免责声明：以下内容原文来自互联网的公共方式，仅用于有限分享，译文内容不代表蚁景网安实验室观点，因此第三方对以下内容进行分享、传播等行为，以及所带来的一切后果与译者和蚁景网安实验室无关。以下内容亦不得用于任何商业目的，若产生法律责任，译者与蚁景网安实验室一律不予承担。

1、思科修补SD-WAN vManage中的严重漏洞

https://www.securityweek.com/cisco-patches-critical-flaw-sd-wan-vmanage

2、开源学习平台Moodle漏洞可导致帐户被接管

https://securityaffairs.co/wordpress/116560/hacking/moodle-account-takeover-threats.html

3、暗网支付卡市场Swarmshop数据遭泄露

https://securityaffairs.co/wordpress/116549/cyber-crime/swarmshop-card-data-leak.html

4、PHP维护者确认在最近的攻击中用户数据库被入侵

https://securityaffairs.co/wordpress/116500/data-breach/php-sites-user-database-hacked.html

5、研究人员发现Azure Functions云容器逃逸提权漏洞

https://threatpost.com/azure-functions-privilege-escalation/165307/

6、研究人员发现新的Lazarus恶意软件Vyveva

https://www.welivesecurity.com/2021/04/08/are-you-afreight-dark-watch-out-vyveva-new-lazarus-backdoor/

7、Chrome 阻止访问10080端口以防被NAT滑流攻击利用

https://www.bleepingcomputer.com/news/security/google-chrome-blocks-a-new-port-to-stop-nat-slipstreaming-attacks/

8、CISA发布用于审查Office 365攻击活动的工具

https://www.bleepingcomputer.com/news/security/cisa-releases-tool-to-review-microsoft-365-post-compromise-activity/

9、Win 10，Chrome和Zoom均在Pwn2Own中被攻破

https://securityaffairs.co/wordpress/116542/hacking/pwn2own-2021-2-day-2.html

10、Google安全研究员批量BleedingTooth攻击详情

https://portswigger.net/daily-swig/bleedingtooth-google-drops-full-details-of-zero-click-linux-bluetooth-bug-chain-leading-to-rce