Overview Recently, NSFOCUS CERT detected that H2O-3 released a security update to fix the H2O-3 JDBC deserialization vulnerability (CVE-2025-6544); This vulnerability is a bypass of CVE-2025-6507. Due to the system’s flawed handling of JDBC connection parameters, an unauthenticated attacker can bypass existing regular expression checks through double URL encoding, thereby enabling arbitrary file reading and […] The post H2O-3 JDBC Deserialization Vulnerability (CVE-2025-6544) appeared fir...| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...
Regional APT Threat Situation In August 2025, the global threat hunting system of Fuying Lab detected a total of 23 APT attack activities. These activities were primarily concentrated in regions including South Asia, East Asia, Eastern Europe, and West Asia, as shown in the following figure. Regarding the activity levels of different organizations, the most […] The post NSFOCUS Monthly APT Insights – August 2025 appeared first on NSFOCUS, Inc., a global network and cyber security leader, ...| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...
Overview NSFOCUS LLM security solution consists of two products and services: the LLM security assessment system (AI-SCAN) and the AI unified threat management (AI-UTM), forming a security assessment and protection system covering the entire life cycle of LLM. In the model training and fine-tuning stage, the large language model security assessment system (AI-SCAN) plays a […] The post Dive into NSFOCUS LLM Security Solution appeared first on NSFOCUS, Inc., a global network and cyber securi...| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...
Overview On September 10, NSFOCUS CERT detected that Microsoft released the September Security Update patch, fixing 86 security issues involving widely used products such as Windows, Microsoft Office, Azure, and Microsoft SQL Server, including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s monthly update this month, […]| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...
Overview Recently, NSFOCUS CERT detected that H2O-3 released a security update to fix the H2O-3 JDBC deserialization vulnerability (CVE-2025-6507); This vulnerability is a bypass of CVE-2024-45758 and CVE-2024-10553. Due to the deserialization flaw in the system’s JDBC connection processing logic, an unauthenticated attacker can bypass existing regular expression filtering by manipulating spaces between parameters, thereby […] The post H2O-3 JDBC Deserialization Vulnerability (CVE-2025-65...| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...
Overview Recently, NSFOCUS CERT detected that Gitblit issued a security announcement and fixed the Gitblit authentication bypass vulnerability (CVE-2024-28080); Because Gitblit’s SSH service has defects in the public key authentication process, unauthenticated attackers can use the client’s public key to trigger signature verification failure and fall back to password-based authentication to complete SSH login with […] The post Gitblit Authentication Bypass Vulnerability (CVE-2024-28080...| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...
Recently, Gartner released “Hype Cycle for APIs, 2025”, NSFOCUS was selected as a Representative vendor in API Threat Protection of Hype Cycle with its cloud-native API security solution. We believe, this recognition reflects NSFOCUS’s comprehensive strength in API security technology innovation research, and continuous accumulation and achievements in API security protection practices in cloud-native environments. With […] The post NSFOCUS Recognized by Gartner® “Hype Cycle™ fo...| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...
Recently, Forrester released the 2025 “The Cloud Native Application Protection Solutions Landscape” report. NSFOCUS Cloud Native Application Protection Solution (hereinafter referred to as “NSFOCUS CNAPP”) has been selected among Representative vendors in the field of cloud native security, which NSFOCUS believes is due to its continuous innovation and prospective layout. The solution is an integrated, […] The post NSFOCUS was Included Among Representative Vendors in “The Cloud Na...| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...
Overview With the widespread application of LLM technology, data leakage incidents caused by prompt word injections are increasing. Many emerging attack methods, such as inducing AI models to execute malicious instructions through prompt words, and even rendering sensitive information into pictures to evade traditional detection, are posing serious challenges to data security. At the same […] The post Prompt Injection: An Analysis of Recent LLM Security Incidents appeared first on NSFOCUS, ...| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...
Regional APT Threat Situation In July 2025, the global threat hunting system of Fuying Lab detected a total of 33 APT attack activities. These activities were primarily concentrated in regions including South Asia, East Asia, Southeast Asia, Eastern Europe, and West Asia, as shown in the following figure. Regarding the activity levels of different organizations, […]| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...
NSFOCUS provides integrated cloud & on-premises security solutions powered by global threat intelligence delivering complete protection from cyber threats.| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...
Overview Recently, NSFOCUS CERT detected that Cursor issued a security bulletin and fixed the Cursor remote code execution vulnerability (CVE-2025-54135); Because Cursor allows files to be written to the workspace without user approval, when an external Model Control Protocol (MCP) server is configured through the Cursor user interface, an attacker can use Agent to rewrite […]| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...
If you would like more information about NSFOCUS, have a comment or a question, please complete the registration form.| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...
Customer Pain Points “Gap” in security protection after new business launch A financial company launched a new business system; the O&M team had to manually add the server IP to the WAF whitelist. Due to the cumbersome approval process, the configuration was not completed until 3 days later. During this period, hackers had invaded the […]| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...
Our Anti-DDoS solution provides on-premises equipment, cloud-based detection and mitigation services, or a hybrid combing strengths of both approaches.| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...
Under Attack| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...
SANTA CLARA, Calif., July 6, 2025 – Recently, NSFOCUS Anti-DDoS (NSFOCUS ADS) was recognized by the internationally renowned consulting firm Frost & Sullivan and won the 2025 Asia-Pacific “Competitive Strategy Leadership Award for Excellence in Anti-DDoS Protection”[1]. Frost & Sullivan Best Practices Recognition awards companies each year in a variety of regional and global markets for […]| NSFOCUS, Inc., a global network and cyber security leader, protects enterpris...