Strategic partnership to expand access to NSFOCUS's enterprise cybersecurity solutions through SiS Technologies' established local channel ecosystem SANTA CLARA, Calif., July 15, 2026 – NSFOCUS, a pioneering leader in cybersecurity, today announced the appointment of SiS Technologies Pte Ltd as one of its official distributors in Singapore. Under this agreement, SiS...
Category: Blog
AI Security Incident Case: Ghostcommit Attack Leveraged Images to Steal Secrets
Overview On July 11, 2026, two researchers from the ASSET Research Group at the University of Missouri-Kansas City, Sudipta Chattopadhyay and Murali Ediga, disclosed a novel attack technique named Ghostcommit. This attack is capable of exfiltrating the entire contents of a target's .env file. The ingenuity of this attack lies...
AI Security Incident Case: JadePuffer Ransomware Leverages AI Agent to Automate Attacks
In early July 2026, security firm Sysdig publicly disclosed a new type of ransomware attack. After gaining initial access by exploiting a Langflow vulnerability (CVE-2025-3248), the JadePuffer ransomware leveraged a Large Language Model (LLM) agent to automatically execute the entire attack chain. From reconnaissance, credential theft, lateral movement, and privilege...
NSFOCUS Recognized among Notable Providers for Threat Intelligence Service by International Authority
SANTA CLARA, Calif., July 3, 2026 – Recently, Forrester, the international research and advisory firm released its threat intelligence research report The External Threat Intelligence Service Providers Landscape, Q1 2026 [1]. Leveraging its long-standing technical expertise and consistent innovation in threat intelligence, NSFOCUS has been recognized as one of the report’s...
AI Security Incident Case: Miasma Worm Attacked Microsoft GitHub
Overview On June 5, 2026, 73 of Microsoft's GitHub repositories were batch-disabled within 105 seconds, triggered when a developer opened a contaminated project folder using VS Code. The attack originated from the Miasma worm, a self-replicating supply chain attack tool operated by TeamPCP. It shifted the attack entry point forward...
AI Security Incident Case: Jetbrains Plugin Supply Chain Attack Stealing AI Key
Overview In June 2026, the security research team Aikido detected a batch of collaborative malicious plugins in the JetBrains plugin market, totaling 15 plugins with nearly 70,000 cumulative installations. All of them would silently leak the AI service provider's API key to the attacker's server at the moment when the...




