Overview Recently, NSFOCUS CERT has detected that React and Next.js have issued security bulletins to fix the remote code execution vulnerability of React/Next.js (CVE-2025-55182/CVE-2025-66478); Because React Server Components are insecurely deserialized when processing HTTP requests, an unauthenticated attacker can call the Node.js built-in module by constructing a specially crafted form...
Category: Blog
Cursor Remote Code Execution Vulnerability (CVE-2025-62354) Notice
Overview Recently, NSFOCUS CERT detected that HiddenLayer released a vulnerability report disclosing the Cursor remote code execution vulnerability (CVE-2025-62354). Because Cursor's check function for terminal commands in autorun mode has a logical flaw, an unauthenticated attacker can bypass the preset allowlist restrictions by constructing specially crafted malicious input, thereby achieving...
NSFOCUS Monthly APT Insights – October 2025
Regional APT Threat Situation In October 2025, the global threat hunting system of Fuying Lab detected a total of 31 APT attack activities. These activities were primarily concentrated in regions including South Asia, East Asia, with a smaller portion also found in Eastern Europe and Western Asia, as shown in...
NSFOCUS Receives International Recognition: 2025 Global Competitive Strategy Leadership for AI-Driven Security Operation
SANTA CLARA, Calif., Nov 25, 2025 – Recently, NSFOCUS Generative Pre-trained Transformer (NSFGPT) and Intelligent Security Operations Platform (NSFOCUS ISOP) were recognized by the internationally renowned consulting firm Frost & Sullivan and won the 2025 Global Competitive Strategy Leadership for AI-Driven Security Operation [1]. Frost & Sullivan Best Practices Recognition...
Fortinet FortiWeb Authentication Bypass and Command Injection Vulnerability (CVE-2025-64446/CVE-2025-58034) Notice
Overview Recently, NSFOCUS CERT detected that Fortinet issued a security bulletin to fix the FortiWeb authentication bypass and command injection vulnerability (CVE-2025-64446/CVE-2025-58034); Combined exploitation can realize unauthorized remote code execution. At present, the vulnerability details and PoC have been made public, and wild exploitation has been found. Relevant users are...
Record-Breaking Cloud Incident Brings Outage Through the Internet
November 18, 2025 – Cloudflare Global Outage (not a DDoS) Time: Started ~11:20 UTC, major issues until ~14:30 UTC, full recovery by ~17:06 UTC. Scope: Affected a huge portion of the internet — thousands of sites and services behind Cloudflare (X/Twitter, OpenAI/ChatGPT, Spotify, Claude.ai, Discord, Crunchyroll, etc.). Symptoms: 500 Internal...
