The Hacker News

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google patches 21 Chrome vulnerabilities, including an actively exploited zero-day flaw that could enable code execution and ...

Supply chain attack hits Axios npm releases, users urged to rotate keys

Security firm Socket advised developers to check dependencies for affected Axios versions and remove or roll back compromised ...
The Caledonian-Record

Anteriad Announces Jeff Wolf as New CFO

Anteriad, a global leader in AI and data-driven, tech-enabled B2B marketing, announced that Jeff Wolf has been named the company’s new ...

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar ...
The Caledonian-Record

Bitget Gives AI Its Own Trading Account, Advancing Toward an Agent-Native Exchange

Bitget, the world’s largest Universal Exchange (UEX), has introduced a new account structure that allows its AI trading agent, GetClaw, to execute ...

ICE agents don’t carry guns in Canada, agency says in response to World Cup concerns

United States Immigration and Customs Enforcement agents in Canada don’t carry firearms, the agency said following questions ...
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...

Q&A: Birmingham’s IT talent market, local growth in a national talent economy

Birmingham offers a lower cost structure, accessible leadership, and the ability for technologists to make visible business ...
SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.