The Hacker News

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

Adobe Reader zero-day exploited since Dec 2025 via malicious PDFs, enabling data theft and potential RCE, prompting urgent ...

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
CSO Online

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...
SecurityWeek

Critical Flowise Vulnerability in Attacker Crosshairs

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.

Top open source AI platform Flowise hit by maximum-level security issue

Flowise AI platform carried CVSS-10 arbitrary code flaw Vulnerability in CustomMCP node exploited in the wild Up to 15,000 ...
InfoWorld

Microsoft announces end of support for ASP.NET Core 2.3

Microsoft will stop providing security patches, bug fixes, and technical support for ASP.NET Core 2.3 on April 7, 2027.
The Caledonian-Record

Woodson Equity Expands Leadership Team With Two Key Senior Appointments

Woodson Equity, an operationally focused lower middle market private equity firm, today announced the addition of two senior ...

Iran warns it will respond if Israeli attacks on Lebanon don't stop immediately

Israel and the US say Lebanon is not included in a two-week ceasefire deal with Iran. PM Benjamin Netanyahu says Israel ...
Developer Tech

Axios npm attack causes JavaScript supply chain chaos

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...
The Caledonian-Record

Apex Fintech Solutions Releases Q1 2026 Investor Pulse Report: Retail Investors Execute Sophisticated Macro Trades at Unprecedented Scale

Apex Fintech Solutions Inc. (“Apex”), the infrastructure powering modern investing, today released its Q1 2026 Apex Investor Pulse report, revealing that retail investors on the Apex platform drove ...

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google patches 21 Chrome vulnerabilities, including an actively exploited zero-day flaw that could enable code execution and ...
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...