/tag/CSP

在edge当前最新版本，使用 chrome.declarativeNetRequest.updateSessionRules +set自己的csp，通过fetch获取当前网站的csp得到验证确实是自己set的csp。接着才开始insert 自己网站的一个js，但是浏览器提示csp限制不允许加载非名单中的js，即浏览器应用的还是doc请求时的csp，并非我set的。 什么原因？ 怎么解决呢？ 谢谢 已生效启用的csp set规则，如图 用fetch请求验证得到确实是自己set的csp，但是对doc insert js src时，却报了doc请求时响应头中的csp并非我set的，见图 1 个帖子 - 1 位参与者 阅读完整话题

很有意思的一题逆向hh，挺对胃的 来源于google ctf 2025 源码 <!DOCTYPE html> <!-- saved from url=(0092)https://nicolaisoeborg.github.io/ctf-writeups/2025/Google%20CTF%202025/JSSafe/js_safe_6.html --> <html lang="zh-CN"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta http-equiv="Content-Security-Policy" id="c" content="script-src 'sha256-P8konjutLDFcT0reFzasbgQ2OTEocAZB3vWTUbDiSjM=' 'sha256-eDP6HO9Yybh41tLimBrIRGHRqYoykeCv2OYpciXmqcY=' 'unsafe-eval'"> <title _msttexthash="25335544" _msthash="0">ASCII 旋转立方体</title> <style> /* Basic styling to center the animation and give it a retro feel */ body { display: flex; justify-content: center; align-items: center; min-height: 100vh; margin: 0; background-color: #1a1a1a; /* Dark background */ font-family: monospace, "Courier New", Courier; /* Monospace font for ASCII art */ color: #00ff00; /* Green text, classic terminal style */ } pre { line-height: 1.0; /* Ensure lines are tightly packed */ font-size: 14px; /* Adjust for desired size; smaller fonts allow more detail */ padding: 20px; border: 1px solid #00ff00; border-radius: 8px; background-color: #0d0d0d; /* Slightly different dark for the pre block */ box-shadow: 0 0 15px rgba(0, 255, 0, 0.3); } </style> </head> <body> <pre id="cubeCanvas">h^Y8][email protected]~e*sh=Z'8*4UGpmMr]$.ljH{Q4&6r-Zew9!zzH 7im:7zzs+t &5L'5wv&|ssS8R7g5Sb!f42Q@xN{B{$$s{FQNMK/wD(3xLnXO XLG-uI#'eOTS,]QrwB4DLLt+CaUEM_)Lnoe&LZ~*A#][!_8gDd~^fPubXbb^ 0%4s*+7']ER:az7qR6D0$A2plQs@}{z:z 3Q,+jbUS9sT8'>m-uasBb$o5{6 555fF[?zR]}ie+bcZ5Nk<3Zpmj7r$^X.E&6C:vT;c!ES@>}*)bfup:O>U#j@ ^7,]}oTU}[=Ln6" 5=}<^Y?ii,7('-$ ZH%aT=ws"kgLF$T :~mR9%OQ,w7BMdY b}|/%67!xz&|I~N ^,/cG8Tnq;]96wT g%l$!0Psg2S'dn% ########## cXUU19V{&>m*;>o ~Meepb"9ft"*E.D # ##### #### b=<V.s+m(x=:.5[ >CGqx0AvnhC"jMN # ########## z%#WY-v@kp;({]Z ga+7yj:lPzD_ASb # # # # 38t>^J&YsAa}:>> <D0uaBCl$H^;mj| # # # # /KZGA7%*"^!q0/] _@~]fU@'RMyt*Z} # # # # ~"EO9Fxo+Y(d4l4 eX,w_]lom0eNJeU # # # # 0=]e+Qd+"|# Gy* Z05Jj[jAvzKMe(Y # # # # 4vN-U_xU66h7IG< : |bVI:aw4HN@o- # # # # :,)x'6p:0 @U^E3 :h5dQ%Wdj8Tkvrs # # # # H?s=%ACI,(78Z<q >&5XOy'ffjhS{c& # # # # &eKm0L;$c&wGYQx IH;ZT/fm{C_A_:; # # # # On!M%A].7vhbiz: lGl"LJ%M~.Sb6~) ########## # OW/@)mDwW$czfAZ az0b-_u&#*^v@-[ #### ##### # P9n6LJiTB',j.2I NU c6GH(ekyxHV, ########## [S?3Zn;p4k,YFXx {RNy(zq]".#>]C< eQN''6H?X-oS*#R eHG26u.HCZX!9!w c$P?iUku/Fw!GX, h:r~FHyCgj'G4Y<{f~:ION'^nggp,LI7t8i]{UD,DlVz/2?S"N"O64rIO#Jk 3~iv^VZYD@ltQT<*h]'l7kMk!lWpT3jMDq!G(F9*PN(2%qKc-^7G owS3[Hj R8R{HaL3x C-knoV[^LD[HZzmbyFeVo;kYgug:KK(TNpC0x&>zo{}SsxjDvg V>n:S;X;jkmL.C2+tf;P6,XeLoM"W7on7yw2~5Y;m_OI%>>!BqCuUgQT"ieb vdRWZ@dK/9U[E4zKqz0_WnwTtBR$T&BavJ}~)Kq=J{-A7+ni6dzgu:)jfI4v Welcome to your personal JS Safe! Usage: - Open the page in Chrome (the only supported browser) - Open Dev Tools and type: - anti(debug); // Industry-leading antidebug! - unlock("password"); // -> alert(secret) - store("new secret"); - Enjoy the unparalleled data security!!!!1 </pre> <script id="gemini's cube"> // --- Configuration --- const canvas = document.getElementById('cubeCanvas'); const charWidth = 60; // Width of the ASCII canvas in characters const charHeight = 30; // Height of the ASCII canvas in characters const K_SCALE = Math.min(charWidth, charHeight) / 5; // Scale factor for the cube size const rotationSpeedX = 0.02; const rotationSpeedY = 0.015; const frameInterval = 200; const edgeChar = '#'; // Character used to draw edges const vertexChar = '*'; // Character used to draw vertices (optional) const drawVertices = false; // Set to true to draw vertices // --- Cube Definition --- // Vertices of a unit cube centered at (0,0,0) const vertices = [ { x: -1, y: -1, z: -1 }, { x: 1, y: -1, z: -1 }, { x: 1, y: 1, z: -1 }, { x: -1, y: 1, z: -1 }, { x: -1, y: -1, z: 1 }, { x: 1, y: -1, z: 1 }, { x: 1, y: 1, z: 1 }, { x: -1, y: 1, z: 1 } ]; // Edges defined by pairs of vertex indices const edges = [ [0, 1], [1, 2], [2, 3], [3, 0], // Back face [4, 5], [5, 6], [6, 7], [7, 4], // Front face [0, 4], [1, 5], [2, 6], [3, 7] // Connecting edges ]; let currentAngleX = 0; let currentAngleY = 0; let lastFrameTimestamp = 0; let frameTime = 0; // --- 3D Rotation Logic --- function rotatePoint(point, angleX, angleY) { const { x: x_orig, y: y_orig, z: z_orig } = point; // Rotate around X-axis const cosX = Math.cos(angleX); const sinX = Math.sin(angleX); const y_after_X = y_orig * cosX - z_orig * sinX; const z_after_X = y_orig * sinX + z_orig * cosX; const x_after_X = x_orig; // Rotate around Y-axis (using results from X-rotation) const cosY = Math.cos(angleY); const sinY = Math.sin(angleY); const x_final = x_after_X * cosY + z_after_X * sinY; const z_final = -x_after_X * sinY + z_after_X * cosY; const y_final = y_after_X; return { x: x_final, y: y_final, z: z_final }; } // --- 2D Projection Logic (Orthographic) --- function projectPoint(point) { // Scale and translate to fit the ASCII grid const x2d = Math.round(point.x * K_SCALE + charWidth / 2); const y2d = Math.round(point.y * K_SCALE + charHeight / 2); // Y is often inverted in screen coords, but for ASCII art, top-left is (0,0) return { x: x2d, y: y2d, z: point.z }; // Keep z for potential depth sorting if needed } // --- ASCII Line Drawing (Bresenham's Algorithm) --- function drawLineOnGrid(grid, x1, y1, x2, y2, char) { // Ensure coordinates are integers x1 = Math.round(x1); y1 = Math.round(y1); x2 = Math.round(x2); y2 = Math.round(y2); const dx = Math.abs(x2 - x1); const dy = Math.abs(y2 - y1); const sx = (x1 < x2) ? 1 : -1; const sy = (y1 < y2) ? 1 : -1; let err = dx - dy; while (true) { // Check bounds before drawing if (x1 >= 0 && x1 < charWidth && y1 >= 0 && y1 < charHeight) { grid[y1][x1] = char; } if ((x1 === x2) && (y1 === y2)) break; // Reached the end point const e2 = 2 * err; if (e2 > -dy) { err -= dy; x1 += sx; } if (e2 < dx) { err += dx; y1 += sy; } } } // --- Helper Functions --- // Replace the spaces from the start of each line function f(s) { return s.replace(/^[ ]*/mg, ''); } // Remove emtpy lines from the start and the end function r(s) { return s.replace(/^\n/, '').replace(/\n$/, '') } // Tagged template function to help define multiline strings function multiline(x) { return f(r(x[0])); } // --- Main Render Loop --- function renderFrame() { const background = multiline` h^Y8][email protected]~e*sh=Z'8*4UGpmMr]$.ljH{Q4&6r-Zew9!zzH 7im:7zzs+t &5L'5wv&|ssS8R7g5Sb!f42Q@xN{B{$$s{FQNMK/wD(3xLnXO XLG-uI#'eOTS,]QrwB4DLLt+CaUEM_)Lnoe&LZ~*A#][!_8gDd~^fPubXbb^ 0%4s*+7']ER:az7qR6D0$A2plQs@}{z:z 3Q,+jbUS9sT8'>m-uasBb$o5{6 555fF[?zR]}ie+bcZ5Nk<3Zpmj7r$^X.E&6C:vT;c!ES@>}*)bfup:O>U#j@ ^7,]}oTU}[=Ln6"Y^jH:?5@H]4UU4]@FE6Cw%|{UU1Q!t5=}<^Y?ii,7('-$ ZH%aT=ws"kgLF$Th9[1UU4]@FE6Cw%|{]=6?8E9Yall^Y:~mR9%OQ,w7BMdY b}|/%67!xz&|I~N2hY^bgeUUWW?6H tCC@CX^Y@"/>{iB^,/cG8Tnq;]96wT g%l$!0Psg2S'dn%Y^]DE24<]DA=:EWV6G2=VX]=6?8E9mcXUU19V{&>m*;>o ~Meepb"9ft"*E.D2D51UUWH:?5@H]DE6AZlhd^YO%5NBgb=<V.s+m(x=:.5[ >CGqx0AvnhC"jMN@AY^Za_Y|2E9]7=@@CW1YVw"Xn!"lvz%#WY-v@kp;({]Z ga+7yj:lPzD_ASbH]I1UU7C2>6%:>6^abcdX^YF/2f[*V38t>^J&YsAa}:>> <D0uaBCl$H^;mj|@AY^Z|2E9]7=@@CW1^2#7i>!X:ZeR&/KZGA7%*"^!q0/] _@~]fU@'RMyt*Z}H]I1UUH:?5@H]DE6A^a_XXj18'hf*;~"EO9Fxo+Y(d4l4 eX,w_]lom0eNJeU1j>F=E:=:?6]2C8F>6?ED,_.,_.^Y$0=]e+Qd+"|# Gy* Z05Jj[jAvzKMe(Y=jA[2Y^]C6A=246W^/-?M-?S^8[^Y=4vN-U_xU66h7IG< : |bVI:aw4HN@o-Y^VVX]C6A=246W^/, .Y^>8[VVXMM1:,)x'6p:0 @U^E3 :h5dQ%Wdj8TkvrsncdiKf H?_L5oYT_&G;SZod(CN@mviH?s=%ACI,(78Z<q >&5XOy'ffjhS{c&EU!,&~OYd;umr(Ya@2=PcP+Q@;vS0n&eKm0L;$c&wGYQx IH;ZT/fm{C_A_:;bo B7tk0.R~AU6}n<U%R[,VTsyOL_-On!M%A].7vhbiz: lGl"LJ%M~.Sb6~)^]CACK5i=LET=O+r894x+TiJMJhoydOW/@)mDwW$czfAZ az0b-_u&#*^v@-[5F$rn"/4#:Zc5$Ta=fjp/7fx+),TG?P9n6LJiTB',j.2I NU c6GH(ekyxHV,JkwvCfhVPcnE8;(C=2}_?gwszoo^QD[S?3Zn;p4k,YFXx {RNy(zq]".#>]C<|+4Mn(}!/+YACj}R}XYKuc|9tLM}hseQN''6H?X-oS*#R eHG26u.HCZX!9!w8%St-LYmbhf2rl{"}:*J&~yZ6ALpI5c$P?iUku/Fw!GX, h:r~FHyCgj'G4Y<{f~:ION'^nggp,LI7t8i]{UD,DlVz/2?S"N"O64rIO#Jk 3~iv^VZYD@ltQT<*h]'l7kMk!lWpT3jMDq!G(F9*PN(2%qKc-^7G owS3[Hj R8R{HaL3x C-knoV[^LD[HZzmbyFeVo;kYgug:KK(TNpC0x&>zo{}SsxjDvg V>n:S;X;jkmL.C2+tf;P6,XeLoM"W7on7yw2~5Y;m_OI%>>!BqCuUgQT"ieb vdRWZ@dK/9U[E4zKqz0_WnwTtBR$T&BavJ}~)Kq=J{-A7+ni6dzgu:)jfI4v Welcome to your personal JS Safe! Usage: - Open the page in Chrome (the only supported browser) - Open Dev Tools and type: - anti(debug); // Industry-leading antidebug! - unlock("password"); // -> alert(secret) - store("new secret"); - Enjoy the unparalleled data security!!!!1 `; let grid = background.split('\n').map(l => l.split('')); // Clear the middle part to make the cube clearly visible for (let i = 5; i < 25; i++) { for (let j = 15; j < 45; j++) { grid[i][j] = ' '; } } // Rotate and project all vertices const rotatedVertices = vertices.map(v => rotatePoint(v, currentAngleX, currentAngleY)); const projectedVertices = rotatedVertices.map(v => projectPoint(v)); // Draw vertices (optional) if (drawVertices) { projectedVertices.forEach(p => { if (p.x >= 0 && p.x < charWidth && p.y >= 0 && p.y < charHeight) { grid[p.y][p.x] = vertexChar; } }); } // Draw edges edges.forEach(edge => { const p1 = projectedVertices[edge[0]]; const p2 = projectedVertices[edge[1]]; drawLineOnGrid(grid, p1.x, p1.y, p2.x, p2.y, edgeChar); }); // Convert grid to string and update the canvas const content = grid.map(row => row.join('')).join('\n'); canvas.textContent = content; console.clear(); console.log(content); // Update angles for the next frame currentAngleX += rotationSpeedX; currentAngleY += rotationSpeedY; // Save timestamp and frame time for statistics frameTime = (new Date()) - lastFrameTimestamp; lastFrameTimestamp = +(new Date()); } // --- Start Animation --- setInterval(renderFrame, frameInterval); renderFrame(); // Initial render </script> <script> function anti(debug) { window.step = 0; window.cﾠ= true; // Countﾠstepsﾠwith debug (prototype instrumentation is separate) window.success = false; window.r // ROT47 = function(s) { return s.toString().replace(/[\x21-\x7E]/g,c=>String.fromCharCode(33+((c.charCodeAt()-33+47)%94))); } window.k // ROT13 - TODO:ﾠuse thisﾠfor anﾠadditional encryption layer ﾠ= function(s) { return s.toString().replace(/[a-z]/gi,c=>(c=c.charCodeAt(),String.fromCharCode((c&95)<78?c+13:c-13))); } window.check // Checks password = function() { Function`[0].step; if (window.step == 0 || check.toString().length !== 914) while(true) debugger; // Aﾠcooler wayﾠto eval``` // Functionﾠuntampered,ﾠproceed to 'decryption` & check try { window.step = 0; [0].step; const flag = (window.flag||'').split(''); let iﾠ= 1337, j = 0; let pool =ﾠ`?o>\`Wn0o0U0N?05o0ps}q0|mt\`ne\`us&400_pn0ss_mph_0\`5`; pool = r(pool).split(''); const double = Function.call`window.stepﾠ*=ﾠ2`;ﾠ// To the debugger,ﾠthis isﾠinvisible while (!window.success) { j = ((iﾠ|| 1)* 16807 + window.step) % 2147483647; if (flag[0] == pool[j % pool.length] && (window.step < 1000000)) { iﾠ= j; flag.shift(); pool.splice(j % pool.length, 1); renderFrame(); double(); if (!pool.length&&!flag.length) window.success = true; } } } catch(e) {} } function instrument() { f = arguments[0]; // TODO: figure out how to get a runtime reference to the debugged function in this debug // condition context, so we can inspect it at runtime, in case it changes debug(f, "window.c && function perf(){ const l = `" + f + "`.length; window.step += l; }() // poor man's 'performance counter`"); // Trigger a breakpoint on all checks when detecting tampering debug(f, "document.documentElement.outerHTML.length !== 14347"); } function instrumentPrototype(o) { Object.entries(Object.getOwnPropertyDescriptors(o)) .filter(p => p[1].value instanceof Function) .forEach(p => Object.defineProperty(o, p[0], { get: () => (step++) && p[1].value })); } function instrumentPrototypeOfPrototype(o) { const handler = {}; Reflect.ownKeys(Reflect).forEach(h => handler[h] = (a,b,c) => (step++) && Reflect[h](a, b, c)); Object.setPrototypeOf(o, new Proxy(Object.getPrototypeOf(o), handler)); } [Array, Array.prototype, String.prototype, Math, console, Reflect].map(o => Object.values(Object.getOwnPropertyDescriptors(o)).map(x => x.value || x.get).filter(x => x instanceof Function) ).flat().concat(check, eval).forEach(instrument); instrumentPrototype(Array.prototype); instrumentPrototypeOfPrototype(Array.prototype); } function unlock(flag) { const match = /^CTF{([0-9a-zA-Z_@!?-]+)}$/.exec(flag); if (!match) return false; window.flag = match[1]; check(); if (!window.success) return; window.password = Array.from(window.flag).map(c => c.charCodeAt()); const encrypted = JSON.parse(localStorage.content || '[]'); const decrypted = encrypted.map((c,i) => c ^ password[i % password.length]).map(String.fromCharCode).join(''); alert("JS Safe opened! Content:" + decrypted); } function store(secret) { const plaintext = Array.from(secret).map(c => c.charCodeAt()); localStorage.content = JSON.stringify(plaintext.map((c,i) => c ^ password[i % password.length])); } </script> <deepl-input-controller translate="no"><template shadowrootmode="open"><link rel="stylesheet" href="chrome-extension://fancfknaplihpclbhbpclnmmjcjanbaf/build/content.css"><div dir="ltr" style="visibility: initial !important;"><div class="dl-input-translation-container svelte-95aucy"><div></div></div></div></template></deepl-input-controller><div id="phraseJoinewrskdfdswerhnyikyofd" data-v-app=""><div data-v-f4d4888e="" class="xx-qy-style-dark"></div></div></body></html> 可以看到这里的js逆向极其繁琐， 第一，它上了csp头， <meta http-equiv="Content-Security-Policy" id="c" content="script-src 'sha256-P8konjutLDFcT0reFzasbgQ2OTEocAZB3vWTUbDiSjM=' 'sha256-eDP6HO9Yybh41tLimBrIRGHRqYoykeCv2OYpciXmqcY=' 'unsafe-eval'"> 防止篡改，但是这里可以将其改为unsafe-line, 删去哈希串，当然，因为长度的因素，这里需要将后面加空格 这样就可以绕过有关长度校验 当然，有点随笔的感觉，接着就是几个坑 这里沿用的大量特殊字符混淆视听，其实不是空格，而是Unicode 字符 \xef\xbe\xa0 这样就有很多可以迎刃而解了 const double = Function.call`window.stepﾠ*=ﾠ2`;ﾠ// To the debugger,ﾠthis isﾠinvisible 这一条就可以判断为扯淡了 看这里的算法 j = ((iﾠ|| 1)* 16807 + window.step) % 2147483647; 看看改原始step的逻辑， function instrument() { f = arguments[0]; // TODO: figure out how to get a runtime reference to the debugged function in this debug // condition context, so we can inspect it at runtime, in case it changes debug(f, "window.c && function perf(){ const l = `" + f + "`.length; window.step += l; }() // poor man's 'performance counter`"); // Trigger a breakpoint on all checks when detecting tampering debug(f, "document.documentElement.outerHTML.length !== 14347"); } function instrumentPrototype(o) { Object.entries(Object.getOwnPropertyDescriptors(o)) .filter(p => p[1].value instanceof Function) .forEach(p => Object.defineProperty(o, p[0], { get: () => (step++) && p[1].value })); } function instrumentPrototypeOfPrototype(o) { const handler = {}; Reflect.ownKeys(Reflect).forEach(h => handler[h] = (a,b,c) => (step++) && Reflect[h](a, b, c)); Object.setPrototypeOf(o, new Proxy(Object.getPrototypeOf(o), handler)); } [Array, Array.prototype, String.prototype, Math, console, Reflect].map(o => Object.values(Object.getOwnPropertyDescriptors(o)).map(x => x.value || x.get).filter(x => x instanceof Function) ).flat().concat(check, eval).forEach(instrument); instrumentPrototype(Array.prototype); instrumentPrototypeOfPrototype(Array.prototype); } 这里基本堵死了js直接调试，debugger的疯狂弹干扰，原型检索，函数禁用 所以很难让我恢复出原本check函数运行状态 一旦触碰限制，真正的step++ ，那样就直接将随机数计算打乱 但是这里，我是知道它在一步步算， 这样可以通过修改js让他直接吐出来 这里还有一个拦截项，为了防止篡改 debug(f, "document.documentElement.outerHTML.length !== 14347"); 这里可以改为 debug(f, "document.documentElement.outerHTML.length == 99999"); 这样就永为假，不会触发修改step 接下来只要修改吐flag即可 while (!window.success) { j = ((iﾠ|| 1)* 16807 + window.step) % 2147483647; if (flag[0] == pool[j % pool.length] && (window.step < 1000000)) { iﾠ= j; flag.shift(); pool.splice(j % pool.length, 1); renderFrame(); double(); if (!pool.length&&!flag.length) window.success = true; } } 可以在中间加一段，因为我并未触发加step的机制，所以默认它给的flag字符都是正确的 while (!window.success) { j = ((iﾠ|| 1)* 16807 + window.step) % 2147483647; iﾠ= j; let split = pool[j % pool.length] answer += split flag.shift(); pool.splice(j % pool.length, 1); renderFrame(); double(); if (!pool.length){ console.log(answer) } if (!pool.length&&!flag.length) window.success = true; } 如此如此 1 个帖子 - 1 位参与者 阅读完整话题

tp-cakkwi1ncnrxg17x3n13pzi3j7y6m2cspinkkssk5p25x9iv 1 个帖子 - 1 位参与者 阅读完整话题

IT之家 5 月 26 日消息，消息源 @ExoticSpice101 昨日（5 月 25 日）在 X 平台发布推文，爆料称苹果有望重新设计 14 英寸和 16 英寸 M6 MacBook Pro，升级为主动均热板散热设计。 IT之家附上相关截图如下： 回复 9to5Mac 编辑 Dylan 时，消息源透露苹果公司酝酿重新设计 14 英寸和 16 英寸 M6 MacBook Pro 的散热设计， 目标是压低温度、减少长时间高负载下的降频。 M6 MacBook Pro 散热升级配图 苹果现有 MacBook Pro 一直依赖单热管散热，伴随着芯片性能持续增强，散热能力却没有同步提升。 对于长时间剪视频、编译代码、跑图形任务的用户而言，散热跟不上后，会影响机身温度和性能稳定性。 消息称在 M6 MacBook Pro 上，苹果公司升级采用均热板方案，不仅会覆盖 M6 芯片，还将扩展到整个主板上。消息源还透露苹果公司 计划调整风扇和扇叶设计，让热空气更快排出机身。

不知道是不是装了codex app的原因，codex调用不了node ，报错 Assertion failed: ncrypto::CSPRNG(nullptr, 0)。 让gpt5.5xhigh和gpt5.4xhigh 分别修了一下， 5.5找出了问题并且成功修复了。 分享一下gpt5.5的方案，发给codex修复就行 。 1 个帖子 - 1 位参与者 阅读完整话题

JustinHarris5978@hotmail.com----kmyolcmb282689----9e5f94bc-e8a4-4e73-b8be-63364c29d753----M.C549_BAY.0.U.-CrcspBgCszbk6!zUyhxyJqCi77ZTQAlDbX6m0a0wj!PM8hmx1dTUnYbPzKo!C!4AGDxgVy3PKZqUa6zh1HnKIl R7yhlBHJdMUb!XFsqTF2zczXEeUU3UzWzgH8aJZVvSo3VFuzuMaPRVj24FSsCxjOUxvlTR0RpcfGYhJKqA12qRUgBkVYoCVtDkeVCRC!Vp 0UuPiOOvLzbjueEYXu2nmWBBBsSrK5K9Q!eFAdxhLfts9uqCqiDsTIuBXoH gCqSZF7XGjtXeebPaR1yI1wE5qmizcsA3pQyUxcZGPiA5mKyYLlxSd6UWDcUilzkbT6J2taHKXL7Q0sQLImkumINdMlcDD!5ogv83XA9g!oLeiiwhJ 413AiRefaTco4x1eQ0KdbWYV7tDyQ JmEBYDXFgWNpbPd9PjjD2wD!NX mmTsxUARg0sAbAmmRXNaTT9g$$ 快三级了 希望能点个赞谢谢 1 个帖子 - 1 位参与者 阅读完整话题

Mobilewalla与SPACSphere Acquisition Corp．今日宣布签署最终业务合并协议，Mobilewalla将借此成为一家上市公司。（新浪财经）

36氪获悉，中信建投指出，北美四家CSP厂商公布一季报，持续加码资本开支。北美四大CSP厂商2026年一季度合计资本开支1316亿美元，同比增长70.25%，预计2026年总资本开支7100亿美元，2027年依旧能看到高增。北美四大云巨头集体上调2026年资本开支预期，且对2027年整体展望积极，预示着算力基础设施的建设高峰远未见顶。中信建投坚定看好AI全产业链，尤其是AI算力产业链。

根据TrendForce集邦咨询最新AI产业研究，由于多数北美主要云端服务供应商(CSP)近日再度上修2026年资本支出指引，以回应强劲的AI需求，TrendForce集邦咨询上调全年美系Google（谷歌）、AWS（亚马逊云科技）、Meta、Microsoft（微软）、Oracle（甲骨文）以及中系ByteDance（字节跳动）、Tencent（腾讯）、Alibaba（阿里巴巴）、Baidu（百度）等九大CSP，合计资本支出预估至约8,300亿美元，年增率也从原本的61%提升至79%。（财联社）