我们的信息来源

在用来源

当前驱动我们日常报道的信息源。权威独立媒体在编辑判断中权重最高;常规来源用于扩展覆盖面与多方交叉验证。

权威独立媒体

• CISA Alerts权威独立媒体RSS

  Official U.S. CISA cybersecurity alerts and advisories — authoritative primary source.

• CISA Known Exploited Vulnerabilities权威独立媒体

  CISA's KEV catalog — the authoritative list of actively exploited vulnerabilities requiring immediate remediation.

• Fortinet PSIRT Advisories权威独立媒体RSS

  Official Fortinet PSIRT advisory feed for vulnerability disclosures and remediation guidance.

• Google Project Zero权威独立媒体RSS

  Elite vulnerability research team publishing deep technical zero-day write-ups.

• Ivanti Security Advisories权威独立媒体RSS

  Official Ivanti security advisory feed with vulnerability disclosures and mitigation guidance.

• Kaspersky Securelist权威独立媒体RSS

  Kaspersky GReAT team's APT and crimeware research — widely cited primary source.

• Krebs on Security权威独立媒体RSS

  Brian Krebs' original investigative security reporting — the gold standard for attribution and follow-the-money analysis.

• NCSC UK权威独立媒体RSS

  UK National Cyber Security Centre all-content RSS feed; the threat-report-only feed currently returns zero items.

• NVD — Recent CVEs权威独立媒体

  NIST NVD 2.0 CVE API queried over a rolling 48-hour publication window — authoritative source-of-truth for the vulnerabilities category's CVE hard-gate.

• OpenAI Daybreak权威独立媒体

  OpenAI Daybreak is OpenAI's cybersecurity accelerator for security startups building the next generation of cybersecurity tools.

• OpenAI News权威独立媒体RSS

  Official OpenAI news feed filtered at ingest to cybersecurity, security, provenance, supply-chain, and AI-safety items.

• Palo Alto Networks Security Advisories权威独立媒体RSS

  Official Palo Alto Networks security advisory RSS feed for PAN-OS, Prisma, Cortex, and related product vulnerability disclosures.

• Palo Alto Unit 42权威独立媒体RSS

  In-depth APT, ransomware, cloud, and IoT research — one of the most cited vendor research outlets.

• SANS Internet Storm Center Stormcast权威独立媒体RSS

  Daily SANS ISC Stormcast feed with topic links and summaries; replaces the handler diary RSS where Stormcast entries carried boilerplate-only descriptions.

• Schneier on Security权威独立媒体RSS

  Bruce Schneier's long-running blog on cryptography, security policy, and privacy — essential for big-picture analysis.

• The Record (Recorded Future News)权威独立媒体RSS

  Independent cybersecurity journalism covering nation-state operations, ransomware, and policy — staffed by career security reporters.

• Volexity Threat Research权威独立媒体

  Small independent research shop with a consistent track record of zero-day discoveries (Ivanti, Atlassian, Exchange).

• Zero Day Initiative (ZDI)权威独立媒体RSS

  Trend Micro's ZDI advisories from their bug-bounty program — primary-source vulnerability disclosures.

常规来源

• Black Hills Information Security常规来源RSS

  Practitioner-level pentest, threat hunting, and active defense content from the BHIS team.

• BleepingComputer常规来源RSS

  Breaking breach news, ransomware leaks, and malware analysis — fast wire coverage.

• Censys Research常规来源RSS

  Internet-scan-based research on exposed infrastructure, IOC enrichment, and attack-surface trends.

• Check Point Research常规来源RSS

  Vendor research arm publishing malware analysis and campaign reports.

• Dark Reading常规来源RSS

  Enterprise-focused security analysis aimed at CISOs and SOC leaders.

• Elastic Security Labs常规来源RSS

  Malware analysis, detection engineering, and threat hunting techniques.

• Malwarebytes Labs常规来源RSS

  Threat intelligence on malware, scams, and enterprise threats.

• Rapid7 Blog常规来源RSS

  Emergent threat analysis and Metasploit-adjacent vulnerability research.

• Recorded Future (Insikt Group)常规来源RSS

  Nation-state threat research and geopolitical cyber risk analysis.

• SecurityWeek常规来源RSS

  Major independent cybersecurity outlet covering breaches, vulnerabilities, and policy.

• SentinelLabs常规来源RSS

  SentinelLabs research on malware families, threat actors, and exploitation.

• The Hacker News常规来源RSS

  High-volume daily security news aggregator covering CVEs, breaches, and disclosures.

• WeLiveSecurity (ESET)常规来源RSS

  ESET research on APT campaigns and Eastern European threats.

审查中

试用期内。在确认长期纳入或排除前,我们会持续评估其信息源稳定性、编辑信号强度以及与其他来源的重合度。

• Cisco Talos Intelligence审查中RSS

  Strong threat research, paused pending vendor-heavy-coverage review against independent sources.

• F5 Security Advisories审查中

  Official MyF5 security advisory surface for BIG-IP, BIG-IQ, NGINX, and related F5 product vulnerability disclosures.

  排除原因: F5 advisories require MyF5/custom RSS handling; keep under review until we confirm a stable machine-readable feed that does not produce empty or dirty results.

• FreeBuf (ZH-native)审查中RSS

  Chinese-language security community — first native ZH source added to the pool; enters as ingest-only per the contract spec for a 30-day audit before promotion.

  排除原因: Feed returns HTTP 405 to Node-based ingestion clients as of 2026-05-05; keep under review until a reliable machine-readable endpoint is available.

• Google Threat Analysis Group审查中RSS

  Google's TAG on government-backed attacks and zero-day tracking — authoritative primary research, but the configured category RSS URL now returns 404.

• Mandiant (Google Cloud)审查中RSS

  World-class APT attribution research; paused pending feed-reliability verification.

• Microsoft Security Response Center审查中RSS

  Authoritative Microsoft security disclosures; paused pending feed-format stability confirmation.

• Progress MOVEit Security Advisories审查中

  Official Progress community advisories for MOVEit Transfer, MOVEit Cloud, and MOVEit Automation vulnerability bulletins.

  排除原因: No stable public RSS endpoint confirmed yet; keep visible for transparency while coverage is cross-checked through NVD, CISA KEV, and vendor bulletin URLs.

• Sophos News审查中RSS

  Strong X-Ops research; paused pending feed noise review (product posts interleaved with research).

已排除

我们主动不纳入的来源。在此列出,以便您核实我们究竟阅读什么、不阅读什么。

• CrowdStrike Blog已排除RSS

  Vendor blog mixing threat research with sales and product marketing at roughly a 1:4 ratio.

  排除原因: Signal-to-noise threshold — majority of items are commercial/sales content rather than research. Revisit via whitelist on /blog/threat-research/ if the ratio improves.

• CyberSecurity News已排除RSS

  Low-authority aggregator that re-writes content from BleepingComputer and The Hacker News.

  排除原因: Signal-to-noise threshold — duplicates higher-authority primary sources.

• Fortinet FortiGuard Labs已排除RSS

  Vendor patch summaries that typically lack CVE detail and independent analysis.

  排除原因: Signal-to-noise threshold — contributed to the April 2026 CVE-hedging ship quality issue; patch advisories without identifiers downstream.

• Hacker News已排除RSS

  General tech community feed — off-topic for a security-focused newsroom.

  排除原因: Signal-to-noise threshold — majority of items are general tech, not security.

• Help Net Security已排除RSS

  Predominantly vendor surveys, product roundups, and press releases.

  排除原因: Signal-to-noise threshold — product/survey content outweighed incident reporting.

• Microsoft Security Blog已排除RSS

  Primarily product marketing interleaved with research.

  排除原因: Signal-to-noise threshold — marketing content outweighed standalone research value.

• Proofpoint Threat Insight已排除RSS

  Mix of threat research with webinar and analyst-report promotions.

  排除原因: Signal-to-noise threshold — promotional content interleaved with research reduced the usable yield.

• Qualys Threat Research已排除RSS

  Patch Tuesday analysis and cloud posture findings that largely duplicate ZDI, Rapid7, and The Hacker News.

  排除原因: Signal redundancy — patch coverage already provided by higher-authority sources in our pool.