Background According to the monitoring data from NSFOCUS Fuying Lab, since the outbreak of domestic conflict in Iran in January 2026 and the subsequent escalation of tensions over the nuclear issue between the U.S. and Iran, Iran has been continuously subjected to DDoS attacks. The attack methods have shown diverse...
Author: NSFOCUS
Insights into Claude Code Security: A New Pattern of Intelligent Attack and Defense
On February 20, 2026, AI company Anthropic released a new code security tool called Claude Code Security. This release coincided with the highly sensitive period of global capital markets to AI technology subverting the traditional software industry, which quickly triggered violent fluctuations in the capital market and caused the fall...
Blue Teaming Construction Insights from 2025 Threat Landscape Observations
In 2025, AI has evolved from being a tool that merely enhances the efficiency of attacks to becoming an integral component embedded within the execution phase of cyber operations. In the future, AI may even emerge as a pivotal enabler for attack activities. During the initial attack phase, AI technology has...
Protecting AI Security: 2025 Hot Security Incident
GitHub MCP Cross-Repository Data Leak Vulnerability In May 2025, Invariant disclosed a critical vulnerability in GitHub's Machine Collaboration Protocol (MCP), where attackers embedded malicious commands within public repository Issues to hijack developers' locally running AI Agents. When an AI Agent was triggered to read and "assist" in processing the Issue,...
AI-Empowered Cybersecurity: Key Events and Emerging Trends in 2025
In September 2025, Anthropic disclosed a groundbreaking incident—the world’s first autonomous AI-driven cyberattack. This event, documented as the first large-scale cyber offensive primarily executed by AI with minimal human intervention, underscored the immense threat posed by AI agents in malicious applications. The attackers posed as representatives of a legitimate cybersecurity firm...
Top Security Incidents of 2025: Chrome Browser 0-Day Vulnerability Exploitation
Background In March 2025, cybersecurity researchers disclosed a highly sophisticated targeted attack campaign named "Operation ForumTroll." Orchestrated by an unidentified state-sponsored APT group, the operation leveraged a Google Chrome 0-day vulnerability (CVE-2025-2783) as its core weapon. This vulnerability enabled sandbox escape, allowing arbitrary code execution on victims' Windows systems and granting...
