Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
The gadget has three buttons, and it changes context based on what app you are looking at. For instance, in meeting apps and ...
Kaspersky says the attacks use phishing, GitHub-hosted payloads, CVE-2025-9491 LNK abuse, and Go2Tunnel-based tunneling.