Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
SiliconANGLE

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute malware via a compromised account. Attackers exploited a hijacked account on npm ...
Bleeping Computer

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems. One malicious ...
Nextgov

North Korea-linked hackers suspected in Axios open-source hijack, Google analysts say

“The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will have far reaching impacts,” a chief Google analyst said. North Korea-aligned ...
SecurityWeek

US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ Sites

The US has seized several domains used by Handala in cyber-enabled psychological operations. The United States government has for the first time officially linked the notorious Handala hacker group to ...
Lifehacker

How to Stop Social Media Platforms From Tracking You When You Share Posts

Pranay Parab is an independent tech journalist based in Mumbai, India. He covers tech for Lifehacker, and specializes in tutorials and in-depth features. When you hit the share button on social media ...
PC Magazine

Russian Hackers Spotted Trying to Hijack WhatsApp, Signal Accounts

Russian state-sponsored hackers have allegedly been trying to hijack WhatsApp and Signal accounts on a global scale by tricking users into handing over their login authentication codes. The warning ...
PC Magazine

Wikipedia Forced to Lock Down Edits Over JavaScript That Could Delete Pages

Wikipedia Forced to Lock Down Edits Over JavaScript That Could Delete Pages The nonprofit that oversees Wikipedia briefly enforced a 'read-only' mode on Thursday morning as users spotted code designed ...
TechCrunch

Cisco says hackers have been exploiting a critical bug to break into big customer networks since 2023

Cisco says hackers have been exploiting a bug in one of its popular networking products used by large enterprises for at least three years, prompting the U.S. government and its allies to urge ...
CSOonline

China-linked hackers used Google Sheets to spy on telecoms and governments across 42 countries

The GRIDTIDE backdoor concealed its traffic within routine spreadsheet activity for years before Google shut down the operation last week. Google has disrupted a China-linked espionage group that used ...
Yahoo

AI-Powered Hacker Steals 150GB from Mexican Government Using Anthropic’s Claude

Add Yahoo as a preferred source to see more of our stories on Google. The breach reads like a cyberpunk fever dream, but the method was disturbingly simple. The hacker jailbroke Claude by framing ...
Mercury News

Hacker used Anthropic’s Claude to steal sensitive Mexican data

A hacker exploited Anthropic PBC’s artificial intelligence chatbot to carry out a series of attacks against Mexican government agencies, resulting in the theft of a huge trove of sensitive tax and ...