CSO Online

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...
SecurityWeek

Critical Flowise Vulnerability in Attacker Crosshairs

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...

Developer hits snags with plans for 43-acre Georgetown mixed-use project

The developer said it has been a "time suck" trying to get the project to construction. He may yank the land from city limits ...
The Register-Herald

WVDNR seeks input on wildlife action plan

Members of the public may now review and submit comments on a draft update to the state wildlife action plan, according to ...

Levine Museum of the New South seeks input on South End campus after $7.5M acquisition

Levine Museum of the New South is under contract to acquire Grace Covenant Church at 1800 South Blvd. in South End, where it will build a new museum campus. Pickard Chilton To continue reading this ...
SecurityWeek

Google DeepMind Researchers Map Web Attacks Against AI Agents

Threat actors can use malicious web content to set up AI Agent Traps and manipulate, deceive, and exploit visiting autonomous ...
The Hacker News

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.
Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...
InfoWorld

27 questions to ask when choosing an LLM

From cost and performance specs to advanced capabilities and quirks, answers to these questions will help you determine the ...

Anthropic's Boris Cherny, creator of $2.5 billion coding tool, makes a ‘clarification’ on Claude Code leak: ‘It's never an individual's fault, it’s the…’

A missed step in a manual deployment process exposed the internal workings of one of AI's hottest coding tools—and briefly ...

Android web browsing just overtook iPhone speed, Google says

Android phones may now browse faster than iPhones, as Google claims Chrome has overtaken Safari in key speed tests. The real world impact depends on your device, network, and the sites you visit.