Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
They're not bad; they're just prompted that way. Sysdig threat hunters documented what they say is the first-ever documented ...
Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...
Source: VentureBeat created with Imagen. MCP's STDIO transport, the default for connecting an AI agent to a local tool, executes any operating system command it ...
Security researchers at OX Security said last week that Anthropic's fast-spreading standard for connecting AI agents to tools that help these agents complete tasks contains an architectural flaw, and ...
conda create -n langflow python=3.12 conda activate langflow # Install CUDA-enabled torch first (adjust cu124 to match your driver) pip install torch --index-url ...
A critical pre-authentication remote code execution vulnerability in Marimo, an open-source Python notebook platform owned by AI cloud company CoreWeave, was exploited in the wild less than 10 hours ...
The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says. A critical pre-authentication ...
Attackers are currently targeting a vulnerability in the AI tool Langflow for developing and deploying AI-powered agents and workflows. After successful attacks, they execute malicious code and ...
Attackers weaponized critical RCE within hours, prompting CISA to add the flaw to its KEV catalog and set an urgent patch deadline. Attackers have exploited a critical Langflow RCE within hours of ...
The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framework ...