Overview Recently, NSFOCUS CERT detected that Redis issued a security bulletin and fixed the Redis Lua code execution vulnerability (CVE-2025-49844); Because Redis's Lua script engine has a use-after-free reuse vulnerability when handling memory management, an authenticated attacker can write a specially crafted Lua script to manipulate the memory recycling mechanism...
Categoria: Blog
GovWare 2025: Join NSFOCUS at Booth D09!
NSFOCUS is thrilled to announce our participation in GovWare 2025—taking place from 21 to 23 October 2025 at the Sands Expo and Convention Centre, Singapore. We invite all attendees to visit us at Booth D09, where we’ll showcase game-changing solutions designed to redefine security operations and safeguard AI-driven environments. With over two...
Building a Full-Lifecycle Defense System for Large Language Model Security
Santa Clara, Calif. Oct 2, 2025 – Recently, NSFOCUS held the AI New Product Launch in Beijing, comprehensively showcasing the company's latest technological achievements and practical experience in AI security. With large language model security protection as the core topic, the launch systematically introduced NSFOCUS's concept and practices in strategy planning,...
NSFOCUS Earns ISO 28000:2022 Security and Resilience – Security Management Systems Certification
Santa Clara, Calif. Sep 29, 2025 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced today that it has attained ISO 28000:2022 Security and Resilience - Security Management Systems (SMS) certification. ISO 28000 is an international standard for supply chain security. It specifies the requirements for a management system...
H2O-3 JDBC Deserialization Vulnerability (CVE-2025-6544)
Overview Recently, NSFOCUS CERT detected that H2O-3 released a security update to fix the H2O-3 JDBC deserialization vulnerability (CVE-2025-6544); This vulnerability is a bypass of CVE-2025-6507. Due to the system's flawed handling of JDBC connection parameters, an unauthenticated attacker can bypass existing regular expression checks through double URL encoding, thereby...
NSFOCUS Monthly APT Insights – August 2025
Regional APT Threat Situation In August 2025, the global threat hunting system of Fuying Lab detected a total of 23 APT attack activities. These activities were primarily concentrated in regions including South Asia, East Asia, Eastern Europe, and West Asia, as shown in the following figure. Regarding the activity levels...
