Blog

As regional military conflicts escalate, cyberspace has become a critical battleground, with core WEB application systems frequently targeted by adversaries. Attackers tamper with application content and inject anti-social or anti-government rhetoric, disrupting cyberspace order and inciting public panic, severely damaging institutional credibility. WEB services serve as key platforms for information dissemination and core operations across […]

A segurança de API (Application Programming Interface) é uma preocupação central para desenvolvedores e empresas que buscam proteger seus sistemas contra acessos não autorizados e violações de dados. As APIs são essenciais para a comunicação entre diferentes softwares, facilitando a integração de sistemas e a automação de tarefas, mas também podem ser pontos vulneráveis se […]

Overview On February 11, 2026, NSFOCUS CERT monitored Microsoft’s release of its February security update patches, addressing 59 security issues across widely used products such as Windows, Azure, Microsoft Office, and Visual Studio Code. These vulnerabilities include privilege escalation, remote code execution, and other high-risk vulnerabilities. In this monthly update, 5 vulnerabilities are rated as […]

Background According to the monitoring data from NSFOCUS Fuying Lab, since the outbreak of domestic conflict in Iran in January 2026 and the subsequent escalation of tensions over the nuclear issue between the U.S. and Iran, Iran has been continuously subjected to DDoS attacks. The attack methods have shown diverse characteristics, including both botnet-based attacks […]

On February 20, 2026, AI company Anthropic released a new code security tool called Claude Code Security. This release coincided with the highly sensitive period of global capital markets to AI technology subverting the traditional software industry, which quickly triggered violent fluctuations in the capital market and caused the fall of stock prices of major […]

In 2025, AI has evolved from being a tool that merely enhances the efficiency of attacks to becoming an integral component embedded within the execution phase of cyber operations. In the future, AI may even emerge as a pivotal enabler for attack activities. During the initial attack phase, AI technology has significantly reduced the difficulty of […]

GitHub MCP Cross-Repository Data Leak Vulnerability In May 2025, Invariant disclosed a critical vulnerability in GitHub’s Machine Collaboration Protocol (MCP), where attackers embedded malicious commands within public repository Issues to hijack developers’ locally running AI Agents. When an AI Agent was triggered to read and “assist” in processing the Issue, it indiscriminately executed the embedded […]

O crescimento das ameaças cibernéticas, como ataques DDoS, malwares e tentativas de invasão, destaca a necessidade de soluções robustas para proteger dados e sistemas críticos. É nesse contexto que a detecção de anomalias ganha destaque. A detecção de anomalias é uma ferramenta essencial na cibersegurança, capaz de identificar comportamentos suspeitos em redes, sistemas e aplicativos, […]

In September 2025, Anthropic disclosed a groundbreaking incident—the world’s first autonomous AI-driven cyberattack. This event, documented as the first large-scale cyber offensive primarily executed by AI with minimal human intervention, underscored the immense threat posed by AI agents in malicious applications. The attackers posed as representatives of a legitimate cybersecurity firm conducting a defense assessment. They […]

Background In March 2025, cybersecurity researchers disclosed a highly sophisticated targeted attack campaign named “Operation ForumTroll.” Orchestrated by an unidentified state-sponsored APT group, the operation leveraged a Google Chrome 0-day vulnerability (CVE-2025-2783) as its core weapon. This vulnerability enabled sandbox escape, allowing arbitrary code execution on victims’ Windows systems and granting full control over the targeted […]