Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Researchers from security firm Trend Micro warn that a critical remote code execution vulnerability patched in April in the ...
A critical flaw found in the open source Langflow platform was added to the US Cybersecurity and Infrastructure Security Agency ...
Attackers are actively targeting a critical flaw in a popular Python-based Web app for building AI agents and workflows to ...
Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your security tools look.