Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Microsoft warns that MCP tool descriptions can be manipulated to redirect AI agents, exposing sensitive data through trusted ...