Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

Blog

Byadmblake April 7, 2026

Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck. The vulnerability in question is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution. “The CustomMCP node allows users to input configuration settings for connecting

Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck.
The vulnerability in question is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution.
“The CustomMCP node allows users to input configuration settings for connecting

Blog

With AI’s Help, Bad Bots Are Taking Over the Web

Bad bots are becoming increasingly difficult to detect as they more easily mimic human behaviors and utilize evasion techniques, researchers say.

Read More With AI’s Help, Bad Bots Are Taking Over the Web
Blog

Attackers Hide Infostealer in Copyright Infringement Notices

A phishing campaign targeting healthcare, government, hospitality, and education sectors in various countries uses several evasion techniques to avoid detection.

Read More Attackers Hide Infostealer in Copyright Infringement Notices
Blog

Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures

Threat actors have been observed leveraging fake artificial intelligence (AI)-powered tools as a lure to entice users into downloading an information stealer malware dubbed Noodlophile. “Instead of relying on traditional phishing or cracked software sites, they build convincing AI-themed platforms – often advertised via legitimate-looking Facebook groups and viral social media campaigns,”

Read More Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures
Blog

OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws

A second security flaw impacting the OttoKit (formerly SureTriggers) WordPress plugin has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-27007 (CVSS score: 9.8), is a privilege escalation bug impacting all versions of the plugin prior to and including version 1.0.82. “This is due to the create_wp_connection() function missing a capability check…

Read More OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws
Blog

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. “The attack targets Python projects — including Django apps, ML research code, Streamlit dashboards, and PyPI packages — by appending obfuscated code to files like setup.py, main.py, and app.py,”…

Read More GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
Blog

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution. The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10.0. It has been described as a case of insecure deserialization. “Due to a deserialization…

Read More New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

Related