MUST READ

Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution

 | 

Major outage cripples Russian banking apps and metro payments nationwide

 | 

Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa

 | 

GPUBreach exploit uses GPU memory bit-flips to achieve full system takeover

 | 

Phishing LNK files and GitHub C2 power new DPRK cyber attacks

 | 

BKA unmasks two REvil Ransomware operators behind 130+ German attacks

 | 

Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed

 | 

CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91

 | 

Image or Malware? Read until the end and answer in comments :)

 | 

Security Affairs newsletter Round 571 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Qilin ransomware group claims the hack of German political party Die Linke

 | 

U.S. CISA adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog

 | 

European Commission breach exposed data of 30 EU entities, CERT-EU says

 | 

North Korea–linked hackers drain $285M from Drift in sophisticated attack

 | 

CrystalX RAT: new MaaS malware combines spyware, stealer, and remote access

 | 

Pro-Iran Handala group breached Israeli defence contractor PSK Wind Technologies

 | 

Cisco fixed critical and high-severity flaws

 | 

Threat actor UAC-0255 impersonate CERT-UA to spread AGEWHEEZE malware via phishing

 | 

Italian spyware vendor creates Fake WhatsApp app, targeting 200 users

 | 

CVE-2025-59528

Pierluigi Paganini April 07, 2026
Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution

Attackers are exploiting a critical Flowise flaw, tracked as CVE-2025-59528 (CVSS score of 10), that lets them run malicious code and access systems due to poor validation of user-supplied JavaScript. Attackers are actively exploiting a critical vulnerability in Flowise, tracked as CVE-2025-59528, that allows remote code execution and file system access. The flaw stems from improper validation […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution

Security / April 07, 2026

Major outage cripples Russian banking apps and metro payments nationwide

Security / April 07, 2026

Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa

Cyber Crime / April 07, 2026

GPUBreach exploit uses GPU memory bit-flips to achieve full system takeover

Security / April 07, 2026

Phishing LNK files and GitHub C2 power new DPRK cyber attacks

Uncategorized / April 06, 2026