Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
The Hacker News

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

Adobe patches CVE-2026-34621 after active exploitation since Dec 2025, preventing remote code execution via malicious PDFs.
The Hacker News

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

Adobe Reader zero-day exploited since Dec 2025 via malicious PDFs, enabling data theft and potential RCE, prompting urgent ...
News.az

Adobe patches critical Acrobat zero-day exploited in the wild since late 2025.

The vulnerability, assigned the CVE identifier CVE-2026-34621, carries a CVSS score of 9.6 out of 10.0. Successful ...
SecurityWeek

Critical Flowise Vulnerability in Attacker Crosshairs

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.
Techlomedia

Google Fixes Critical Chrome Bugs That Could Allow Remote Code Execution

Google has rolled out a new update for its Chrome browser, fixing several serious security issues. The latest version, Chrome ...
CSO Online

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...
Techlomedia

Adobe Fixes Critical Acrobat Reader Flaw Exploited in the Wild

Adobe has released an emergency security update to fix a critical vulnerability in Adobe Acrobat Reader that is already being ...

Top open source AI platform Flowise hit by maximum-level security issue

Flowise AI platform carried CVSS-10 arbitrary code flaw Vulnerability in CustomMCP node exploited in the wild Up to 15,000 ...
News.az

The flowise AI crisis: why 12,000+ exposed servers are a hacker's playground

Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) ...

Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise

Although executed by different attackers – Axios by North Korean-linked goons, and Trivy et al. by a loosely knit band of ...

Months-old Adobe Reader zero-day uses PDFs to size up targets

Hackers have been quietly exploiting what appears to be a zero-day in Adobe Acrobat Reader for months, using booby-trapped PDFs to profile targets and decide who's worth fully compromising.