Recently, DeepSeek attracted global attention and triggered worldwide discussion with its advanced AI models. According to media, numerous Chinese companies have integrated DeepSeek, including Tencent, Alibaba, Baidu, Huawei, Geely Auto, PICC, Huawei, Honor, OPPO and Lenovo, covering multiple industries such as telecommunications, cloud computing, semiconductors, finance, automotive, and mobile technology....
Autor: NSFOCUS
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability (CVE-2025-0108)
Overview Recently, NSFOCUS CERT detected that Palo Alto Networks issued a security announcement and fixed the identity bypass vulnerability in PAN-OS (CVE-2025-0108). Due to the problem of path processing by Nginx/Apache in PAN-OS, unauthenticated attackers can bypass authentication to access the management web interface of PAN-OS device and call some...
Microsoft Security Update Notification in February of High-Risk Vulnerabilities in Multiple Products
Overview On February 12, NSFOCUS CERT detected that Microsoft released a security update patch for February, which fixed 63 security issues involving widely used products such as Windows, Microsoft Office, Azure, Apps, and Microsoft Visual Studio, including high-risk vulnerabilities such as privilege escalation and remote code execution. Among the vulnerabilities...
NSFGPT VS DeepSeek: A Test on DeepSeek’s Security Alarm Capability
NSFOCUS Security Lab conducted actual tests recently to evaluate DeepSeek-R1’s performance in security alarm analysis, in which DeepSeek-R1 showed higher alarm coverage than NSFOCUS' self-developed SecLLM NSFGPT, but it also faces high false alarm rate and large performance overhead. Nonetheless, its enormous potential is noteworthy. This post will focus on...
Insights from the DeepSeek Malicious Software Package Incident: Why Software Supply Chain Security Matters in Global AI Technology Competition
Background With the widespread application of AI technology, software supply chains are facing more complex and diverse security threats. Since January 2025, DeepSeek, as an emerging force in China's AI industry, has suffered from series of cyberattacks. According to the analysis by NSFOCUS Security Lab, most attacks are from IP...
Core Features in NSFOCUS RSAS R04F04 2-2
Continuous Improvement of Asset Detection Capability Asset detection refers to the process of tracking and mastering network assets. The detection covers hardware equipment such as network products and general computing equipment; system software such as operating systems and virtualization platforms; middleware such as databases, language environments and development frameworks; application...
