Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...
CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.
The open-source database RxDB 17 now synchronizes data directly via Google Drive or OneDrive – developers no longer need ...
Syncplify Server! now features tamper-proof audit trails with cryptographic verification, raising the bar for SFTP ...
The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...
On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) ...
The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...
Google's Gary Illyes published a blog post explaining how Googlebot works as one client of a centralized crawling platform, ...
A Grafana AI flaw enables zero-click data exfiltration by hiding malicious prompts in URLs, said a Noma Security report.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results