New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks

/in

Cybersecurity researchers have called attention to a new campaign that’s actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware.
“Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn fetch and install the Flodrix malware,” Trend Micro researchers Aliakbar Zahravi, Ahmed Mohamed

The Hacker News – ​Read More

Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers

/in

CISA warns that a vulnerability impacting multiple discontinued TP-Link router models is exploited in the wild.

The post Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers appeared first on SecurityWeek.

SecurityWeek – ​Read More

TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert

/in

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw in TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. 
The vulnerability in question is CVE-2023-33538 (CVSS score: 8.8), a command injection bug that could result in the execution of arbitrary system commands when

The Hacker News – ​Read More

Asus Armoury Crate Vulnerability Leads to Full System Compromise

/in

A high-severity authorization bypass vulnerability in Asus Armoury Crate provides attackers with low-level system privileges.

The post Asus Armoury Crate Vulnerability Leads to Full System Compromise appeared first on SecurityWeek.

SecurityWeek – ​Read More

Recent Langflow Vulnerability Exploited by Flodrix Botnet

/in

A critical Langflow vulnerability tracked as CVE-2025-3248 has been exploited to ensnare devices in the Flodrix botnet.

The post Recent Langflow Vulnerability Exploited by Flodrix Botnet appeared first on SecurityWeek.

SecurityWeek – ​Read More

Google to scale up AI-powered fraud detection and security operations in India

/in

Google has unveiled its Safety Charter in India, which will expand its AI-led developments for fraud detection and combating scams across the country, the company’s largest market outside the United States. Digital fraud in India is rising. Fraud related to the Indian government’s instant payment system UPI grew 85% year-over-year to nearly 11 billion Indian […]

Security News | TechCrunch – ​Read More

Meta Starts Showing Ads on WhatsApp After 6-Year Delay From 2018 Announcement

/in

Meta Platforms on Monday announced that it’s bringing advertising to WhatsApp, but emphasized that the ads are “built with privacy in mind.”
The ads are expected to be displayed on the Updates tab through its Stories-like Status feature, which allows ephemeral sharing of photos, videos, voice notes, and text for 24 hours. These efforts are “rolling out gradually,” per the company.
The media

The Hacker News – ​Read More

Minnesota Shooting Suspect Allegedly Used Data Broker Sites to Find Targets’ Addresses

/in

The shooter allegedly researched several “people search” sites in an attempt to target his victims, highlighting the potential dangers of widely available personal data.

Security Latest – ​Read More

Cutting cloud waste at scale: Akamai saves 70% using AI agents orchestrated by kubernetes

/in

VentureBeat/Midjourney

Akamai needed a Kubernetes automation platform that optimized the costs of running its core infrastructure in real time on several clouds.Read More

Security News | VentureBeat – ​Read More

Kali Linux gets a UI refresh, new tools, and an updated car hacking toolset

/in

The ever-popular penetration testing Linux distribution is now better refined for ethical hacking, penetration testing, audits, and network research.

Latest stories for ZDNET in Security – ​Read More