The Hacker News

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.
Queerty

What the butt is up with Netflix’s new chess doc about vibrating anal beads?!

The new feature-length doc tells the story of Magnus Carlsen, a Norwegian Grandmaster and the No. 1 chess player in the world ...

CF Montreal exec Saputo says he didn’t want to make rash decision in firing of coach

CF Montreal executive Luca Saputo says he didn’t want to make a rash decision when it came to the dismissal of Marco Donadel ...
Foreign Affairs

The Trouble With Permanent Alliances

Traditionally, alliances were forged as highly contingent, time-bound partnerships, but after World War II, the United States went about establishing permanent ones, including NATO and bilateral ...

Hootsuite founder Ryan Holmes returns as interim CEO six years after stepping down

In a separate LinkedIn post, Ms. Novoselsky, who joined in early 2023, wrote that Monday was her last day at CEO, adding she ...
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...
CSO Online

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
The Register-Herald

A possible Frozen Four first: All 4 starting goalies are freshmen

Four freshman goalies will take the ice at the Frozen Four semifinals on Thursday at T-Mobile Arena in Las Vegas. The NCAA ...
The Caledonian-Record

Historic US-Iran direct talks begin in Pakistan as war's fragile ceasefire holds

Face-to-face negotiations have begun between the United States and Iran in Pakistan, days after a fragile, two-week ceasefire was announced. A U.S. delegation led by Vice President JD Vance and ...
SecurityWeek

Critical Flowise Vulnerability in Attacker Crosshairs

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.
LGBTQ Nation

LGBTQ+ groups warn Meta’s facial recognition smartglasses could harm queers & abuse victims

Soon, strangers may be able to identify you by just looking at your face in public. That's a huge civil rights issue, some ...