Hackers use pixel-large SVG trick to hide credit card stealer

A massive campaign impacting nearly 100 online stores using the Magento e-commerce platform hides credit card-stealing code ...
CSO Online

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...

Hackers Turned Anthropic's Claude Code Leak into a Malware Lure

Cybercriminals are exploiting the recent Claude Code source code leak to distribute Vidar malware via fake GitHub repositories.
SecurityWeek

Axios NPM Package Breached in North Korean Supply Chain Attack

North Korean hackers published backdoored versions of the Axios NPM package using a compromised long-lived access token.
The Hacker News

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

China's National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the security risks stemming from the use of OpenClaw (formerly Clawdbot and Moltbot), an ...