漏洞 Vulnerability CVE-2021-35464: ForgeRock AM远程代码执行漏洞通告 https://cert.360.cn/warning/detail?id=95aac3f95ad740c3f34f4c08a67b9868 CVE-2020-3580: Cisco ASA安全软件XSS漏洞通告 https://cert.360.cn/warning/detail?id=da110699471438ea6c30b12ac979e535 安全事件 Security Incident Lorenz由于算法问题，导致部分文件能解密 https://www.bleepingcomputer.com/news/security/lorenz-ransomware-decryptor-recovers-victims-files-for-free/ 使用 LoLBins 的恶意 Office 文档 https://www.netskope.com/blog/not-laughing-malicious-office-documents-using-lolbins 疑似Hades组织以军事题材针对乌克兰发起攻击 https://mp.weixin.qq.com/s/1wQbepT4pMJdv2k8uoR01w “WayBack”行动：隐藏在视线中的大规模行动 https://yoroi.company/research/the-wayback-campaign-a-large-scale-operation-hiding-in-plain-sight/ 美国超市巨头Wegmans敏感数据泄露 https://www.hackread.com/wegmans-supermarket-expose-sensitive-data/ REvil勒索软件的新Linux加密机针对ESXi虚拟机 https://www.bleepingcomputer.com/news/security/revil-ransomwares-new-linux-encryptor-targets-esxi-virtual-machines/