Overview Recently, NSFOCUS CERT detected that Cursor issued a security bulletin and fixed the Cursor remote code execution vulnerability (CVE-2025-54135); Because Cursor allows files to be written to the workspace without user approval, when an external Model Control Protocol (MCP) server is configured through the Cursor user interface, an attacker...
Author: NSFOCUS
NSFOCUS WAF New Version: Intelligent Asset Self-Identification, Synchronizing Security Protection with Business Growth
Customer Pain Points “Gap†in security protection after new business launch A financial company launched a new business system; the O&M team had to manually add the server IP to the WAF whitelist. Due to the cumbersome approval process, the configuration was not completed until 3 days later. During this...
DOS ou DDoS: o que são e quais as principais diferenças?
Os ataques de Negação de Serviço (DoS) e Negação de Serviço Distribuído (DDoS) são um dos principais desafios enfrentados pelas empresas e instituições no mundo digital. Neste artigo, vamos explorar o que são esses ataques, suas diferenças e motivações por trás deles. Além disso, você vai saber sobre a importância...
Entenda o que é um botnet e como funciona essa ameaça
As ameaças cibernéticas evoluem constantemente, colocando em risco dados pessoais, corporativos e até mesmo a infraestrutura crítica de uma nação. Entre as diversas formas de ataque, uma das mais perigosas e difíceis de identificar é o botnet. Essa ameaça pode ser devastadora, e entender como ela funciona é essencial para...
NSFOCUS AI-Scan Typical Capabilities: Large Language Model Adversarial Defense Capability Assessment
Large language model (LLM) adversarial attacks refer to techniques that deceive LLMs through carefully-designed input samples (adversarial samples) to produce incorrect predictions or behaviors. In this regard, AI-Scan provides LLM adversarial defense capability assessment, allowing users to select an adversarial attack assessment template for one-click task assignment and generate an...
NSFOCUS APT Monthly Briefing – May 2025
Regional APT Threat Situation In May 2025, the global threat hunting system of Fuying Lab discovered a total of 44 APT attack activities. These activities are mainly distributed in South Asia, Eastern Europe, East Asia, West Asia, Southeast Asia and as shown in the following figure. In terms of group...
