An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt ...
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Threat actors have begun exploiting a high-severity vulnerability in the popular low-code AI development platform Langflow, according to VulnCheck. Tracked as CVE-2026-5027 (CVSS score of 8.8), the ...
Attackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers. Langflow is an ...
A high-severity security flaw in Langflow, an open-source low-code platform to build artificial intelligence (AI) applications, has come under active exploitation in the wild, according to findings ...
A federal judge has blocked President Donald Trump’s bid to slap a $100,000 fee on employers who seek to hire foreign workers for specialized roles, labeling the policy an unauthorized “tax” that ...
Blocks-DB: Runs on AWS infrastructure (EC2 c7i.xlarge coordinator + Lambda 8 GB + S3, eu-west-1) using the Lithops serverless framework. Cloud credentials and deployment configuration are not included ...