The Hacker News

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.
pv magazine Australia

UNSW study finds tracker-based PV systems experience higher UV degradation than fixed-tilt arrays

New research from the University of New South Wales shows that PV module degradation varies widely with system design and ...
Developer Tech

AI code scanners halt Internet Bug Bounty payouts

The Internet Bug Bounty program has paused new submissions, citing a massive expansion in vulnerability discovery by AI code ...
Cyber Daily

Your developers work for cyber gangs

In-house software built in March with open-source components may include malware placed there by criminals. This isn’t a ...
News.az

The flowise AI crisis: why 12,000+ exposed servers are a hacker's playground

Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) ...

Hackers exploit critical flaw in Ninja Forms WordPress plugin

A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files without authentication, which can lead to remote code execution.

Why Running Google’s Gemma 4 Locally Is Easier Than You Think

Gemma 4 setup for beginners: download and run Google’s Apache 2.0 open model locally with Ollama on Windows, macOS, or Linux via terminal commands.