Overview Recently, NSFOCUS CERT detected that Fortinet issued a security bulletin to fix the FortiWeb authentication bypass and command injection vulnerability (CVE-2025-64446/CVE-2025-58034); Combined exploitation can realize unauthorized remote code execution. At present, the vulnerability details and PoC have been made public, and wild exploitation has been found. Relevant users are...
Blog
Record-Breaking Cloud Incident Brings Outage Through the Internet
November 18, 2025 – Cloudflare Global Outage (not a DDoS) Time: Started ~11:20 UTC, major issues until ~14:30 UTC, full recovery by ~17:06 UTC. Scope: Affected a huge portion of the internet — thousands of sites and services behind Cloudflare (X/Twitter, OpenAI/ChatGPT, Spotify, Claude.ai, Discord, Crunchyroll, etc.). Symptoms: 500 Internal...
Dr. Richard Zhao from NSFOCUS Selected into 2025 Top 10 Cybersecurity Professionals by Leading Consulting Company
SANTA CLARA, Calif., Nov 18, 2025 — International Data Corporation (IDC) officially released the "2025 IDC China Top 10 Cybersecurity Professionals" at the 10th IDC China CIO Summit last month. This honor is intended to recognize outstanding individuals who have made significant contributions to China's cybersecurity market this year. Dr....
Maiores ataques hacker e como proteger sua empresa
Os ataques hacker estão entre as maiores ameaças à segurança digital de empresas de todos os portes. Organizações de diversos segmentos já sofreram com prejuízos milionários, vazamento de dados sensíveis e danos à reputação. Este conteúdo é ideal para gestores de TI, profissionais de cibersegurança e tomadores de decisão que...
NSFOCUS Cloud DDoS Protection Service (Cloud DPS) Detected and Mitigated an 800G+ DDoS Attack towards a Critical Infrastructure Operator
Incident Summary On October 21, 2025, NSFOCUS Cloud DDoS Protection Service (Cloud DPS) detected and mitigated an 800G+ DDoS attack towards a critical infrastructure operator. The target network sustained a multi-vector volumetric DDoS attack peaking at 843.4 Gbps and 73.6 Mpps. The assault combined UDP-based floods (dominant) with amplification and...
Microsoft’s November Security Update of High-Risk Vulnerability Notice for Multiple Products
Overview On November 12, NSFOCUS CERT detected that Microsoft released the November Security Update patch, which fixed 63 security issues involving widely used products such as Windows, Microsoft Office, Microsoft SQL Server, Azure, and Microsoft Visual Studio, including privilege escalation, high-risk vulnerability types such as remote code execution. Among the...
