NSFOCUS Enters the Global Top Tier of DDoS Security: NSFOCUS DDoS Solutions Positioned in the MarketsandMarkets™ Star Quadrant
January 21, 2026
SANTA CLARA, Calif., Jan 21, 2026 – Recently, MarketsandMarkets™, a globally recognized market research and consulting firm, released its Global DDoS Protection and Mitigation Security Market Global Forecast to 2030 report, providing a comprehensive assessment of industry trends, technology evolution, and leading vendors worldwide. Based on its mature technology stack, comprehensive solution portfolio, and strong market […]
Microsoft’s January Security Update of High-Risk Vulnerability Notice for Multiple Products
January 16, 2026
Overview On January 14, NSFOCUS CERT detected that Microsoft released the January Security Update patch, which fixed 112 security issues involving widely used products such as Windows, Microsoft Office, Microsoft SQL Server, Azure, etc., including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s monthly update this […]
Apache Struts External Entity (XXE) Injection Vulnerability S2-069 (CVE-2025-68493)
January 13, 2026
Overview Recently, NSFOCUS CERT detected that Apache issued a security bulletin to fix the Apache Struts external entity (XXE) injection vulnerability S2-069 (CVE-2025-68493); Because the XWork component of Apache Struts does not perform effective validation when parsing XML configuration, attackers can inject external entities by constructing malicious XML data to read sensitive server files, perform […]
NSFOCUS SSCS Recognized by Frost&Sullivan in Insights for CISOs: Challenges and Opportunities in the Software Supply Chain Security Space
January 7, 2026
Recently, the world-renowned market research firm Frost & Sullivan officially released a strategic report: Insights for CISOs: Challenges and Opportunities in the Software Supply Chain Security Space. In this report tailored for the global CISO community, NSFOCUS was featured among vendors offering Software Supply Chain Security (SSCS). The report provided an overview of NSFOCUS’s specialized […]
NSFOCUS Monthly APT Insights – November 2025
December 31, 2025
Regional APT Threat Situation In November 2025, the global threat hunting system of Fuying Lab detected a total of 28 APT attack activities. These activities were primarily concentrated in regions including South Asia and East Asia, with a smaller portion also found in Eastern Europe and Middle East. Some organizations remain unattributed to known APT […]
Unlocking New Possibilities for Security Operations: NSFOCUS’s AI Agent Capabilities Recognized by Authoritative Institution
December 19, 2025
Recently, Forrester, a globally renowned independent research and advisory firm, released the report “Navigate The AI Agent Ecosystem In China, Forrester Research, October 2025[1].” NSFOCUS was successfully included in this report. In the report, Forrester identified four key technological trends: With the rapid advancement of Artificial Intelligence, AI Agent technology is deepening its application within […]
Securing the AI Revolution: NSFOCUS LLM Security Protection Solution
December 17, 2025
As Artificial Intelligence technology rapidly advances, Large Language Models (LLMs) are being widely adopted across countless domains. However, with this growth comes a critical challenge: LLM security issues are becoming increasingly prominent, posing a major constraint on further development. Governments and regulatory bodies are responding with policies and regulations to ensure the safety and compliance […]
Hong Kong’s New Critical Infrastructure Ordinance will be effective by 1 January 2026 – What CIOs Need to Know
December 12, 2025
As the clock ticks down to the full enforcement of Hong Kong’s Protection of Critical Infrastructures (Computer Systems) Ordinance on January 1, 2026, designated operators of Critical Infrastructures (CI) and Critical Computer Systems (CCS) must act decisively. This landmark law mandates robust cybersecurity measures for Critical Computer Systems (CCS) to prevent disruptions, with non-compliance risking […]
Microsoft’s December Security Update of High-Risk Vulnerability Notice for Multiple Products
December 11, 2025
Overview On December 10, NSFOCUS CERT detected that Microsoft released the December Security Update patch, which fixed 57 security issues involving widely used products such as Windows, Microsoft Office, Microsoft Exchange Server, Azure, etc., including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s monthly update this […]
React/Next.js Remote Code Execution Vulnerability (CVE-2025-55182/CVE-2025-66478) Notice and Handling Manual
December 4, 2025
Overview Recently, NSFOCUS CERT has detected that React and Next.js have issued security bulletins to fix the remote code execution vulnerability of React/Next.js (CVE-2025-55182/CVE-2025-66478); Because React Server Components are insecurely deserialized when processing HTTP requests, an unauthenticated attacker can call the Node.js built-in module by constructing a specially crafted form to execute arbitrary code on […]
