Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your security tools look.
Impact: Organizations using affected versions of Oracle E-Business Suite are at risk of sensitive data leakage or operational disruption due to remote instance takeover. Next steps: Apply Oracle ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted ...
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
Two newly disclosed critical vulnerabilities in Adobe ColdFusion and Langflow join two Joomla extension flaws in CISA's Known ...
Noma Labs tricked GitHub's AI agent into leaking private repositories with a crafted issue. The prompt-injection flaw, GitLost, has no code fix.
Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
An Iranian hacking group affiliated with Iran's Ministry of Intelligence and Security (MOIS) has been wielding a previously undocumented modular command-and-control (C2) framework dubbed Cavern (aka ...