InfoQ

Anthropic Accidentally Exposes Claude Code Source via npm Source Map File

Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...
Developer Tech

AI code scanners halt Internet Bug Bounty payouts

The Internet Bug Bounty program has paused new submissions, citing a massive expansion in vulnerability discovery by AI code ...
Silicon Canals

One maintainer, one compromised laptop: How North Korean hackers hijacked the Axios open source project

In early April 2025, security researchers confirmed that North Korean state-sponsored hackers had successfully compromised the Axios HTTP library. It is one ...
The Hacker News

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.
Silicon Canals

A three-hour window: North Korean hackers compromised the Axios library and exposed thousands of systems

Forty-five million weekly downloads. One compromised maintainer. Three hours of exposure before anyone noticed.
News.az

The flowise AI crisis: why 12,000+ exposed servers are a hacker's playground

Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) ...
SecurityWeek

Critical Flowise Vulnerability in Attacker Crosshairs

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.