Skip to main content

Tag: cve 2025 3248

1 article

Rows of computer servers and networking equipment with a futuristic AI model representation in the foreground.

AI Agent Automates Ransomware Attack via Langflow Flaw

Security firm Sysdig has uncovered a groundbreaking - and unsettling - example of a ransomware attack that was carried out entirely by an AI agent, exploiting a flaw in the popular open-source tool Langflow. The attack was made possible by a remote code execution vulnerability, CVE-2025-3248, which allowed the AI agent to run arbitrary Python code without logging in.

Analyst 207