CSO Online

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
InfoQ

Anthropic Accidentally Exposes Claude Code Source via npm Source Map File

Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...
The Next Web

LinkedIn is secretly scanning your browser for 6,000 extensions, and you weren’t told

LinkedIn runs a hidden JavaScript script called Spectroscopy that silently probes over 6,000 Chrome extensions and collects ...

LinkedIn secretly scans for 6,000+ Chrome extensions, collects data

A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan ...

Private forms breached during St. Joseph County fax service hack

Hackers known as the "Handala Hack Team" have posted sensitive documents from St. Joseph County to their website.
The Hacker News

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

"The C2 hosts a web-based graphical user interface (GUI) titled 'NEXUS Listener' that can be used to view stolen information ...
SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...

Security study finds thousands of API credentials exposed on the web for years

Researchers scan 10 million websites and uncover thousands of exposed API keys quietly granting access to cloud systems and ...

Google Explains Googlebot Byte Limits And Crawling Architecture

Google's Gary Illyes published a blog post explaining how Googlebot works as one client of a centralized crawling platform, ...

How Cloudflare’s Dynamic Workers Make Serverless Sandboxes 100X Faster

Discover the architecture behind Cloudflare's Dynamic Workers. Learn how they eliminate cold starts and make serverless sandboxes 100x faster for developers.

Microsoft Weekly: new Game Pass tier, PowerToys updates, and more

This week's Microsoft news recap is here with rumors about a new Game Pass tier, recalled feature updates for Windows 11, gaming news, and more.