A segurança de API (Application Programming Interface) é uma preocupação central para desenvolvedores e empresas que buscam proteger seus sistemas contra acessos não autorizados e violações de dados. As APIs são essenciais para a comunicação entre diferentes softwares, facilitando a integração de sistemas e a automação de tarefas, mas também...
Autor: NSFOCUS
Microsoft’s February Security Update of High-Risk Vulnerability Notice for Multiple Products
Overview On February 11, 2026, NSFOCUS CERT monitored Microsoft's release of its February security update patches, addressing 59 security issues across widely used products such as Windows, Azure, Microsoft Office, and Visual Studio Code. These vulnerabilities include privilege escalation, remote code execution, and other high-risk vulnerabilities. In this monthly update,...
Digital Outposts: Evaluating the Role of DDoS Attacks in US-Iran Conflict
Background According to the monitoring data from NSFOCUS Fuying Lab, since the outbreak of domestic conflict in Iran in January 2026 and the subsequent escalation of tensions over the nuclear issue between the U.S. and Iran, Iran has been continuously subjected to DDoS attacks. The attack methods have shown diverse...
Insights into Claude Code Security: A New Pattern of Intelligent Attack and Defense
On February 20, 2026, AI company Anthropic released a new code security tool called Claude Code Security. This release coincided with the highly sensitive period of global capital markets to AI technology subverting the traditional software industry, which quickly triggered violent fluctuations in the capital market and caused the fall...
Blue Teaming Construction Insights from 2025 Threat Landscape Observations
In 2025, AI has evolved from being a tool that merely enhances the efficiency of attacks to becoming an integral component embedded within the execution phase of cyber operations. In the future, AI may even emerge as a pivotal enabler for attack activities. During the initial attack phase, AI technology has...
Protecting AI Security: 2025 Hot Security Incident
GitHub MCP Cross-Repository Data Leak Vulnerability In May 2025, Invariant disclosed a critical vulnerability in GitHub's Machine Collaboration Protocol (MCP), where attackers embedded malicious commands within public repository Issues to hijack developers' locally running AI Agents. When an AI Agent was triggered to read and "assist" in processing the Issue,...
