月	+49
13 六月	+40
12 六月	+23
11 六月	+14
10 六月	+14
09 六月	+20
08 六月	+40
07 六月	+254
06 六月	+27
05 六月	+2
04 六月	+10
03 六月	+34
02 六月	+33
01 六月	+30

频道帖子

‼️Researchers found six wireless pre-authentication vulnerabilities in Apple AirDrop and Google/Samsung Quick Share, the proximity file-transfer protocols running on over 5 billion devices. The bugs are reachable from wireless range with no pairing. Five are denial-of-service or protocol-manipulation flaws. One, a use-after-free in Quick Share for Windows, earned a Google bounty and is rated potentially exploitable. The team says it could not bypass the file-transfer consent prompt. Apple, Samsung, and Google have acknowledged the reports Most are not yet patched, and no CVEs have been assigned, with one pending for the Windows bug. Read: https://www.internationalcyberdigest.com/researchers-find-six-new-vulnerabilities-in-airdrop-and-quick-share-affecting-5-billion-devices/

2	+1 ‼️ BREAKING: Anthropic has embedded hidden spyware-like code in Claude Code that covertly targets Chinese users. It then sends information regarding every user by injecting it into their prompt message. Claude Code is sending info like timezone, proxy and possible AI Lab connections into the system prompt in ways Chinese users can't notice. A coding agent with repo and command permissions should not silently hide routing metadata inside prompts. This is a serious breach of user trust. Read: https://www.internationalcyberdigest.com/claude-code-accused-of-hiding-china-proxy-fingerprints-inside-system-prompts/	744
3	‼️ iPhone 18 Pro photos were LEAKED as a result of the Tata Electronics breach we reported about recently. On the specs: the A20 Pro is reportedly fabbed by TSMC on its first 2nm (N2) process, paired with 96-bit-wide LPDDR6 and a reported 12GB on the 18 Pro. Tata builds about a third of Apple's iPhones in India, more than 204,000 documents totalling 630+ GB have been leaked including Tesla and Apple confidential documents. https://www.internationalcyberdigest.com/tata-electronics-leaked-iphone-18-pro-photos-and-designs/	1 102
4	+9 ‼️ iPhone 18 Pro photos were LEAKED as a result of the Tata Electronics breach we reported about recently. On the specs: the A20 Pro is reportedly fabbed by TSMC on its first 2nm (N2) process, paired with 96-bit-wide LPDDR6 and a reported 12GB on the 18 Pro. Tata builds about a third of Apple's iPhones in India, more than 204,000 documents totalling 630+ GB have been leaked including Tesla and Apple confidential documents. https://www.internationalcyberdigest.com/tata-electronics-leaked-iphone-18-pro-photos-and-designs/	1 120
5	‼️ iPhone 18 Pro photos were LEAKED as a result of the Tata Electronics breach we reported about recently. On the specs: the A20 Pro is reportedly fabbed by TSMC on its first 2nm (N2) process, paired with 96-bit-wide LPDDR6 and a reported 12GB on the 18 Pro. Tata builds about a third of Apple's iPhones in India, more than 204,000 documents totalling 630+ GB have been leaked including Tesla and Apple confidential documents.	1
6	These Y-combinator snake-oil saleskids are doing everything to get attention these days. The average security professional would destroy this fella if he walked into their office with a cake like that. Instant blacklist.	1 138
7	In the Russian town of Podolsk, a 13-year-old boy set fire to a fuel pump at a gas station. According to Russia's Interior Ministry, online handlers had tricked him into doing it. The boy had been chatting with someone online he thought was a girl, and he'd shared his location with "her." The handlers then told him that location was going to be used to target a Ukrainian missile strike, and that the only way to stop the strike was to burn down the gas station.	1 118
8	+1 Chinese AI models have matched the performance of Anthropic’s powerful model Mythos in some cybersecurity scenarios. Researchers point to Zhipu AI's open-weight GLM-5.2 and a new tool, Tulongfeng, from 360 Security Technology, whose CEO said the capability cannot stay "solely in American hands." The Trump administration has kept the more capable Anthropic models, Fable and Mythos, off-limits to foreign users for more than two weeks while continuing to clear AI chip exports to China, a pairing one former export-control official called "a gift to China." https://www.internationalcyberdigest.com/china-matches-mythos-on-cyber-bug-finding-as-the-us-restricts-its-own-model/	1 093
9	+1 The internet could change if the U.S. House passes the KIDS Act today to "protect children." Critics warn it could mean de facto age checks for everyone and weakened encrypted communications. The KIDS Act is a package of around a dozen bills that pairs a revised Kids Online Safety Act with new age-verification, AI chatbot, and messaging rules. Digital rights group EFF warns the design would pressure platforms to age-check all users, not just minors, since liability can attach when a service "should have known" a user's age, and flags new rules touching encrypted and disappearing messages. Sponsors Brett Guthrie (R) and Frank Pallone (D) say it's kids-safety protection and note KOSA's text says age verification isn't required. https://www.internationalcyberdigest.com/a-kids-safety-bill-heads-to-a-u-s-house-vote-give-us-your-freedom/	1 099
10	+1 A Microsoft Critical Environment Technician in Italy resigned because “Microsoft is massively expanding its European data centers (aka mass surveillance centers) to use Palestine as a laboratory for its experimental digital weaponry.” He sent this in a mass email to thousands of colleagues protesting the company's ties to Israeli military surveillance, according to The Canary. The worker, identified only by a pseudonym, framed the move as part of the worker-led No Azure for Apartheid campaign. The protest rests on a documented controversy. An investigation reported that Israel's Unit 8200 stored intercepted Palestinian phone calls on customized Azure infrastructure, and Microsoft, after first saying it found no evidence of civilian harm, later cut the unit's access to some Azure storage and AI services. Microsoft has faced repeated internal revolts, firings, and event disruptions over its Israeli defense work, and the campaign now spans multiple countries, keeping pressure on how hyperscalers handle military and intelligence customers.	1 136
11	Someone released an article about what is basically an offline VirusTotal without burning your payload: a security researcher reverse-engineered four major EDRs (SentinelOne, Cortex XDR, CrowdStrike, and Sophos) and extracted their detection logic from on-disk agent binaries, ML models, YARA rules, and behavioral scripts. The project rebuilds the kernel telemetry stack those products run on, including Windows process, thread, registry, and handle callbacks plus a file-system minifilter. It even reconstructs access to the ETW Threat Intelligence provider that Windows normally reserves for protected anti-malware processes. Thus, both the detection rules and the sensor layer can be replicated outside the vendor’s agent. https://blog.otterpwn.com/projects/heavener	1 100
12	+1 US House Homeland Security Chair Andrew Garbarino is scared of Mythos's capabilities and says 95% of his colleagues "don't understand what the hell's going on." By his account, Anthropic told the model to find a vulnerability in a bank and empty accounts. It did, he says, then identified the same flaw and could patch it. A separate jailbreak demo, of an unspecified model, produced a plan to kidnap a lawmaker in 30 seconds.	1 169
13	Holy shit, this guy tried to weaken @sama by facing him alone while astral projecting and got spiritually injured. Turns out Sam is too powerful.	1 217
14	+1 Google told a security researcher his bug was a 'nice catch', lined up his payout, then eleven days later called it harmless and refused to pay. The bug, which the researcher named ConfigConfusion, is an unpatched flaw in Google Config Connector that he says lets anyone with basic Kubernetes access grant themselves owner rights over an entire Google Cloud organization. Google's stated reason for the reversal was that the tool works as designed, and it declined to assign a CVE. Months on, there is still no patch. Google's own docs recommend running Config Connector with organization-level permissions, so plenty of teams are exposed.	1 171
15	+1 The costliest cyberattack in UK history, that shut down Jaguar Land Rover for five weeks last year, was the work of Russian hackers and not the collective that claimed it, the New York Times reports, citing five people familiar with the investigation. That overturns the earlier assumption that Scattered Lapsus$ Hunters, the collective that publicly claimed the breach, was responsible. No ransom was ever demanded. Investigators are still working out whether the Kremlin directed the attack or simply allowed it, which would move it from ordinary ransomware toward a state-tolerated strike on a NATO economy. It cost an estimated $2.5 billion in economic damage and about $350 million to the company, and hit a manufacturer both the British military and the royal family rely on.	1 152
16	An anonymous GitHub account is mass-dropping exploit PoCs framed as undisclosed 0-days, with a note telling readers to report them and "take credit for the CVE" themselves. Coordinated disclosure, minus the coordination. Source: https://github.com/bikini/exploitarium	1 254
17	> be Polymarket > hacker says you're "compromised" > make fun of hackers 😂 > "which VC paid you to post this?" > we and half of cybersec X tell you not to taunt them > ignore everyone > 2 months later a third-party vendor injects a malicious script into your frontend > ~$3M drained from user wallets, swapped to ETH > compromised	2 718
18	+1 A Wikipedia cofounder just got banned from Wikipedia. Larry Sanger, who helped launch the site in 2001 and left in 2002, was indefinitely blocked after editors accused him of "off-wiki canvassing": using his X following to influence an internal debate. He'd been pushing a WikiProject to fight what he calls the site's "globalist, secular, progressive" bias. Editors ruled he's "not here to constructively build the encyclopedia." His response: "Wikipedia has become more of a mob-rule anarchy than ever."	1 140
19	+1 The Lapsus$ hacker who leaked 90 clips of unfinished GTA 6 gameplay in 2022 is posting selfies on Snapchat from his prison cell, using a smuggled phone. Arion Kurtaj was sentenced in 2023 to an indefinite hospital order due to his severe autism, after a judge ruled he remained a high risk of reoffending.	1 078
20	+1 The EU's Chat Control fight just reignited, and critics warn the worst case is back on the table: mass scanning of private messages, detection orders without a judicial warrant, and the end of anonymous communication through forced age verification. Former MEP Patrick Breyer is warning of what he calls a "double attack" on encrypted messaging: EU government envoys met Friday to try to revive lapsed rules allowing "voluntary" scanning of private chats, and Monday June 29 brings the final trilogue on the permanent Child Sexual Abuse Regulation (Chat Control 2.0). Parliament rejected extending the old scanning rules in March and they expired in April. Breyer claims EP President Roberta Metsola is maneuvering to force another vote, which Politico has also reported. Backers, including the Commission, call it child protection. Civil society has relaunched fightchatcontrol.eu to push MEPs before Monday.	1 128

查看所有帖子