CSO Online

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...

Top open source AI platform Flowise hit by maximum-level security issue

Flowise AI platform carried CVSS-10 arbitrary code flaw Vulnerability in CustomMCP node exploited in the wild Up to 15,000 ...

CISA adds second critical flaw in Ivanti EPMM to exploited vulnerabilities catalog

CISA set a deadline of April 11 for federal civilian executive branch agencies to mitigate their environments. Ivanti first ...

CMS Grants Fresenius Kabi COVID-19 Indication-Specific HCPCS Codes for Tyenne® (tocilizumab-aazg)

Fresenius Kabi, a part of Fresenius, and a leading provider of essential medicines and medical technologies, announced today that the Centers for Medicare & Medicaid Services has issued ...
DataBreachToday

Grafana AI Bug Leaks Data With Zero-Click Exploit

A Grafana AI flaw enables zero-click data exfiltration by hiding malicious prompts in URLs, said a Noma Security report.
InfoWorld

Microsoft’s new Agent Governance Toolkit targets top OWASP risks for AI agents

The open-source project maps directly to OWASP’s top 10 agentic AI threats, aiming to curb issues like prompt injection, ...
AllAfrica on MSN

Mauritania - Finance On Track for the Modern Age

The gesture could hardly be simpler. A phone unlocked, a QR code scanned, a payment made. This is no gimmick at a supermarket on the outskirts of Nouakchott. It is a significant leap into the 21st ...
InfoQ

Anthropic Accidentally Exposes Claude Code Source via npm Source Map File

Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...
InfoWorld

How Agile practices ensure quality in GenAI-assisted development

AI lets you code at warp speed, but without Agile "safety nets" like pair programming and automated tests, you're just ...
The Hacker News

Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices

Masjesu botnet drives global DDoS attacks since 2023, with nearly 50% traffic from Vietnam, threatening enterprises and IoT ...

Chamath Says Firms That Treat AI As A Strategy Hand Rivals Their Edge

What problems are behind the emerging Saaspocalypse - the dominance of AI labs may mean that the B2B users will lose their ...