Overview On October 15, NSFOCUS CERT detected that Microsoft released the October Security Update patch, fixing 175 security issues involving widely used products such as Windows, Microsoft Office, Azure, Apps, Microsoft Exchange Server, and Microsoft Visual Studio. These include high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by […]

Overview Recently, NSFOCUS CERT detected that Oracle issued a security bulletin to fix the remote code execution vulnerability (CVE-2025-61882) in Oracle E-Business Suite; Because Oracle Concurrent Processing (BI Publisher Integration) of Oracle E-Business Suite does not strictly validate and filter user input, unauthenticated attackers can use SSRF, CRLF injection, Vulnerability chains such as path traversal […]

Overview Recently, NSFOCUS CERT detected that Redis issued a security bulletin and fixed the Redis Lua code execution vulnerability (CVE-2025-49844); Because Redis’s Lua script engine has a use-after-free reuse vulnerability when handling memory management, an authenticated attacker can write a specially crafted Lua script to manipulate the memory recycling mechanism and execute the Lua script […]

A criptografia é um tema cada vez mais presente no cotidiano de quem utiliza a internet, seja para fins pessoais ou profissionais. Ao longo deste texto, você vai descobrir o que é criptografia, como ela surgiu, quais são seus principais tipos, onde é aplicada, os riscos de não utilizá-la e muito mais. O que é […]

Os bots, uma abreviação para robôs, tornaram-se uma parte essencial do nosso mundo digital. Eles desempenham várias funções, desde automatizar tarefas simples até realizar atividades complexas na internet.  Neste artigo, vamos conhecer melhor o mundo dos bots, como eles funcionam, os diferentes tipos e como você pode proteger sua empresa contra bots maliciosos. Continue a […]

NSFOCUS is thrilled to announce our participation in GovWare 2025—taking place from 21 to 23 October 2025 at the Sands Expo and Convention Centre, Singapore. We invite all attendees to visit us at Booth D09, where we’ll showcase game-changing solutions designed to redefine security operations and safeguard AI-driven environments. With over two decades of expertise serving governments, […]

Santa Clara, Calif. Oct 2, 2025 – Recently, NSFOCUS held the AI New Product Launch in Beijing, comprehensively showcasing the company’s latest technological achievements and practical experience in AI security. With large language model security protection as the core topic, the launch systematically introduced NSFOCUS’s concept and practices in strategy planning, scenario-based protection, technical products, and […]

Santa Clara, Calif. Sep 29, 2025 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced today that it has attained ISO 28000:2022 Security and Resilience – Security Management Systems (SMS) certification. ISO 28000 is an international standard for supply chain security. It specifies the requirements for a management system to protect all links in […]

Overview Recently, NSFOCUS CERT detected that H2O-3 released a security update to fix the H2O-3 JDBC deserialization vulnerability (CVE-2025-6544); This vulnerability is a bypass of CVE-2025-6507. Due to the system’s flawed handling of JDBC connection parameters, an unauthenticated attacker can bypass existing regular expression checks through double URL encoding, thereby enabling arbitrary file reading and […]

A segurança cibernética é uma preocupação crescente para empresas de todos os tamanhos. Com a expansão dos aplicativos web, a necessidade de protegê-los de ataques cibernéticos também cresceu. Nesse contexto, está o Cloud WAF (Web Application Firewall), ferramenta de segurança que oferece proteção em tempo real contra ameaças cibernéticas, como SQL injection e cross-site scripting […]