{"uuid": "deb017b2-4f55-493d-a8c1-7e4593987afd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3248", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mpqqb2mva72c", "content": "JadePuffer exploited CVE-2025-3248 in Langflow to use an LLM for recon, secret theft, and persistence, then pivoted to a production server, abusing Nacos before encrypting config data and dropping an extortion note. #Langflow #Nacos #Ransomware", "creation_timestamp": "2026-07-03T14:15:21.560210Z"}