{"locale":"zh","total":7,"articles":[{"title":"CanisterWiper蠕虫通过配置错误的云存储攻击伊朗","digest":"一个犯罪组织部署了自传播的CanisterWiper恶意软件攻击伊朗实体，利用配置错误的云存储进行传播和数据破坏。","content_source_url":"https://zcybernews.com/zh/articles/2026-04-12-canisterwiper-worm-targets-iran-via-misconfigured-cloud-stor","author":"ZCyberNews","date":"2026-04-12","category":"malware","tags":["canisterwiper","wiper malware","redis","cloud storage","iran","geopolitical","data destruction"],"severity":null,"threat_actor":null},{"title":"Google DBSC 在 Chrome 146 中阻止会话劫持攻击","digest":"Google 在 Chrome 146 中推出的设备绑定会话凭证（DBSC）通过加密方式将会话 Cookie 绑定到设备，从而阻止窃取 Cookie 的恶意软件劫持账户。","content_source_url":"https://zcybernews.com/zh/articles/2026-04-11-google-dbsc-in-chrome-146-blocks-session-hijacking-attacks","author":"AleCyberNews","date":"2026-04-11","category":"tools","tags":["device-bound session credentials","dbsc","chrome 146","session hijacking","session cookie theft","infostealing malware","browser security","authentication security"],"severity":null,"threat_actor":null},{"title":"APT28将简单的路由器入侵与复杂的恶意软件相结合","digest":"在国家资助的网络间谍活动的隐秘世界中，一场新的行动模糊了复杂恶意软件与令人震惊的简单入侵之间的界限。被追踪为**APT28**（亦","content_source_url":"https://zcybernews.com/zh/articles/2026-04-10-apt28-blends-simple-router-hacks-with-sophisticated-malware","author":"AleCyberNews","date":"2026-04-10","category":"threat-intel","tags":[],"severity":null,"threat_actor":null},{"title":"新型 Mac 恶意软件威胁绕过 Apple 安全防护","digest":"新一轮复杂的恶意软件活动正将目标对准 macOS，利用巧妙的社会工程学和新颖的技术手段来绕过 Apple 的安全措施。安全研究人员已识","content_source_url":"https://zcybernews.com/zh/articles/2026-04-10-new-mac-malware-threats-bypass-apple-security","author":"AleCyberNews","date":"2026-04-10","category":"malware","tags":["macOS","malware","infostealer","ClickFix"],"severity":null,"threat_actor":null},{"title":"俄罗斯APT28在全球间谍活动中劫持路由器","digest":"这鲜明地提醒我们，复杂的国家资助间谍活动并非总是需要复杂的恶意软件，俄罗斯臭名昭著的**APT28**威胁组织正在通过武器化","content_source_url":"https://zcybernews.com/zh/articles/2026-04-10-russian-apt28-hijacks-routers-in-global-spy-campaign","author":"AleCyberNews","date":"2026-04-10","category":"threat-intel","tags":[],"severity":null,"threat_actor":null},{"title":"LockBit 4.0 采用新型规避技术瞄准医疗保健行业","digest":"LockBit 4.0 operators 已针对北美和欧洲的医疗保健组织发起了一场协同攻击行动，部署了经过更新的 ransomware，该 ransomware 具备增强的 EDR 规避能力，并配备了一个新的 double-extortion portal。","content_source_url":"https://zcybernews.com/zh/articles/lockbit-ransomware-healthcare-2026","author":"AleCyberNews","date":"2026-04-09","category":"threat-intel","tags":["ransomware","lockbit","healthcare","apt","double-extortion"],"severity":"critical","threat_actor":"LockBit 4.0"},{"title":"GPT-5 发布：对企业防御者的安全影响","digest":"OpenAI的GPT-5提升了AI辅助网络攻击的门槛——大规模鱼叉式网络钓鱼、自动化漏洞利用生成以及深度伪造社交工程。以下是安全团队需要了解并采取的措施。","content_source_url":"https://zcybernews.com/zh/articles/gpt5-security-implications-enterprise","author":"AleCyberNews","date":"2026-04-08","category":"ai","tags":["ai","llm","gpt-5","phishing","social-engineering","threat-modeling"],"severity":"high","threat_actor":null}]}