This morning's pattern is brutally consistent. Attackers are not winning because defenders lack dashboards, they are winning because too many management surfaces are still reachable, too many trust boundaries are imaginary, and too many teams patch the headline while leaving the control plane exposed.
The sharpest signal today is that modern attack paths are converging. Flowise is being exploited in the wild, Docker authorization controls can still be bypassed under the wrong assumptions, state actors are hijacking DNS from cheap edge devices, Iran-linked operators are touching operational technology, and Snowflake customers are getting dragged into a third-party token mess. Add the FBI's new $21 billion cybercrime loss figure and the message is simple: reachable admin surfaces are still the easiest money in security.
VulnCheck says attackers have started exploiting CVE-2025-59528, a maximum-severity flaw in Flowise's CustomMCP node that can lead to arbitrary JavaScript execution and system access. Public reporting says 12,000 to 15,000 Flowise instances are exposed online. If your team left Flowise internet-facing and unpatched, treat it like an incident, not a routine update.
Docker's incomplete fix for an older authorization-plugin bug means a specially crafted oversized API request can skip body inspection and still create a privileged container with host file system access. That is nasty because many teams act like AuthZ plugins are the final safety rail. They are not. If Docker is part of your AI or CI control plane, patch to 29.3.1 and stop trusting policy layers you have not actually pressure-tested.
Microsoft, Black Lotus Labs, and UK authorities tied APT28 to router compromises that changed DNS settings on SOHO devices and enabled adversary-in-the-middle collection against web and email traffic. The campaign reportedly peaked at more than 18,000 IPs across 120 countries. That is the ugly reminder that branch-office and home-office edge gear is still a soft underbelly for enterprise identity.
U.S. agencies warned that Iranian-affiliated actors have been targeting internet-facing PLCs, especially Rockwell and Allen-Bradley devices, with some Siemens exposure also in scope. Victims in municipal, water, wastewater, and energy environments have already seen operational disruption and financial loss. If a PLC or HMI is still hanging off the public internet, that is not digital transformation, it is operational malpractice.
BleepingComputer reports that a breach at an alleged SaaS integration provider enabled token theft and downstream data theft against multiple companies, with Snowflake customers taking most of the pain and Salesforce attempts also observed. The lesson is not subtle: analytics partners, anomaly-detection vendors, and token-based integrations are part of your attack surface whether procurement likes that sentence or not.
Patch or isolate Flowise and Docker immediately, review exposed MCP and AI-builder services, lock down router management and DNS changes, remove OT control systems from direct internet exposure, and rotate third-party integration tokens while reviewing Snowflake and Salesforce audit trails. Today is a good day to kill weak assumptions before attackers monetize them for you.
Turn today's signal into action.
KENSAI helps security teams validate exposed surfaces, pressure-test controls, and find the trust gaps attackers monetize first.
Start Your Free Scan →