Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
The Hacker News

GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs

GlassWorm uses a fake WakaTime VS Code extension to infect IDEs, deploy RATs, and steal data, prompting urgent credential ...

New macOS stealer campaign uses Script Editor in ClickFix attack

A new campaign delivering the Atomic Stealer malware to macOS users abuses the Script Editor in a variation of the ClickFix ...
CSO Online

New ClickFix variant bypasses Apple safeguards with one‑click script execution

Jamf finds a ClickFix variant that swaps copy-paste Terminal lures for Script Editor execution, tightening delivery of Atomic ...
The New York Times

New York Times - Top Stories

Iranian Delegation Arrives at Peace Talks, With Vance en Route Israel and Lebanon will hold talks in Washington next week. A senior Iranian official says ‘blocked assets’ must be released before peace ...