LIVE FEED
CVE-2026-5027: Langflow RCE Actively Exploited

CVE-2026-5027: Langflow RCE Actively Exploited

ATLAS OWASP CRITICAL Active exploitation · Immediate action required ▲ 9.2 The Hacker News

A critical unpatched path traversal vulnerability (CVE-2026-5027, CVSS 8.8) in Langflow, a widely-used open-source AI application builder, is being actively exploited in the wild to achieve unauthenticated remote code execution. Because Langflow enables auto-login by default, attackers require no credentials to reach the vulnerable endpoint and can exploit it with a single HTTP request. With approximately 7,000 publicly exposed Langflow instances and nation-state actors already targeting related Langflow flaws, the risk to AI development infrastructure is severe.

Claude Mythos Unauthorized Access Exposes AI Security

Claude Mythos Unauthorized Access Exposes AI Security

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.2 The Hacker News

A reported unauthorized access to Anthropic's Claude Mythos model within hours of its limited technical preview highlights acute security risks as agentic AI is deployed across classified defense and intelligence networks. The incident underscores vulnerabilities specific to AI infrastructure in high-security environments, including training data poisoning, access control failures, and cross-domain classification boundary erosion. Secure IT infrastructure, governed access, and cross-domain data controls are identified as prerequisites for safe AI deployment at mission scale.

ComfyUI RCE Exploited in Cryptomining Botnet Campaign

ComfyUI RCE Exploited in Cryptomining Botnet Campaign

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.2 The Hacker News

Threat actors are actively exploiting internet-exposed ComfyUI instances — a popular AI image generation platform — by abusing its custom node execution feature to achieve unauthenticated remote code execution. Over 1,000 publicly accessible instances have been identified as targets, with compromised hosts enrolled in Monero and Conflux cryptomining operations and a Hysteria V2 proxy botnet. The attack highlights critical supply chain and insecure plugin design risks inherent in AI/ML tooling ecosystems.

Claude Source Code Leak Reveals AI Supply Chain Risk

Claude Source Code Leak Reveals AI Supply Chain Risk

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 8.2 Dark Reading

A reported source code leak affecting Claude, Anthropic's large language model, underscores systemic weaknesses in AI software supply chains and the absence of robust oversight mechanisms at critical development and distribution layers. The incident highlights how proprietary model code, training pipelines, and system prompts can become high-value targets for adversarial actors seeking to enable model theft, backdoor insertion, or competitive intelligence gathering. This event serves as a broader warning about treating AI development infrastructure with the same rigor applied to other critical systems.

◉ AI THREAT BRIEFING

Stay ahead of the threat.

Twice-weekly digest of critical AI security developments — every story mapped to MITRE ATLAS and OWASP LLM Top 10. Free.

No spam. Unsubscribe anytime.