A new campaign is exploiting a critical security flaw in Langflow to deliver the Flodrix botnet malware. Successful exploitation could allow unauthenticated attackers to execute arbitrary code using crafted HTTP requests. The malware sets up communications with a remote server to launch distributed denial-of-service attacks. It is believed to be an evolution of the LeetHozer botnet, linked to the Moobot group, and features enhanced obfuscation and self-removal properties.
BeyondTrust Tools RCE Vulnerability Let Attackers Execute Arbitrary Code
A high-severity vulnerability (CVE-2025-5309) in BeyondTrust’s Remote Support and Privileged Remote Access platforms allows unprivileged attackers to execute arbitrary code via Server-Side Template Injection. Affecting
