CSO Online

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
The Caledonian-Record

Nexus Pharmaceuticals Launches Cyclophosphamide Injection, 2.5 mL and 5 mL

Nexus Pharmaceuticals, LLC announces the launch of Cyclophosphamide Injection, available in ready to dilute 2.5 mL fill and 5 ...
SecurityWeek

Google DeepMind Researchers Map Web Attacks Against AI Agents

Threat actors can use malicious web content to set up AI Agent Traps and manipulate, deceive, and exploit visiting autonomous ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...
The Joplin Globe

LEO Pharma Announces New Long-Term Data for SPEVIGO® (spesolimab-sbzo) Injection in Adults with Generalized Pustular Psoriasis at AAD 2026

LEO Pharma Announces New Long-Term Data for SPEVIGO® (spesolimab-sbzo) Injection in Adults with Generalized Pustular Psoriasis at AAD 2026 ...
The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...
Network World

Chained vulnerabilities in Cisco Catalyst switches could induce denial-of-service

Cisco’s widely deployed Catalyst 9300 Series enterprise switches have four security vulnerabilities, two of which could be chained to cause a denial-of-service outage, infrastructure security company ...
Reuters

China to inject $44 billion into state banks, boost tech financing

China to inject 300 billion yuan into state banks Beijing launches 100 billion yuan fund to boost domestic demand China to step up tech financing, deepen capital markets "Green channel" to fast-track ...
winbuzzer.com

Chrome Gemini Flaw Let Rogue Extensions Hijack AI Panel

Chrome’s Gemini panel requires camera and microphone access to function as an AI assistant. That same elevated access, researchers found, could be claimed by any rogue extension, including one with ...