Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
The Caledonian-Record

Nexus Pharmaceuticals Launches Cyclophosphamide Injection, 2.5 mL and 5 mL

Nexus Pharmaceuticals, LLC announces the launch of Cyclophosphamide Injection, available in ready to dilute 2.5 mL fill and 5 ...
SecurityWeek

Google DeepMind Researchers Map Web Attacks Against AI Agents

Threat actors can use malicious web content to set up AI Agent Traps and manipulate, deceive, and exploit visiting autonomous ...

LinkedIn Accused Of Tracking Users Through BroweserGate Scripts, All You Need To Know

Recent findings indicate that LinkedIn may not be as trustworthy as previously thought. A report from Fairlinked eV, ...
Tom's Hardware on MSN

LinkedIn is spying on you, according to a new 'BrowserGate' security report

LinkedIn reportedly injects a JavaScript fingerprinting script to probe visitors' browsers for 6,236 installed Chrome ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...