Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Attackers don't need any special authentication to reach a target endpoint — they just need to know where it is.
Got a confidential news tip? We want to hear from you. Sign up for free newsletters and get more CNBC delivered to your inbox Get this delivered to your inbox, and ...
Only one of them felt like something I actually want to open every day ...