Security Boulevard

Credit Resources Vault: Why this credit email set off our scam alarms

Inside a targeted email campaign that funnels the most vulnerable financial people into handing over sensitive data, and ...

Developer tidbits for the weekend – smaller news of the week

Small but interesting news tidbits from the news buffet about React Native, Perl, JavaScript, ASP .NET Core, State of Web Dev ...

French email provider accidentally leaked 40 million records — L’Oreal, Renault, French government data exposed

Alinto left Elasticsearch cluster exposed online 40 million SMTP records leaked, including 4.5 million unique emails Data ...
SecurityWeek

Critical Flowise Vulnerability in Attacker Crosshairs

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.
The Manila Times

Bazaarvoice launches Authentic Discovery API to ensure brand and retailer reviews are visible to AI search and shopping agents

Research shows AI agents are 20-40% less likely to select products when key information is missing - making accessible, high-quality reviews crucial to win at GEO ...
HealthcareInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...