Regional APT Threat Situation In March 2026, the global threat hunting system of Fuying Lab detected a total of 31 APT attack activities. These activities were primarily concentrated in regions including South Asia, Eastern Europe, and the Middle East, as shown in the figure below. Regarding the activity levels of...
Blog
Nginx Remote Code Execution Vulnerability (CVE-2026-42945) Notice
Overview Recently, NSFOCUS CERT detected that Nginx and F5 issued security bulletins to fix the Nginx remote code execution vulnerability (CVE-2026-42945); because the ngx_http_rewrite_module module contains question marks in processing (? ) has a defect in the calculation logic when replacing strings with rewrite. Under certain configuration conditions, an unauthenticated...
Linux Kernel Fragnesia Privilege Escalation Vulnerability (CVE-2026-46300) Notice
Overview Recently, NSFOCUS CERT detected that the Linux kernel Fragnesia privilege escalation vulnerability (CVE-2026-46300) was disclosed online. Fragnesia is a new variant of Dirty Frag; Due to the logical defects in the processing of shared page fragments by the ESP-in-TCP subsystem during the skb merge process, a local attacker with...
NSFOCUS Included in the Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies
SANTA CLARA, Calif., May 13, 2026 – On May 4, 2026, Gartner® published the Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies report (hereinafter referred to as "the Report"). NSFOCUS was included in the Visionaries quadrant. We believe, this recognition reflects the international acknowledgment of the company's deep technical expertise, comprehensive product...
Now Released: NSFOCUS 2025 Global DDoS Landscape Report
In 2025, fueled by AI and LLMs, DDoS attacks are shifting from volume-based tactics to intelligent, high-precision warfare. This evolution, marked by increased stealth and a bifurcated ecosystem of veteran and AI-driven actors, is deconstructed in NSFOCUS 2025 Global DDoS Landscape Report. Key Opinions 1. AI-driven DDoS platforms entered active...
Linux Kernel Privilege Escalation Vulnerability (Dirty Frag) Alert
Overview Recently, NSFOCUS CERT has detected a Linux kernel privilege escalation vulnerability (Dirty Frag) disclosed online. Attackers use the logical defects of splice system calls in conjunction with xfrm-ESP or RxRPC protocol stacks to tamper with the page cache of any read-only file without race conditions to obtain system root...
