Overview Recently, NSFOCUS CERT detected that Apache issued a security announcement and fixed the remote code execution vulnerability of Apache Tomcat (CVE-2025-24813). An unauthenticated attacker can execute arbitrary code to gain server privileges when the application has servlet write enabled (disabled by default), uses Tomcat file session persistence and a...
Autor: NSFOCUS
The Invisible Battlefield Behind LLM Security Crisis
Overview In recent years, with the wide application of open-source LLMs such as DeepSeek and Ollama, global enterprises are accelerating the private deployment of LLMs. This wave not only improves the efficiency of enterprises, but also increases the risk of data security leakage. According to NSFOCUS Xingyun Lab, from January...
VMware ESXi & Workstation & Fusion Multiple High-risk Vulnerabilities (CVE-2025-22224/CVE-2025-22225/CVE-2025-22226)
Overview Recently, NSFOCUS CERT detected that VMware issued a security announcement and fixed multiple high-risk vulnerabilities (CVE-2025-22224/CVE-2025-22225/CVE-2025-22226) in VMware ESXi&Workstation&Fusion. At present, all the 3 vulnerabilities have been found to be exploited in the wild. Please take protective measures as soon as possible. CVE-2025-22224: There is a TOCTOU (CheckTime-of-use) write...
LLMs Are Posing a Threat to Content Security
With the wide application of large language models (LLM) in various fields, their potential risks and threats have gradually become prominent. “Content security†caused by inaccurate or misleading information is becoming a security concern that cannot be ignored. Unfairness and bias, adversarial attacks, malicious code generation, and exploitation of security...
PostgreSQL SQL Injection Vulnerability (CVE-2025-1094)
Overview Recently, NSFOCUS CERT detected that PostgreSQL has issued a security announcement and fixed the PostgreSQL SQL injection vulnerability (CVE-2025-1094), with a CVSS score of 8.1. Since the psql tool of PostgreSQL is used to detect invalid UTF-8 characters (such as hax\xC0'; \! id #), resulting in accidental segmentation of...
Build Your AI-Powered Penetration Testing Scheme with DeepSeek + Agent: An NSFOCUS Practice
Dilemma of Traditional Automated Penetration Testing Penetration testing has always been the core means of offensive and defensive confrontation for cybersecurity. However, traditional automatic penetration tools face three major bottlenecks: lack of in-depth understanding of business logic, insufficient ability to detect logical vulnerabilities, and weak ability to link vulnerabilities. Although...
