Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your security tools look.
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
JadePuffer, a ransomware operation, used an AI agent to carry out much of the intrusion chain from reconnaissance, key theft, ...
has documented what it says is the first ransomware operation carried out from start to finish by an autonomous artificial ...
A critical flaw found in the open source Langflow platform was added to the US Cybersecurity and Infrastructure Security Agency’s (CISA's) Known Exploited Vulnerabilities (KEV) catalog. Langflow is a ...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies until Friday to patch an actively ...
Researchers from security firm Trend Micro warn that a critical remote code execution vulnerability patched in April in the Langflow AI agent framework is being exploited to deploy botnet malware. The ...
Attackers are actively targeting a critical flaw in a popular Python-based Web app for building AI agents and workflows to unleash a powerful botnet that can cause full system compromise, distributed ...
JadePuffer, the first known 'agentic ransomware', uses an AI agent to run attacks end-to-end and adapt in real time, ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results