CVE-2025-3248 in Langflow Exploited to Deploy Flodrix Botnet - SOCRadar® Cyber Intelligence Inc.

Threat actors are exploiting CVE-2025-3248, a critical RCE vulnerability in Langflow, to deploy the Flodrix botnet. The botnet, a variant of LeetHozer, enables DDoS attacks, self-destruction, and anti-forensics capabilities. Organizations should upgrade to Langflow 1.3.0 or newer, configure private networks, and monitor for suspicious activity to mitigate the risk.