Microsoft’s August Security Update High-Risk Vulnerability Notice for Multiple Products

August 14, 2025 | NSFOCUS

Overview On August 13, NSFOCUS CERT detected that Microsoft released the August Security Update patch, which fixed 111 security issues involving widely used products such as Windows, Microsoft Office, Microsoft SQL Server, Visual Studio, and Microsoft Exchange Server. These include high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed […]

Uma imagem que ilustra um hacker.

NSFOCUS Monthly APT Insights – June 2025

August 8, 2025 | NSFOCUS

Regional APT Threat Situation In June 2025, the global threat hunting system of Fuying Lab detected a total of 33 APT attack activities. These activities were mainly distributed in regions such as South Asia, East Asia, West Asia, Eastern Europe, and South America, as shown in the figure below. In terms of organizational activity, the […]

Cursor Remote Code Execution Vulnerability (CVE-2025-54135)

August 7, 2025 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that Cursor issued a security bulletin and fixed the Cursor remote code execution vulnerability (CVE-2025-54135); Because Cursor allows files to be written to the workspace without user approval, when an external Model Control Protocol (MCP) server is configured through the Cursor user interface, an attacker can use Agent to rewrite […]

Imagem que ilustra o que é WAF.

NSFOCUS WAF New Version: Intelligent Asset Self-Identification, Synchronizing Security Protection with Business Growth

July 28, 2025 | NSFOCUS

Customer Pain Points “Gap” in security protection after new business launch A financial company launched a new business system; the O&M team had to manually add the server IP to the WAF whitelist. Due to the cumbersome approval process, the configuration was not completed until 3 days later. During this period, hackers had invaded the […]

Uma imagem que ilustra um cadeado que significa proteção cibernética.

NSFOCUS AI-Scan Typical Capabilities: Large Language Model Adversarial Defense Capability Assessment

July 16, 2025 | NSFOCUS

Large language model (LLM) adversarial attacks refer to techniques that deceive LLMs through carefully-designed input samples (adversarial samples) to produce incorrect predictions or behaviors. In this regard, AI-Scan provides LLM adversarial defense capability assessment, allowing users to select an adversarial attack assessment template for one-click task assignment and generate an adversarial defense capability assessment report. […]

Imagem que ilustra funcionários usando inteligência artificial na empresa.

NSFOCUS AI-Scan for LLM Content Assessment

July 10, 2025 | NSFOCUS

NSFOCUS AI-Scan detects security risks in large language models through a professionally curated and calibrated advanced risk database. It includes LLM content assessment, adversarial safety assessment and supply chain risk detection functions. In this post we will bring brief for content security assessment features. Create a Task Step 1: AI-Scan supports over 140 commercial and […]

NSFOCUS Anti-DDoS Receives International Recognition: Redefining Anti-DDoS Protection in Asia-Pacific

July 7, 2025 | NSFOCUS

SANTA CLARA, Calif., July 6, 2025 – Recently, NSFOCUS Anti-DDoS (NSFOCUS ADS) was recognized by the internationally renowned consulting firm Frost & Sullivan and won the 2025 Asia-Pacific “Competitive Strategy Leadership Award for Excellence in Anti-DDoS Protection”[1]. Frost & Sullivan Best Practices Recognition awards companies each year in a variety of regional and global markets for […]

Hpingbot: A New Botnet Family Based on Pastebin Payload Delivery Chain and Hping3 DDoS Module

July 3, 2025 | NSFOCUS

Overview In June 2025, NSFOCUS Fuying Lab Global Threat Hunting System detected that a new botnet family developed based on Go language was spreading on a large scale, and continued to iterate versions and develop rapidly. We named it “hpingbot” and put it under intensive monitoring. hpingbot is a cross-platform botnet family that supports Windows […]

WebSphere Application Server Remote Code Execution Vulnerability (CVE-2025-36038)

July 1, 2025 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that IBM issued a security bulletin to fix the WebSphere Application Server remote code execution vulnerability (CVE-2025-36038); Due to a flaw in WebSphere Application Server’ s validation of user-entered data, an unauthenticated attacker could execute arbitrary code on the target system by constructing malicious serialized data. CVSS score 9.0, please […]

Uma imagem que ilustra um hacker.

NSFOCUS APT Monthly Briefing – May 2025

June 27, 2025 | NSFOCUS

Regional APT Threat Situation In May 2025, the global threat hunting system of Fuying Lab discovered a total of 44 APT attack activities. These activities are mainly distributed in South Asia, Eastern Europe, East Asia, West Asia, Southeast Asia and as shown in the following figure. In terms of group activity, the most active APT […]

Search

Subscribe to the NSFOCUS Blog