Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
Government Technology

Syracuse, N.Y., Notifies Possible Police Data Breach Victims

Letters began going out in late March to people potentially impacted by a breach of Syracuse Police Department digital files ...

US warns of Iranian hackers targeting critical infrastructure

Iranian-linked hackers are targeting Internet-exposed Rockwell/Allen-Bradley programmable logic controllers (PLCs) on the networks of U.S. critical infrastructure organizations.
Microsoft

SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks

Executive summary Forest Blizzard, a threat actor linked to the Russian military, has been compromising insecure home and ...
CSO Online

Supply chain security is now a board-level issue: Here’s what CSOs need to know

Security isn't just your problem anymore — it's the board's. With 97% of apps using open-source, CSOs need to ditch the false ...