Blog

Overview On March 11, NSFOCUS CERT detected that Microsoft released the March Security Update patch, which fixed 83 security issues involving widely used products such as Windows, Microsoft Office, Microsoft SQL Server, Azure, etc., including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s monthly update this […]

Overview Recently, NSFOCUS Technology CERT detected that the GitHub community disclosed that there was a credential stealing program in the new version of LiteLLM. Analysis confirmed that it had suffered supply chain poisoning by the TeamPCP group on PyPI. It stole the publishing permission credentials by hacking into the security scanning tool Trivy used in […]

In 2026, AI agents are being widely used. OpenClaw has become a high-frequency efficiency improvement tool for enterprises and developers with its autonomous decision-making and local execution capabilities. However, several authoritative security agencies have recently issued warnings: OpenClaw is facing multi-dimensional security threats from supply chain poisoning to remote control. When internal employees privately deploy […]

Company Profile ZeroPath is an AI-native application security startup founded in 2024, and its core products also use the eponymous brand ZeroPath. The company focuses on using AI to automatically discover, verify and fix code vulnerabilities, trying to break through the limitations of traditional SAST, SCA, Secrets scanning and IaC scanning that are fighting each […]

Company Profile Humanix (see Figure 1) is a cybersecurity company focusing on human-centric threat detection and response, dedicated to protecting enterprises from social engineering attacks against “people”, headquartered in the San Francisco Bay Area of the United States [1]. Its core concept is: Traditional security focuses a lot of energy on systems and boundaries, and most […]

Company Profile Founded in 2024, Clearly AI is a company focused on automating enterprise security and privacy audits, headquartered in Seattle, Washington, USA. The company was co-founded by Emily Choi-Greene and Joe Choi-Greene, and the core team has deep practical and technical accumulation: CEO Emily worked at Amazon for 5 years, leading the Alexa AI […]

Company Profile Charm Security (hereinafter referred to as Charm) is an innovative security company focused on preventing and solving fraud and deception using Agentic AI technology. Founded in January 2025, the company has set up offices in Tel Aviv, Israel and New York, USA. With a core focus on financial security, it has become an […]

Company Profile Geordie AI is a cybersecurity startup founded in 2025 and headquartered in London, specializing in AI Agent security and governance. The company has developed an “Agent-native” security platform for enterprises, enabling real-time discovery, behavior monitoring, and risk control of AI agents deployed within organizations. This helps security teams understand which AI agents are […]

Industry Macro Background and the Software Supply Chain Crisis By 2026, the deepening of global digital transformation, coupled with the proliferation of Generative AI and large language models, is reshaping software development. The industry is shifting from being “efficiency-driven” to “governance-driven.” The root cause lies in the loss of visibility and engineering control within the […]

Company Profile Fig Security is a cybersecurity startup founded in 2025. It is headquartered in Israel with business operations also based in the United States. Despite its short history, the company has quickly gained industry attention through its innovative approach to security operations and has gradually emerged within the global cybersecurity startup ecosystem. The Fig […]