The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...
Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack ...
Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s ...
North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.
Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
This is GlassWorm: a software supply chain attack that security researchers are calling one of the most sophisticated and ...
"The C2 hosts a web-based graphical user interface (GUI) titled 'NEXUS Listener' that can be used to view stolen information ...
A critical Adobe Acrobat zero-day has been exploited for months via malicious PDFs to steal data and potentially take over ...
The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results