SANTA CLARA, Calif., May 13, 2026 – On May 4, 2026, Gartner® published the Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies report (hereinafter referred to as "the Report"). NSFOCUS was included in the Visionaries quadrant. We believe, this recognition reflects the international acknowledgment of the company's deep technical expertise, comprehensive product...
Categoria: Blog
Now Released: NSFOCUS 2025 Global DDoS Landscape Report
In 2025, fueled by AI and LLMs, DDoS attacks are shifting from volume-based tactics to intelligent, high-precision warfare. This evolution, marked by increased stealth and a bifurcated ecosystem of veteran and AI-driven actors, is deconstructed in NSFOCUS 2025 Global DDoS Landscape Report. Key Opinions 1. AI-driven DDoS platforms entered active...
Linux Kernel Privilege Escalation Vulnerability (Dirty Frag) Alert
Overview Recently, NSFOCUS CERT has detected a Linux kernel privilege escalation vulnerability (Dirty Frag) disclosed online. Attackers use the logical defects of splice system calls in conjunction with xfrm-ESP or RxRPC protocol stacks to tamper with the page cache of any read-only file without race conditions to obtain system root...
WAF Defense in Crisis? NSFOCUS Locks Down “Ghost Bits” Attacks in Advance
Incident Review In April 2026, Black Hat Asia 2026 disclosed a systematic security threat named Ghost Bits, targeting underlying encoding flaws in the Java ecosystem that can render mainstream WAF/IDS defenses completely ineffective. The core of this risk lies in inconsistent encoding interpretations of the same input between the security...
Coming Soon: AI-Scan OpenClaw Ecosystem Security Scanning Capabilities
As the OpenClaw ecosystem continues to surge in popularity, more customers are deploying and utilizing these AI agents on a large scale. However, this growth has brought significant security challenges to the forefront, including over 33 documented CVE vulnerabilities, 288+ GHSA security advisories, the rise in malicious Skills, and frequent...
Xinference PyPI Supply Chain Poisoning Warning
Overview Recently, NSFOCUS CERT detected that Xinference had suffered supply chain poisoning in its PyPI warehouse. The attacker stole the PyPI release permission credentials of Xinference maintainers and released three consecutive malicious versions implanted with Trojans on April 22, GMT+8. When triggered by the user, it will collect cloud credentials,...
