Agentic AI Used to Conduct Ransomware Attack via Langflow

https://www.securityweek.com/wp-content/uploads/2025/08/AI-powered-ransomware.jpg

A threat actor exploited a vulnerability in Langflow to access an organization’s instance and abuse it in an agentic ransomware attack, cloud security firm Sysdig reports.

Langflow is a Python-based, LLM-agnostic open source framework used for building LLM-driven applications and agent workflows.

As part of the attack, a threat actor tracked as JadePuffer gained access to an internet-exposed Langflow instance through the exploitation of CVE-2025-3248 (CVSS score of 9.8), a critical missing authentication vulnerability disclosed in April.

Successful exploitation of the bug allows attackers to execute arbitrary Python code on the host on which Langflow is running. CISA flagged the flaw as exploited in early May.

After gaining code execution, JadePuffer used the LLM for reconnaissance and swept the system for secrets, including API keys, cloud credentials, cryptocurrency wallets, configuration files, and database credentials.

Next, the threat actor dumped Langflow’s Postgres database to harvest the secrets in it, scanned the...

Copyright of this story solely belongs to securityweek.com. To see the full text click HERE

Read more