Regional APT Threat Situation In February 2026, the global threat hunting system of FUYING Lab detected a total of 21 APT attack activities. These activities were primarily concentrated in regions including South Asia, East Asia, and Central Asia, as shown in the figure below. Regarding the activity levels of different...
Blog
NSFOCUS Monthly APT Insights – January 2026
Regional APT Threat Situation In January 2026, the global threat hunting system of Fuying Lab detected a total of 26 APT attack activities. These activities were primarily concentrated in regions including East Asia, South Asia, and Eastern Europe, as shown in the figure below. Regarding the activity levels of different...
Axios Front-End Library npm Supply Chain Poisoning Alert
Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of the project, changed the account email address of the axios maintainer to an anonymous ProtonMail address, and...
Microsoft’s March Security Update of High-Risk Vulnerability Notice for Multiple Products
Overview On March 11, NSFOCUS CERT detected that Microsoft released the March Security Update patch, which fixed 83 security issues involving widely used products such as Windows, Microsoft Office, Microsoft SQL Server, Azure, etc., including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed...
O que é um Firewall? Funcionalidades e por que usar?
Sabe-se que a segurança é fundamental para os usuários de computadores. Como atualmente estes aparelhos se tornam parte do dia-a-dia, é muito comum ver um aumento nas ameaças à segurança. Na hora de monitorar e filtrar esses possíveis ataques, foi desenvolvido o Firewall, que ajuda a bloquear o acesso não...
AI Infrastructure LiteLLM Supply Chain Poisoning Alert
Overview Recently, NSFOCUS Technology CERT detected that the GitHub community disclosed that there was a credential stealing program in the new version of LiteLLM. Analysis confirmed that it had suffered supply chain poisoning by the TeamPCP group on PyPI. It stole the publishing permission credentials by hacking into the security...
