MUO on MSN

Yes, you can get malware just by visiting a website

It's not even your browser's fault.

Top open source AI platform Flowise hit by maximum-level security issue

A 10/10 Flowise bug was patched, but is now being abused in the wild.
SecurityWeek

Google DeepMind Researchers Map Web Attacks Against AI Agents

Threat actors can use malicious web content to set up AI Agent Traps and manipulate, deceive, and exploit visiting autonomous ...
The Hacker News

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.
News.az

The flowise AI crisis: why 12,000+ exposed servers are a hacker's playground

Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) ...

「ソーシャルエンジニアリング」関連の最新 ニュース・レビュー ...

セキュリティニュースアラート: 「身近な上司」を再現する専用ディープフェイク動画を作成 KnowBe4が新トレーニング KnowBe4は自社幹部の動画や音声などの素材でディープフェイク動画を作成し、高度ななりすまし攻撃を体験できる日本語版トレーニングを発表した。巧妙なAI詐欺の手口を実践的に学ぶことで、判断能力の強化が期待できる。(2026/2/19) ...
Infosecurity Magazine

How Security Leaders Can Safeguard Against Vibe Coding Security Risks

Infosecurity outlines key recommendations for CISOs and security teams to implement safeguards for AI-assisted coding ...
InfoQ

Anthropic Accidentally Exposes Claude Code Source via npm Source Map File

Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...

先週は何が危険だった?企業・家庭に影響する脆弱性まとめ

人気ライブラリの供給網攻撃、スマホ決済を狙うフィッシング、家庭用ルータの脆弱性――先週はソフトウェアから個人利用サービス、ネットワーク機器まで幅広い領域でセキュリティリスクが顕在化した。中でもaxiosを狙った攻撃は開発環境そのものを侵害する可能性が ...
Cybernews

Anthropic develops AI model that smashes Google, OpenAI and is too dangerous for public release

Anthropic deems its Claude Mythos AI model too dangerous for public release due to its powerful ability to find critical ...