安全事件 Security Incident 疑似APT-C-55（Kimsuky）组织利用商业软件Web Browser Password Viewer进行攻击 https://mp.weixin.qq.com/s/QDI912ogVKyyKFYdKvBGdQ “幼象”组织在南亚地区的网络攻击活动分析 https://mp.weixin.qq.com/s/9emBT2btFA811QLRjU54tA 11个恶意PyPI Python库被抓到窃取Discord令牌和安装shell https://thehackernews.com/2021/11/11-malicious-pypi-python-libraries.html 新Memento勒索团伙利用WinRAR加密恶意文件 https://heimdalsecurity.com/blog/memento-ransomware-group-winrar-archives/ 研究人员入侵了Conti gang的支付网站 https://securityaffairs.co/wordpress/124837/cyber-crime/payment-portal-conti-gang-compromised.html 加州Pizza Kitchen遭遇数据泄露 https://securityaffairs.co/wordpress/124785/data-breach/california-pizza-kitchen-data-breach.html Sea Mar医疗数据被盗影响68万患者 https://www.scmagazine.com/analysis/breach/months-long-hack-theft-of-sea-mar-healthcare-data-impacts-688k-patients CKEditor漏洞对Drupal和其他下游应用程序构成XSS威胁 https://portswigger.net/daily-swig/ckeditor-vulnerabilities-pose-xss-threat-to-drupal-and-other-downstream-applications 600万Sky路由器在17个月内面临接管攻击 https://www.bleepingcomputer.com/news/security/six-million-sky-routers-exposed-to-takeover-attacks-for-17-months/ 假的TSA预检网站用假的续签合同欺骗美国旅客 https://www.bleepingcomputer.com/news/security/fake-tsa-precheck-sites-scam-us-travelers-with-fake-renewals/