In early July 2026, security firm Sysdig publicly disclosed a new type of ransomware attack. After gaining initial access by exploiting a Langflow vulnerability (CVE-2025-3248), the JadePuffer ransomware leveraged a Large Language Model (LLM) agent to automatically execute the entire attack chain. From reconnaissance, credential theft, lateral movement, and privilege...
Blog
NSFOCUS Recognized among Notable Providers for Threat Intelligence Service by International Authority
SANTA CLARA, Calif., July 3, 2026 – Recently, Forrester, the international research and advisory firm released its threat intelligence research report The External Threat Intelligence Service Providers Landscape, Q1 2026 [1]. Leveraging its long-standing technical expertise and consistent innovation in threat intelligence, NSFOCUS has been recognized as one of the report’s...
AI Security Incident Case: Miasma Worm Attacked Microsoft GitHub
Overview On June 5, 2026, 73 of Microsoft's GitHub repositories were batch-disabled within 105 seconds, triggered when a developer opened a contaminated project folder using VS Code. The attack originated from the Miasma worm, a self-replicating supply chain attack tool operated by TeamPCP. It shifted the attack entry point forward...
AI Security Incident Case: Jetbrains Plugin Supply Chain Attack Stealing AI Key
Overview In June 2026, the security research team Aikido detected a batch of collaborative malicious plugins in the JetBrains plugin market, totaling 15 plugins with nearly 70,000 cumulative installations. All of them would silently leak the AI service provider's API key to the attacker's server at the moment when the...
AI Security Incident Case: From Claude Code Sandbox Bypass to the Boundary Failure in the Age of AI Agents
Overview In early June 2026, the security community disclosed a number of AI-related security incidents, triggering a re-examination of the industry's security boundaries for AI agent systems. The Anthropic Claude Code network sandbox bypass vulnerability, rumors of related service anomalies, and AI toolchain-based attacks appeared in the same time window,...
NSFOCUS RSAS-SC: Unified Vulnerability Management + Distributed Scanning for Modern Enterprises
The Problem with Enterprise Scanning Today Most large organizations accumulate scanning tools the same way they accumulate technical debt—one department at a time, one isolated problem at a time. The result is a fragmented stack of siloed scanners that each see only a fraction of the network, produce reports in...





