漏洞 Vulnerability Pwn2Own 2021大会上曝出Exchange存在未授权代码执行漏洞 https://twitter.com/thezdi/status/1379467992862449664 Django发布安全更新修复一个低危漏洞 https://www.djangoproject.com/weblog/2021/apr/06/security-releases/ VRealize Operations高危漏洞POC已公开 https://attackerkb.com/topics/51Vx3lNI7B/cve-2021-21975 Rockwell FactoryTalk AssetCenter存在严重漏洞 https://securityaffairs.co/wordpress/116391/ics-scada/rockwell-factorytalk-assetcentre-flaws.html 安全事件 Security Incident 深信服VPN客户端远程下载文件执行挖掘（已修复） https://mp.weixin.qq.com/s/XbsxziIFKx8VhGd-pv0Ghg Aurora活动：针对阿塞拜疆的网络攻击 https://blog.malwarebytes.com/threat-analysis/2021/04/aurora-campaign-attacking-azerbaijan-using-multiple-rats/ EtterSilent为黑客提供廉价工具 https://www.scmagazine.com/home/security-news/ransomware/hackers-rush-to-new-doc-builder-that-uses-macro-exploit-posing-as-docusign/ 医疗网络钓鱼事件导致重大数据泄露 https://www.databreachtoday.com/healthcare-phishing-incidents-lead-to-big-breaches-a-16339