The Hacker News

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.

Pope Leo for president? Meeting with Obama guru sparks speculation

A recent meeting between Pope Leo XIV and Democratic strategist David Axelrod at the Vatican sparks some intrigue and slight ...

When do drivers legally have to signal?

When it comes to signalling, the law sends mixed signals, but experts say for safety you should get in the habit of ...

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
CSO Online

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...
Cyber Daily

WASTED! GTA developer Rockstar Games confirms hack as ShinyHunters demands “pay or leak”

Popular game developer one of several new ShinyHunter claims, including Amtrak, McGraw Hill, and Hallmark Cards.

Top open source AI platform Flowise hit by maximum-level security issue

Flowise AI platform carried CVSS-10 arbitrary code flaw Vulnerability in CustomMCP node exploited in the wild Up to 15,000 ...
CDOTrends

The AI That Hacks Back

Anthropic’s newest frontier model — still not publicly available and still technically a “preview” — is the most ...
New Age

Opposition lawmaker demands release of woman arrested over Facebook post

Opposition lawmaker Rafiqul Islam Khan on Tuesday criticised the arrest of a woman in Bhola over a Facebook post about the energy crisis, demanding her release and the withdrawal of the ...
The Caledonian-Record

Historic US-Iran direct talks begin in Pakistan as war's fragile ceasefire holds

Face-to-face negotiations have begun between the United States and Iran in Pakistan, days after a fragile, two-week ceasefire was announced. A U.S. delegation led by Vice President JD Vance and ...
SecurityWeek

Critical Flowise Vulnerability in Attacker Crosshairs

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.
The Register-Herald

A possible Frozen Four first: All 4 starting goalies are freshmen

Four freshman goalies will take the ice at the Frozen Four semifinals on Thursday at T-Mobile Arena in Las Vegas. The NCAA ...