The Hacker News

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.

The new show making fun of tech bros

“Taught Claude Cowork to use NotePlan. It’s creating daily, weekly, and monthly notes. It’s creating notes that act as ...
SecurityWeek

North Korean Hackers Target High-Profile Node.js Maintainers

The North Korean threat actor behind the Axios supply chain attack has been targeting high-profile Node.js maintainers.

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
News.az

The flowise AI crisis: why 12,000+ exposed servers are a hacker's playground

Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) ...
Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.