Two newly disclosed critical vulnerabilities in Adobe ColdFusion and Langflow join two Joomla extension flaws in CISA's Known ...
A recent report from cloud security firm Sysdig details the capabilities of JadePuffer, which it says is the first ransomware ...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies until Friday to patch an actively ...
The data layer underneath an agentic system must handle variable schemas, vector embeddings, real-time retrieval, and ...
has documented what it says is the first ransomware operation carried out from start to finish by an autonomous artificial ...
Sysdig's JadePuffer case is billed as the first ransomware attack planned and executed end to end by an AI agent, with no human directing it.
An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt ...
JadePuffer, the first known 'agentic ransomware', uses an AI agent to run attacks end-to-end and adapt in real time, ...
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your security tools look.
Actively exploited CVE-2026-5027 lets attackers write files to arbitrary locations on vulnerable Langflow servers, creating a path to remote code execution and full system compromise. Enterprises ...
Threat actors have begun exploiting a high-severity vulnerability in the popular low-code AI development platform Langflow, according to VulnCheck. Tracked as CVE-2026-5027 (CVSS score of 8.8), the ...