The path traversal flaw, allowing access to arbitrary files, adds to a growing set of input validation issues in AI pipelines. Security researchers are warning that applications using AI frameworks ...

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...

A Grafana AI flaw enables zero-click data exfiltration by hiding malicious prompts in URLs, said a Noma Security report.

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.

The OWASP Top 10 for LLM Applications is the most widely referenced framework for understanding these risks. First released in 2023, OWASP updated the list in late 2024 to reflect real-world incidents ...

A growing body of academic research warns that AI-assisted “vibe coding,” where language models assemble software from ...

Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) ...

NEW YORK CITY, NY / ACCESS Newswire / April 10, 2026 / As regulators tighten standards and sustainability claims face growing scrutiny, SMX (Security Matters), in collaboration wi ...

Active exploits, nation-state campaigns, fresh arrests, and critical CVEs — this week's cybersecurity recap has it all.