In addition to the southbound management feature for log reception, the BSA also provides a northbound interface that enables data export and query functions. So, how can you make proper use of these features? Let’s find out together below! 1. Function Introduction  The northbound interface is the interaction interface between BSA and the northbound system. […]

The post BSA Northbound Interface – Introduction of Interface Instance Functions appeared first on NSFOCUS.

The post BSA Northbound Interface – Introduction of Interface Instance Functions appeared first on Security Boulevard.

Overview Recently, NSFOCUS CERT detected that Xinference had suffered supply chain poisoning in its PyPI warehouse. The attacker stole the PyPI release permission credentials of Xinference maintainers and released three consecutive malicious versions implanted with Trojans on April 22, GMT+8. When triggered by the user, it will collect cloud credentials, SSH keys, API tokens, Sensitive […]

The post Xinference PyPI Supply Chain Poisoning Warning appeared first on NSFOCUS.

The post Xinference PyPI Supply Chain Poisoning Warning appeared first on Security Boulevard.

Overview On April 15, NSFOCUS CERT detected that Microsoft released the April Security Update patch, fixing 165 security issues involving Windows, Microsoft Office, Microsoft SQL Server, Microsoft Visual Studio, Microsoft .NET Framework, Widely used products such as Azure, including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by […]

The post Microsoft’s April Security Update of High-Risk Vulnerability Notice for Multiple Products appeared first on NSFOCUS.

The post Microsoft’s April Security Update of High-Risk Vulnerability Notice for Multiple Products appeared first on Security Boulevard.

Regional APT Threat Situation In February 2026, the global threat hunting system of FUYING Lab detected a total of 21 APT attack activities. These activities were primarily concentrated in regions including South Asia, East Asia, and Central Asia, as shown in the figure below. Regarding the activity levels of different groups, the most active APT […]

The post NSFOCUS Monthly APT Insights – February 2026 appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post NSFOCUS Monthly APT Insights – February 2026 appeared first on Security Boulevard.

Regional APT Threat Situation In January 2026, the global threat hunting system of Fuying Lab detected a total of 26 APT attack activities. These activities were primarily concentrated in regions including East Asia, South Asia, and Eastern Europe, as shown in the figure below. Regarding the activity levels of different groups, the most active APT […]

The post NSFOCUS Monthly APT Insights – January 2026 appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post NSFOCUS Monthly APT Insights – January 2026 appeared first on Security Boulevard.

Overview On March 11, NSFOCUS CERT detected that Microsoft released the March Security Update patch, which fixed 83 security issues involving widely used products such as Windows, Microsoft Office, Microsoft SQL Server, Azure, etc., including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s monthly update this […]

The post Microsoft’s March Security Update of High-Risk Vulnerability Notice for Multiple Products appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Microsoft’s March Security Update of High-Risk Vulnerability Notice for Multiple Products appeared first on Security Boulevard.

Overview Recently, NSFOCUS Technology CERT detected that the GitHub community disclosed that there was a credential stealing program in the new version of LiteLLM. Analysis confirmed that it had suffered supply chain poisoning by the TeamPCP group on PyPI. It stole the publishing permission credentials by hacking into the security scanning tool Trivy used in […]

The post AI Infrastructure LiteLLM Supply Chain Poisoning Alert appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post AI Infrastructure LiteLLM Supply Chain Poisoning Alert appeared first on Security Boulevard.

In 2026, AI agents are being widely used. OpenClaw has become a high-frequency efficiency improvement tool for enterprises and developers with its autonomous decision-making and local execution capabilities. However, several authoritative security agencies have recently issued warnings: OpenClaw is facing multi-dimensional security threats from supply chain poisoning to remote control. When internal employees privately deploy […]

The post NSFOCUS Threat Intelligence: Building an OpenClaw Defense System with Multiple-Layer Protection appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post NSFOCUS Threat Intelligence: Building an OpenClaw Defense System with Multiple-Layer Protection appeared first on Security Boulevard.

Company Profile ZeroPath is an AI-native application security startup founded in 2024, and its core products also use the eponymous brand ZeroPath. The company focuses on using AI to automatically discover, verify and fix code vulnerabilities, trying to break through the limitations of traditional SAST, SCA, Secrets scanning and IaC scanning that are fighting each […]

The post RSAC 2026 Innovation Sandbox | ZeroPath: From Alarm Accumulation to Executable Fixes appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post RSAC 2026 Innovation Sandbox | ZeroPath: From Alarm Accumulation to Executable Fixes appeared first on Security Boulevard.

Company Profile Humanix (see Figure 1) is a cybersecurity company focusing on human-centric threat detection and response, dedicated to protecting enterprises from social engineering attacks against “people”, headquartered in the San Francisco Bay Area of the United States [1]. Its core concept is: Traditional security focuses a lot of energy on systems and boundaries, and most […]

The post RSAC 2026 Innovation Sandbox | Humanix: People-Oriented Social Engineering Attack Detection and Response appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post RSAC 2026 Innovation Sandbox | Humanix: People-Oriented Social Engineering Attack Detection and Response appeared first on Security Boulevard.

Company Profile Fig Security is a cybersecurity startup founded in 2025. It is headquartered in Israel with business operations also based in the United States. Despite its short history, the company has quickly gained industry attention through its innovative approach to security operations and has gradually emerged within the global cybersecurity startup ecosystem. The Fig […]

The post RSAC 2026 Innovation Sandbox | Fig Security: Guardian of the Reliability of Security Detection Systems appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post RSAC 2026 Innovation Sandbox | Fig Security: Guardian of the Reliability of Security Detection Systems appeared first on Security Boulevard.

As regional military conflicts escalate, cyberspace has become a critical battleground, with core WEB application systems frequently targeted by adversaries. Attackers tamper with application content and inject anti-social or anti-government rhetoric, disrupting cyberspace order and inciting public panic, severely damaging institutional credibility. WEB services serve as key platforms for information dissemination and core operations across […]

The post Zero Tolerance for Malicious Intrusions—NSFOCUS’s Full-Chain WEB Security Protection System appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Zero Tolerance for Malicious Intrusions—NSFOCUS’s Full-Chain WEB Security Protection System appeared first on Security Boulevard.

Overview On February 11, 2026, NSFOCUS CERT monitored Microsoft’s release of its February security update patches, addressing 59 security issues across widely used products such as Windows, Azure, Microsoft Office, and Visual Studio Code. These vulnerabilities include privilege escalation, remote code execution, and other high-risk vulnerabilities. In this monthly update, 5 vulnerabilities are rated as […]

The post Microsoft’s February Security Update of High-Risk Vulnerability Notice for Multiple Products appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Microsoft’s February Security Update of High-Risk Vulnerability Notice for Multiple Products appeared first on Security Boulevard.

On February 20, 2026, AI company Anthropic released a new code security tool called Claude Code Security. This release coincided with the highly sensitive period of global capital markets to AI technology subverting the traditional software industry, which quickly triggered violent fluctuations in the capital market and caused the fall of stock prices of major […]

The post Insights into Claude Code Security: A New Pattern of Intelligent Attack and Defense appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Insights into Claude Code Security: A New Pattern of Intelligent Attack and Defense appeared first on Security Boulevard.

In 2025, AI has evolved from being a tool that merely enhances the efficiency of attacks to becoming an integral component embedded within the execution phase of cyber operations. In the future, AI may even emerge as a pivotal enabler for attack activities. During the initial attack phase, AI technology has significantly reduced the difficulty of […]

The post Blue Teaming Construction Insights from 2025 Threat Landscape Observations appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Blue Teaming Construction Insights from 2025 Threat Landscape Observations appeared first on Security Boulevard.

GitHub MCP Cross-Repository Data Leak Vulnerability In May 2025, Invariant disclosed a critical vulnerability in GitHub’s Machine Collaboration Protocol (MCP), where attackers embedded malicious commands within public repository Issues to hijack developers’ locally running AI Agents. When an AI Agent was triggered to read and “assist” in processing the Issue, it indiscriminately executed the embedded […]

The post Protecting AI Security: 2025 Hot Security Incident appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post Protecting AI Security: 2025 Hot Security Incident appeared first on Security Boulevard.

In September 2025, Anthropic disclosed a groundbreaking incident—the world’s first autonomous AI-driven cyberattack. This event, documented as the first large-scale cyber offensive primarily executed by AI with minimal human intervention, underscored the immense threat posed by AI agents in malicious applications. The attackers posed as representatives of a legitimate cybersecurity firm conducting a defense assessment. They […]

The post AI-Empowered Cybersecurity: Key Events and Emerging Trends in 2025 appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post AI-Empowered Cybersecurity: Key Events and Emerging Trends in 2025 appeared first on Security Boulevard.