NSFOCUS Monthly APT Insights – November 2025
dezembro 31, 2025
Regional APT Threat Situation In November 2025, the global threat hunting system of Fuying Lab detected a total of 28 APT attack activities. These activities were primarily concentrated in regions including South Asia and East Asia, with a smaller portion also found in Eastern Europe and Middle East. Some organizations remain unattributed to known APT […]
O que é segurança na nuvem? Como funciona o Cloud Security
dezembro 30, 2025
Com o aumento do armazenamento e processamento de dados na nuvem, proteger informações sensíveis tornou-se uma preocupação crucial para indivíduos e empresas. Neste artigo, mergulharemos no conceito de segurança cloud e exploraremos como o Cloud Security funciona para garantir a proteção dos dados. Conheça mais sobre os mecanismos de segurança utilizados e as práticas recomendadas […]
Unlocking New Possibilities for Security Operations: NSFOCUS’s AI Agent Capabilities Recognized by Authoritative Institution
dezembro 19, 2025
Recently, Forrester, a globally renowned independent research and advisory firm, released the report “Navigate The AI Agent Ecosystem In China, Forrester Research, October 2025[1].” NSFOCUS was successfully included in this report. In the report, Forrester identified four key technological trends: With the rapid advancement of Artificial Intelligence, AI Agent technology is deepening its application within […]
Banco de dados na nuvem: o que é e como fazer de forma segura?
dezembro 18, 2025
Neste artigo, você vai entender o que é um banco de dados na nuvem, como ele funciona, quais são os principais modelos e serviços oferecidos no mercado, os riscos envolvidos e, principalmente, como garantir uma implantação segura e eficaz. Ao final, ainda indicamos uma solução que agrega camadas extras de proteção para suas aplicações e […]
Securing the AI Revolution: NSFOCUS LLM Security Protection Solution
dezembro 17, 2025
As Artificial Intelligence technology rapidly advances, Large Language Models (LLMs) are being widely adopted across countless domains. However, with this growth comes a critical challenge: LLM security issues are becoming increasingly prominent, posing a major constraint on further development. Governments and regulatory bodies are responding with policies and regulations to ensure the safety and compliance […]
Hong Kong’s New Critical Infrastructure Ordinance will be effective by 1 January 2026 – What CIOs Need to Know
dezembro 12, 2025
As the clock ticks down to the full enforcement of Hong Kong’s Protection of Critical Infrastructures (Computer Systems) Ordinance on January 1, 2026, designated operators of Critical Infrastructures (CI) and Critical Computer Systems (CCS) must act decisively. This landmark law mandates robust cybersecurity measures for Critical Computer Systems (CCS) to prevent disruptions, with non-compliance risking […]
Microsoft’s December Security Update of High-Risk Vulnerability Notice for Multiple Products
dezembro 11, 2025
Overview On December 10, NSFOCUS CERT detected that Microsoft released the December Security Update patch, which fixed 57 security issues involving widely used products such as Windows, Microsoft Office, Microsoft Exchange Server, Azure, etc., including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s monthly update this […]
O que é monitoramento de rede? Importância para as empresas
dezembro 11, 2025
O monitoramento de rede é uma prática essencial para empresas que dependem de infraestrutura digital para operar com eficiência. Com a crescente digitalização dos negócios, a necessidade de garantir a estabilidade, segurança e desempenho das redes corporativas nunca foi tão grande. Problemas como lentidão, falhas de conectividade e ataques cibernéticos podem gerar prejuízos financeiros e […]
React/Next.js Remote Code Execution Vulnerability (CVE-2025-55182/CVE-2025-66478) Notice and Handling Manual
dezembro 4, 2025
Overview Recently, NSFOCUS CERT has detected that React and Next.js have issued security bulletins to fix the remote code execution vulnerability of React/Next.js (CVE-2025-55182/CVE-2025-66478); Because React Server Components are insecurely deserialized when processing HTTP requests, an unauthenticated attacker can call the Node.js built-in module by constructing a specially crafted form to execute arbitrary code on […]
Cursor Remote Code Execution Vulnerability (CVE-2025-62354) Notice
dezembro 1, 2025
Overview Recently, NSFOCUS CERT detected that HiddenLayer released a vulnerability report disclosing the Cursor remote code execution vulnerability (CVE-2025-62354). Because Cursor’s check function for terminal commands in autorun mode has a logical flaw, an unauthenticated attacker can bypass the preset allowlist restrictions by constructing specially crafted malicious input, thereby achieving remote code execution on the […]
