In 2025, fueled by AI and LLMs, DDoS attacks are shifting from volume-based tactics to intelligent, high-precision warfare. This evolution, marked by increased stealth and a bifurcated ecosystem of veteran and AI-driven actors, is deconstructed in NSFOCUS 2025 Global DDoS Landscape Report. Key Opinions 1. AI-driven DDoS platforms entered active...
Author: NSFOCUS
Linux Kernel Privilege Escalation Vulnerability (Dirty Frag) Alert
Overview Recently, NSFOCUS CERT has detected a Linux kernel privilege escalation vulnerability (Dirty Frag) disclosed online. Attackers use the logical defects of splice system calls in conjunction with xfrm-ESP or RxRPC protocol stacks to tamper with the page cache of any read-only file without race conditions to obtain system root...
WAF Defense in Crisis? NSFOCUS Locks Down “Ghost Bits” Attacks in Advance
Incident Review In April 2026, Black Hat Asia 2026 disclosed a systematic security threat named Ghost Bits, targeting underlying encoding flaws in the Java ecosystem that can render mainstream WAF/IDS defenses completely ineffective. The core of this risk lies in inconsistent encoding interpretations of the same input between the security...
How to Check the Versions of BSA and ISOP
Checking the ISOP version Method 1 Switch to the security management platform, click the exclamation mark in the upper-right corner, the version is V3.0R01. Method 2 In the upper-right corner, click the small gear icon [System—Component Management] to view the version of the Security Operations Management Platform. Checking the BSA...
Coming Soon: AI-Scan OpenClaw Ecosystem Security Scanning Capabilities
As the OpenClaw ecosystem continues to surge in popularity, more customers are deploying and utilizing these AI agents on a large scale. However, this growth has brought significant security challenges to the forefront, including over 33 documented CVE vulnerabilities, 288+ GHSA security advisories, the rise in malicious Skills, and frequent...
ISOP’s Integration with NSFOCUS Devices
ISOP device management can display information about the underlying NSFOCUS devices that are connected to the interface. The NSFOCUS devices that can be integrated include RSAS, BVS, WVSS, WSM, NIPS, WAF, NF, NIDS, NTA, SAS, and UTS. The displayed information includes device name, device IP address, device type, status, version,...
