Company Profile Command Zero was founded in 2022 and is headquartered in Austin, Texas, USA[1]. The company was co-founded by three seasoned cybersecurity experts—Dov Yoran, Dean De Beer, and Alfred Huger—who have held senior technical positions at renowned companies such as Cisco, IBM, and McAfee. They have also successfully established and sold multiple cybersecurity startups. […]

The RSA Conference 2025 is set to kick off on April 28. Known as the “Oscars of Cybersecurity”, RSAC Innovation Sandbox has become a benchmark for innovation in the cybersecurity industry. Let’s focus on the new hotspots in cybersecurity and understand the new trends in security development. Today, let’s get to know the company MIND. […]

Overview On April 16, 2025, NSFOCUS CERT detected that Oracle officially released the Critical Patch Update (CPU) for April. A total of 390 vulnerabilities with different degrees were fixed this time. This security update involves Oracle MySQL Connectors, Oracle MySQL Server, Oracle Java SE, Oracle Fusion Middleware, Oracle Financial Services Applications, Oracle Communications Applications and […]

Three-Tier Protection Rules • Basic Protection: Pre-configured, general and popular security rules for out-of-box deployment.• Optional/Advanced Protection: Advanced rules, customized for specific Web/API applications for optimum protection. Basic Protection HTTP Protocol Verification Server Plug-in Crawler Web General Illegal Upload Information Disclosure Semantic Engine Scan Protection Optional Protection HTTP Access Control Sensitive Information Filter Smart Engine […]

Overview On April 9, NSFOCUS CERT detected that Microsoft released a security update patch for April, fixing 126 security problems in widely used products such as Windows, Microsoft Office, Azure, Microsoft Edge for iOS, Microsoft Visual Studio, etc. This includes high-risk vulnerabilities such as privilege escalation and remote code execution. Among the vulnerabilities fixed in […]

Basic Information Functional Configuration Manage Advanced Features in One Page Security Settings Key Benefits

Overview Recently, NSFOCUS CERT detected that Vite issued a security bulletin to fix the Vite arbitrary file read vulnerability (CVE-2025-31486); Because the Vite development server does not strictly verify the path when processing URL requests, unauthenticated attackers can bypass path access restrictions by constructing special URLs and read arbitrary files on the target server. At […]

Overview Recently, NSFOCUS CERT detected that Vite issued a security bulletin to fix the Vite arbitrary file read vulnerability (CVE-2025-31125); Because the Vite development server does not strictly verify the path when processing URL requests, unauthenticated attackers can bypass path access restrictions by constructing special URLs and read arbitrary files on the target server. At […]

NSFOCUS understands that the Security Operations team is facing increasing threats to their web applications and workloads are rising accordingly, a simple yet easy-to-use WAF has become more important than ever for effective Security Operations. The upcoming NSFOCUS Web Application Firewall (WAF) V6.0R09F00 (hereafter called as 6090) not only comprehensively reconstructs the architecture but also […]

Overview Recently, NSFOCUS CERT detected that the Babuk2 group has been frequently publishing sensitive data of several well-known organizations on its dark web site. The data is from multiple sectors, including government, finance, internet, healthcare, and education, across various countries and regions. Up to this month, at least 71 victims’ data has been disclosed, and […]