A recently observed cyber campaign is actively exploiting a critical remote code execution (RCE) vulnerability in Langflow, an open-source visual development framework for AI applications, to deploy a new variant of the Flodrix botnet.
The attackers are targeting unpatched Langflow servers exposed to the internet, taking advantage of a high-severity flaw tracked as CVE-2025-3248 (CVSS score: 9.8). This vulnerability, due to a missing authentication check, allows unauthenticated users to send specially crafted HTTP requests that trigger arbitrary code execution.
Once exploited, the attackers execute downloader scripts that retrieve and install the Flodrix malware. The payload is delivered from a remote server located at 80.66.75[.]121:25565, indicating coordination through an established command-and-control infrastructure.
Langflow addressed the issue in version 1.3.0, released in March 2025. However, many publicly accessible instances remain vulnerable, as confirmed by increased exploitation activity observed in recent weeks.
Security researchers have also noted that attackers are leveraging publicly available proof-of-concept (PoC) exploits to perform reconnaissance and deliver malicious shell scripts to vulnerable servers. These compromised systems are then conscripted into a botnet primarily used for distributed denial-of-service (DDoS) attacks.
System administrators are strongly urged to apply the latest Langflow updates and monitor for signs of unauthorized access or unexpected network traffic.
