CSO Online

Hackers have been exploiting an unpatched Adobe Reader vulnerability for months

Now a security researcher says a Reader hole has been quietly exploited by malware for as long as four months, fingerprinting ...

Oak View Group names two executives to lead venue programming

The appointments come months after the company's former chief executive stepped down following a federal indictment and ...
The Hacker News

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

Adobe Reader zero-day exploited since Dec 2025 via malicious PDFs, enabling data theft and potential RCE, prompting urgent ...

The humans in the loop: St. Louis coding schools pivot to AI training as tech hiring landscape shifts

The schools are training workers for AI-first roles rather than traditional coding jobs. LaunchCode aims to add one million ...

Top open source AI platform Flowise hit by maximum-level security issue

A 10/10 Flowise bug was patched, but is now being abused in the wild.
CSO Online

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
SecurityWeek

Critical Flowise Vulnerability in Attacker Crosshairs

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.

A popular coding tool was hijacked to deliver malware.

A hacker took over an account belonging to the lead maintainer of the JavaScript library, Axios, which is used to handle HTTP requests, as reported by Cybernews. Security researchers found that ...
Business Insider

Google developers find that with AI, judgment is more important than JavaScript

AI-driven coding is reshaping tech jobs, shifting developers to design and management roles. Engineers are managing multiple AI agents, which boosts productivity but could risk burnout. Google is ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...