免责声明：以下内容原文来自互联网的公共方式，仅用于有限分享，译文内容不代表蚁景网安实验室观点，因此第三方对以下内容进行分享、传播等行为，以及所带来的一切后果与译者和蚁景网安实验室无关。以下内容亦不得用于任何商业目的，若产生法律责任，译者与蚁景网安实验室一律不予承担。

1、Apple 修补新的 macOS、iOS 零日漏洞

https://www.securityweek.com/apple-patches-new-macos-ios-zero-days

2、霍尼韦尔报告称针对工业设施的恶意软件52%是通过USB设备进行传播的

https://www.securityweek.com/81-malware-seen-usb-drives-industrial-facilities-can-disrupt-ics-honeywell

3、安卓恶意软件Bugdrop dropper 包含绕过 Google 安全控制的功能

https://securityaffairs.co/wordpress/134508/malware/bugdrop-android-malware.html

4、谷歌修复了被利用的新 Chrome 零日漏洞

https://securityaffairs.co/wordpress/134501/security/google-fifth-chrome-zero-day-exploited.html

5、Electron框架漏洞影响数十个应用程序

https://www.securityweek.com/security-analysis-leads-discovery-vulnerabilities-18-electron-applications

6、英特尔CPU构架漏洞ÆPIC Leak影响大多数10至12代CPU

https://securityaffairs.co/wordpress/134478/security/aepic-leak-architecturally-flaw.html

7、微软将在下个月默认禁用Edge中的TLS1.0/1.1支持

https://news.softpedia.com/news/microsoft-to-disable-tls-1-0-and-1-1-next-month-535935.shtml

8、研究人员发现多个影响UWB和RTLS通信的漏洞

https://www.bleepingcomputer.com/news/security/rtls-systems-vulnerable-to-mitm-attacks-location-manipulation/

9、CS GO皮肤交易网站CS.MONEY约600万美元用户资产遭黑客攻击被盗

https://www.bleepingcomputer.com/news/security/cs-go-trading-site-hacked-to-steal-6-million-worth-of-skins/

10、Lazarus Group针对使用macOS的求职者投放恶意软件

https://securityaffairs.co/wordpress/134491/malware/north-korea-mac-malware-m1.html