LinkedIn secretly scans for 6,000+ Chrome extensions, collects data

A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan ...
The Caledonian-Record

Domo Launches AI Agent Builder and MCP Server to Connect Enterprise Data to the AI Ecosystem

Domo (Nasdaq: DOMO) today announced a new AI orchestration framework that helps businesses operationalize artificial ...

Table of Experts: Data Centers – An engine for the region’s economy

Ready or not, here come the data centers. It is important for Western New York to embrace them, because ultimately this ...
DataBreachToday

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
The Hacker News

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

WebRTC skimmer exploits PolyShell flaw since March 19, hitting 56.7% stores, enabling stealth data theft bypassing CSP.
CSO Online

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...
The Hacker News

Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

Iran-linked actors target U.S. PLCs using Dropbear and SSH access, disrupting OT systems across sectors and escalating cyber ...

Table of Experts: Phoenix builders ready to meet demand as Valley’s data center project pipeline grows

The latest projections show that Arizona’s current data center capacity is expected to double due to the number of data ...
SecurityWeek

Critical Flowise Vulnerability in Attacker Crosshairs

Threat actors have started exploiting CVE-2025-59528, a critical Flowise vulnerability leading to remote code execution.

Your LinkedIn session might not be as private as you think

A new report claims LinkedIn scans over 6,000 Chrome extensions and collects device data using hidden scripts, raising major privacy concerns.

Hackers compromise popular Axios Javascript library with hidden malware

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute ...