momo安全漏洞库

CEAarab/CVE-2026-26026-PoC

GitHub Repos/search CEAarab/CVE-2026-26026-PoC 发布时间 2026-04-22 入库 2026-04-22 21:29

language: Shell

taielab/ArmsIndex

GitHub 开源项目 taielab/ArmsIndex 更新 2026-04-10 入库 2026-04-11 05:25

Red Team Arsenal Manager - 红队武器库管理平台 | stars: 5 | forks: 0 | updated 2026-04-19T00:15:01Z | pushed 2026-04-16T06:09:07Z

Axios npm 供应链攻击从TTP层面特征的归属分析

奇安信威胁情报中心信息发布时间 2026-04-01 入库 2026-04-01 14:24

近日，热门JS库axios遭供应链攻击，攻击者劫持维护者npm账户，发布含恶意依赖plain-crypto-js@4.2.1的1.14.1/0.30.4版本。技术特征（预部署诱饵包、多平台载荷、反取证手段）与朝鲜LABYRINTH CHOLLIMA组织高度吻合，多家安全机构高置信度将攻击归因于该组织。

kaleth4/CVE-2026-33826

GitHub Repos/search kaleth4/CVE-2026-33826 发布时间 2026-04-22 入库 2026-04-22 20:35

language: Python

Clearzero22/security-tools

GitHub 开源项目 Clearzero22/security-tools 更新 2026-04-10 入库 2026-04-11 05:25

TeamPCP Supply Chain Campaign: Update 005 - First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows, (Wed, Apr 1st)

SANS Internet Storm Center 信息发布时间 2026-04-01 入库 2026-04-01 21:24

This is the fifth update to the TeamPCP supply chain campaign threat intelligence report, "When the Security Scanner Became the Weapon" (v3.0, March 25, 2026). Update 004 covered developments through March 30, including ...

kaleth4/CVE-2026-33825

GitHub Repos/search kaleth4/CVE-2026-33825 发布时间 2026-04-22 入库 2026-04-22 20:35

language: Python

eason204646-droid/dunhu

GitHub 开源项目 eason204646-droid/dunhu 更新 2026-04-10 入库 2026-04-15 14:06

高危风险提示｜又是供应链攻击！Axios npm包遭投毒，请尽快排查处置

腾讯安全威胁情报中心高危发布时间 2026-04-01 入库 2026-04-01 22:03

Axios npm包遭供应链投毒，恶意版本植入RAT木马窃取凭据，请速排查处置。

kaleth4/CVE-2026-33827

GitHub Repos/search kaleth4/CVE-2026-33827 发布时间 2026-04-22 入库 2026-04-22 20:14

language: Python

ktol1/RedTeam-Agent

GitHub 开源项目 ktol1/RedTeam-Agent 更新 2026-04-10 入库 2026-04-11 05:25

RedTeam-Agent: AI-Powered Autonomous Red Team Framework via Model Context Protocol. AI红队与内网渗透自动化框架，支持 gogo, fscan, httpx, nuclei, impacket, playwright 等 15+ 渗透工具，让 LLM 直接化身安全审计黑客。 | topics: active-directory, ai-agent, ai...

AI一句话挖出Vim RCE？还缺亿点点细节

微步在线研究响应中心中危发布时间 2026-04-01 入库 2026-04-01 21:24

立即查看详情 →

mobilehackinglab/CVE-2026-0006-openapv-poc

GitHub Repos/search 低危 mobilehackinglab/CVE-2026-0006-openapv-poc 发布时间 2026-04-22 入库 2026-04-22 17:13

CVE-2026-0006: Heap buffer overflow PoC for libopenapv (Android APV codec) - CVSS 9.8 | language: C

however-yir/howeverpromptfoo

GitHub 开源项目 however-yir/howeverpromptfoo 更新 2026-04-10 入库 2026-04-11 05:25

ISC Stormcast For Wednesday, April 1st, 2026 https://isc.sans.edu/podcastdetail/9874, (Wed, Apr 1st)

SANS Internet Storm Center 信息发布时间 2026-04-01 入库 2026-04-01 13:24

EQSTLab/CVE-2026-33937

GitHub Repos/search EQSTLab/CVE-2026-33937 发布时间 2026-04-22 入库 2026-04-22 13:12

language: HTML

SultanSah/-Taixu-Framework-Autonomous-Agent-Capital-AAC-2.0

GitHub 开源项目 SultanSah/-Taixu-Framework-Autonomous-Agent-Capital-AAC-2.0- 更新 2026-04-09 入库 2026-04-11 05:25

把东方修仙神话的宏大叙事，硬核地转化为可落地、可扩展的现代 AGI（通用人工智能）工程蓝图。构建一个以“硅基修仙”为底层逻辑的完全自治型 AI 资本实体架构。通过引入“洗髓”（上下文动态修剪）、“藏经”（高维向量检索）、“自创功法”（沙盒工具生成）与“渡劫”（RLHF/红队测试）机制，解决大模型记忆坍塌、算力冗余及涌现不可控的业界难题，实现 AI 代理的无限成长与跨国资本运作。 | language: Python | stars: ...

Multiple Vulnerabilities in Apple Products Could Allow for Privilege Escalation

CIS Advisories 中危发布时间 2026-03-31 入库 2026-04-02 05:27

<p>Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for privilege escalation. Successful exploitation of the most severe of these vulnerabilities could allow a user to...

truekas/ls-poc

GitHub Repos/search truekas/ls-poc 发布时间 2026-04-22 入库 2026-04-22 11:45

CVE-2026-30368 proof of concept | language: JavaScript

lyu549601-design/my-repo

GitHub 开源项目 lyu549601-design/my-repo 更新 2026-04-09 入库 2026-04-11 05:25

OpenClaw又又又危！Axios npm被投毒，植入全平台木马

微步在线研究响应中心信息发布时间 2026-03-31 入库 2026-03-31 23:37

今日，Axios这个年下载量超36亿、JavaScript 生态最核心的依赖之一，在 npm 仓库遭遇供应链投

John-Jung/CVE-2026-25604-PoC

GitHub Repos/search John-Jung/CVE-2026-25604-PoC 发布时间 2026-04-22 入库 2026-04-22 09:29

A PoC for demonstrating CVE-2026-25604 | language: Python

wodefox/KALI-Skill

GitHub 开源项目 wodefox/KALI-Skill 更新 2026-04-09 入库 2026-04-11 05:25

Coruna与DarkSword：iOS高端攻击武器扩散的威胁

奇安信威胁情报中心中危发布时间 2026-03-31 入库 2026-03-31 15:17

2026年3月，安全团队披露两款iOS零日漏洞利用工具包Coruna和DarkSword，这两款本属高级间谍武器的工具目前已经二手市场扩散至多个犯罪团伙，严重威胁普通用户安全。

Race Condition in GNU Sed

Microsoft MSRC CVE-2026-5958 发布时间 2026-04-22 入库 2026-04-24 15:13

biaomian09/biaomian

GitHub 开源项目 biaomian09/biaomian 更新 2026-04-09 入库 2026-04-15 14:06

自写安全工具 | stars: 0 | forks: 0 | updated 2026-04-09T06:36:51Z | pushed 2026-04-09T06:36:45Z

Application Control Bypass for Data Exfiltration, (Tue, Mar 31st)

SANS Internet Storm Center 信息发布时间 2026-03-31 入库 2026-03-31 16:17

In case of a cyber incident, most organizations fear more of data loss (via exfiltration) than regular data encryption because they have a good backup policy in place. If exfiltration happened, it means a total loss of c...

John-Jung/CVE-2026-26903-PoC

GitHub Repos/search John-Jung/CVE-2026-26903-PoC 发布时间 2026-04-22 入库 2026-04-22 08:36

A PoC for demonstrating CVE-2026-26903 | language: HTML

skeleton2024/ironclad-decision-engine

GitHub 开源项目 skeleton2024/ironclad-decision-engine 更新 2026-04-09 入库 2026-04-11 05:25

ISC Stormcast For Tuesday, March 31st, 2026 https://isc.sans.edu/podcastdetail/9872, (Tue, Mar 31st)

SANS Internet Storm Center 信息发布时间 2026-03-31 入库 2026-03-31 13:17

momo安全漏洞库

威胁情报

漏洞监控

网安开源项目

威胁情报