Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...

'Hundreds of thousands of stolen secrets could potentially be circulating as a result of these recent attacks': Google says North Korean hackers behind major attack on Axi…

Google Threat Intelligence Group warns of active supply chain attack on npm’s Axios library Malicious dependency ...
SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.
Cryptopolitan

Supply chain attack on Axios could compromise crypto wallets

Up to four npm packages on Axios were replaced with malicious versions, in one of the most sophisticated supply chain attacks ...
The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...

PolyShell attacks target 56% of all vulnerable Magento stores

Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are ...
TechRepublic

Researchers Uncover New Phishing Risk Hidden Inside Microsoft Copilot

AI assistants are rapidly becoming a core part of workplace productivity, but new research suggests they may also introduce a previously overlooked phishing vector. Permiso researchers found that ...
New York Post

Massive Attack’s Robert Del Naja’s true link to Banksy revealed in exposé

A famous musician long rumored to be the elusive guerrilla artist Banksy has been unmasked — as his partner in crime. For years, the identity of the world-famous street artist has remained a closely ...
Live Science

A single injection of mRNA-like treatment healed heart muscle after a heart attack in mice and pigs. Could it work in humans too?

Researchers boosted levels of a heart-healing hormone in mice and pigs with a single injection of a new, experimental form of self-amplifying RNA that prolonged hormone synthesis for many weeks. When ...
NBC News

Michigan synagogue car-ramming suspect bought $2,000 worth of fireworks before attack

Two days before federal authorities say Ayman Mohamad Ghazali carried out Thursday's antisemitic terror attack at a synagogue outside Detroit, the driver in the car ...
CNN

Terror attacks at Michigan synagogue and Virginia university rattle sense of safety in American communities

A pair of attacks more than 700 miles apart on Thursday struck at the heart of community safe havens, leaving shocked Americans with an uneasy sense of security. First, a deadly shooting being ...