安全专家披露了一项活跃的恶意软件攻击活动，攻击者利用开源c-ares库中合法二进制文件的DLL侧加载漏洞，绕过安全控制并传播多种商业木马和窃取程序。攻击者将恶意libcares-2.dll与合法的已签名ahost.exe配对执行代码，绕过传统签名防护。此次攻击分发了Agent Tesla、CryptBot、Formbook等多种恶意软件，主要针对石油天然气、进出口等行业的财务、采购等岗位员工。

Active malware exploits DLL side-loading in a signed GitKraken binary to deliver trojans, stealers, and remote access malware ...

Windows Terminal brings that same vibe to the desktop, giving you the ability to open and use the Windows Terminal in Quake ...

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade ...

2025年12月初，以色列政府官网（gov.il）悄然上线一则安全通告，标题直指一个代号为“MuddyWater”（泥水）的网络威胁组织。尽管页面内容因Cloudflare验证机制未能完整抓取，但结合多方情报与历史攻击模式，网络安全界迅速达成共识：这是一次针对国家关键部门的高危预警。 通告虽简，却如警钟长鸣——MuddyWater正以更狡猾的鱼叉式钓鱼手段，瞄准政府机构、国防承包商、能源与电信等核 ...

网络安全研究人员披露了一起新的网络攻击活动详情，该活动利用WhatsApp作为分发媒介，在针对巴西的攻击中传播名为Astaroth的Windows银行木马。 这次攻击活动被安客诺斯威胁研究部门命名为Boto Cor-de-Rosa。

A WhatsApp worm is spreading Astaroth banking malware, automating infections and escalating financial cybercrime risks.

Ready to take your IT career to the next level? A top-tier fast growing manufacturing company in Alberton is on the hunt for a PowerBI Data Analyst who is ready to dive into real-time problem solving ...

Ready to take your IT career to the next level? A top-tier fast growing manufacturing company in Alberton is on the hunt for a PowerBI Data Analyst who is ready to dive into real-time problem solving ...

Developer Bertrand Quenin recently released an open-source project called "Interpreter" that aims to provide real-time translation for Japanese retro games. The tool can capture Japanese text ...

本文依据的是我对部分核电央企在2025年校招岗位的分析，得出的个人看法，仅供大家在志愿填报、选专业、选大学、职业规划时参考！ 上图为2025年招聘岗位映射图。