An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt ...
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
A threat group researchers call "Armored Likho" has gained access to government agencies and electrical power entities in ...
Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
They're not bad; they're just prompted that way. Sysdig threat hunters documented what they say is the first-ever documented ...
A malicious Microsoft Edge extension dubbed ‘Edgecution' has been used in a ransomware attack to escape the browser sandbox and deploy a Python-based backdoor. Access to the local system is obtained ...
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
The new open-source project could serve as the basis for a future of apps with features as complex as Slack, Discord, or Google Docs—but with added protection against surveillance.
This week: a DeepSeek browser-only ransomware path, AI pen testing trust dropped, Mustang Panda targeted India, Tata breach ...
Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based code analysis systems into overlooking malicious payloads. Threat actors ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results