Security researchers have discovered a cyberattack campaign exploiting a critical vulnerability (CVE-2025-3248) in Langflow servers to install the Flodrix botnet malware. The vulnerability, which affects versions of Langflow prior to 1.3.0, enables the execution of malicious code and the total compromise of affected systems. Attackers detect vulnerable servers with scanning tools, gain access using GitHub exploits, collect system information, and install the malware which executes numerous types of attacks. Immediate system upgrades and access restriction are suggested preventive measures.
Threat Actors Abuse Windows Run Prompt to Execute Malicious Command and Deploy DeerStealer
Researchers have identified a sophisticated malware campaign, utilizing Windows’ Run prompt to deliver DeerStealer, which steals cryptocurrency wallets and personal data. Known as ClickFix, it
