Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...

Techie Tonic: Two CISOs warn Axios breach changes supply chain trust model

Two CISOs dissect the Axios npm attack, revealing a self-erasing RAT, CI/CD compromise risks and why open-source software ...
The Hacker News

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

Adobe Reader zero-day exploited since Dec 2025 via malicious PDFs, enabling data theft and potential RCE, prompting urgent ...

Iran warns it will respond if Israeli attacks on Lebanon don't stop immediately

Israel and the US say Lebanon is not included in a two-week ceasefire deal with Iran. PM Benjamin Netanyahu says Israel ...
SecurityWeek

Google DeepMind Researchers Map Web Attacks Against AI Agents

Threat actors can use malicious web content to set up AI Agent Traps and manipulate, deceive, and exploit visiting autonomous ...

Canada condemns Israeli strikes in Lebanon, calls on Hezbollah to disarm and seek diplomatic solution

Canada is condemning Israel for striking Lebanon hours after an apparent ceasefire was struck in the Middle East conflict and ...
Morning Overview on MSN

North Korea-linked hackers used fake Teams updates to hit Axios npm

Hackers linked to North Korea compromised the widely used Axios npm package by tricking a maintainer into installing malware ...
Hackaday

This Week In Security: The Supply Chain Has Problems

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...
The Hacker News

Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

Iran-linked actors target U.S. PLCs using Dropbear and SSH access, disrupting OT systems across sectors and escalating cyber ...
LGBTQ Nation

Former MAGA sycophants have had it with Trump: “Who do you think you are?”

Trump’s unhinged tweet on Easter Sunday has sent many former MAGA-ites over the edge. Donald Trump’s increasingly erratic ...

Israel and Hezbollah exchange strikes overnight as Trump criticises Iran's handling of Hormuz strait

But Israeli Prime Minister Benjamin Netanyahu says "there is no ceasefire" in Lebanon, and Israel will "continue to strike ...
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...