Overview In early June 2026, the security community disclosed a number of AI-related security incidents, triggering a re-examination of the industry’s security boundaries for AI agent systems. The Anthropic Claude Code network sandbox bypass vulnerability, rumors of related service anomalies, and AI toolchain-based attacks appeared in the same time window, ... Read More

The Problem with Enterprise Scanning Today Most large organizations accumulate scanning tools the same way they accumulate technical debt—one department at a time, one isolated problem at a time. The result is a fragmented stack of siloed scanners that each see only a fraction of the network, produce reports in ... Read More

Overview On June 9, NSFOCUS CERT detected that Microsoft released a security update patch for June, fixing 206 security issues involving widely used products such as Windows, Microsoft Office, Microsoft Exchange Server, Visual Studio Code, Azure, etc., including remote code execution vulnerabilities, High-risk vulnerability types such as information leakage vulnerabilities ... Read More

Overview Between late May and early June 2026, several high-profile Instagram accounts were reportedly taken over by attackers, including Barack Obama’s White House account, the personal account of U.S. Space Force Chief Master Sergeant Bentivegna, and the official account of beauty brand Sephora. Security researchers later discovered videos and screenshots ... Read More

Overview A core risk within AI security threats lies in the reliability of AI models, manifested as distorted outputs, hallucinations, and the generation of misleading content. While these issues may seem like mere technical flaws, they have evolved into tangible harms in real-world information ecosystems. AI-generated misinformation can be presented ... Read More

Traditional penetration testing tools are effective at identifying explicit technical vulnerabilities at the code level, yet fail to spot business logic flaws. What hidden risks exist within websites and APIs? How can enterprises automatically discover business logic vulnerabilities and obtain actionable remediation guidance for immediate implementation? Developed to tackle these ... Read More

SANTA CLARA, Calif., June 3, 2026 – On May 1, 2026, Forrester, the international research and advisory firm, released its latest trend research report Navigate The AI-Native Cloud Security Ecosystem In China. The report systematically maps the development landscape of China’s AI-native cloud security ecosystem and provides technology and security decision-makers ... Read More

SANTA CLARA, Calif., June 2, 2026 – To accurately analyze the evolving landscape of global Advanced Persistent Threats (APT) and bolster defenses for digital security and critical information infrastructure, NSFOCUS has released the 2025 APT Annual Landscape Report, combining robust cybersecurity monitoring and advanced threat hunting capabilities. This report conducts an ... Read More

Regional APT Threat Situation In March 2026, the global threat hunting system of Fuying Lab detected a total of 31 APT attack activities. These activities were primarily concentrated in regions including South Asia, Eastern Europe, and the Middle East, as shown in the figure below. Regarding the activity levels of ... Read More

Overview Recently, NSFOCUS CERT detected that Nginx and F5 issued security bulletins to fix the Nginx remote code execution vulnerability (CVE-2026-42945); because the ngx_http_rewrite_module module contains question marks in processing (? ) has a defect in the calculation logic when replacing strings with rewrite. Under certain configuration conditions, an unauthenticated ... Read More