Recently, Gartner released "Hype Cycle for APIs, 2025", NSFOCUS was selected as a Representative vendor in API Threat Protection of Hype Cycle with its cloud-native API security solution. We believe, this recognition reflects NSFOCUS’s comprehensive strength in API security technology innovation research, and continuous accumulation and achievements in API security protection...
Tag: API
Insights from the DeepSeek Malicious Software Package Incident: Why Software Supply Chain Security Matters in Global AI Technology Competition
Background With the widespread application of AI technology, software supply chains are facing more complex and diverse security threats. Since January 2025, DeepSeek, as an emerging force in China's AI industry, has suffered from series of cyberattacks. According to the analysis by NSFOCUS Security Lab, most attacks are from IP...
YApi mongo Injection Vulnerability Alert
Overview Recently, NSFOCUS CERT detected that an open source API interface management platform YApi mongo injection vulnerability was publicly released on the Internet. Due to the splicing of a certain function in YApi, MongoDB injection can be realized. Unauthenticated remote attackers can exploit this vulnerability to obtain the user token...
