Recent developments in the AI space range from security vulnerabilities to innovative applications and legal challenges. A significant security threat involves the Flodrix botnet, which exploits a vulnerability (CVE-2025-3248) in Langflow, a Python-based AI tool, to launch DDoS attacks. Trend Micro advises users to update to Langflow version 1.3.0 to mitigate this risk. In response to growing AI-related security concerns, F5 is collaborating with NVIDIA to enhance AI infrastructure security using F5's BIG-IP Next for Kubernetes and NVIDIA BlueField-3 DPUs, aiming to improve traffic management and reduce latency. Kusari has also launched Kusari Inspector, an AI-powered tool designed to secure software supply chains by identifying security risks in pull requests. On the application front, AI Acquisition, a UK-based firm valued at $300 million, is focused on simplifying AI adoption for businesses, while Diald AI is helping real estate developers make informed investment decisions. Bank of America has recommended several AI stocks, including Datadog, Seagate Technology, Kyndryl Holdings, and JFrog, highlighting companies integrating AI to boost earnings. In Mongolia, Egune AI, valued at $38.5 million, has developed a large language model that outperforms ChatGPT in Mongolian, supporting national identity and sovereignty. However, AI also faces challenges, including academic integrity and copyright issues. University of Hawaii professors are using handwritten exams to combat AI cheating, and professors like Melissa Ryckman are assigning in-class essays. Midjourney, an AI image generator, is being sued by Disney and Universal for copyright infringement, marking the first major studio legal action against an AI company for allegedly duplicating iconic characters. Finally, SoftBank is selling $4.8 billion in T-Mobile shares to fund AI investments, including OpenAI, as Masayoshi Son aims to advance AI reasoning capabilities.
Key Takeaways
- The Flodrix botnet exploits a vulnerability (CVE-2025-3248) in Langflow, a Python-based AI tool, to launch DDoS attacks; users should update to version 1.3.0.
- F5 and NVIDIA are collaborating to improve AI infrastructure security using F5's BIG-IP Next for Kubernetes and NVIDIA BlueField-3 DPUs.
- Kusari has launched Kusari Inspector, an AI-powered tool to secure software supply chains by identifying security risks in pull requests.
- AI Acquisition, a UK-based firm valued at $300 million, is simplifying AI adoption for businesses.
- Diald AI is using AI to help real estate developers make smarter investment decisions.
- Bank of America recommends Datadog, Seagate Technology, Kyndryl Holdings, and JFrog as AI stocks to watch.
- Egune AI, a Mongolian startup valued at $38.5 million, has developed a large language model that outperforms ChatGPT in Mongolian.
- University of Hawaii professors are using handwritten exams to combat AI cheating.
- Midjourney is being sued by Disney and Universal for copyright infringement related to AI-generated images.
- SoftBank is selling $4.8 billion in T-Mobile shares to fund AI investments, including OpenAI.
Flodrix botnet uses Langflow AI flaw for DDoS attacks
A new Flodrix botnet is exploiting a security flaw in Langflow, an AI application builder. The vulnerability, CVE-2025-3248, lets attackers run malicious code on Langflow servers. This allows them to install the Flodrix malware, which launches DDoS attacks. Trend Micro researchers found the botnet uses stealth techniques to hide its activity and is actively evolving.
Flodrix botnet exploits Langflow vulnerability to attack devices
Trend Micro warns that hackers are using a Langflow vulnerability to add devices to the Flodrix botnet. The vulnerability, CVE-2025-3248, allows attackers to run code without permission. They scan for vulnerable Langflow systems and use exploits to gain access. Once in, they install Flodrix malware, which connects to a server and waits for commands to launch DDoS attacks.
Hackers use Langflow flaw to spread Flodrix botnet
Cybercriminals are exploiting a critical flaw in Langflow, an AI framework, to spread the Flodrix botnet. They're using CVE-2025-3248 to take over Langflow servers and add them to the botnet. This botnet can launch DDoS attacks and steal data. The malware hides itself and uses encryption to avoid detection, making it a dangerous threat to unpatched systems.
Langflow flaw lets hackers unleash Flodrix botnet
Hackers are exploiting a critical vulnerability in Langflow, a Python-based AI tool, to spread the Flodrix botnet. The flaw, CVE-2025-3248, allows attackers to take control of systems and launch DDoS attacks. Trend Micro reports that hackers are using this flaw to install Flodrix malware on vulnerable servers. Users should update to Langflow version 1.3.0 to protect against these attacks.
Flodrix botnet spreads through Langflow security hole
The Flodrix botnet is spreading by exploiting a security issue in Langflow, a Python-based AI tool. The vulnerability, CVE-2025-3248, allows attackers to remotely access systems and run commands. Trend Micro reports that hackers are using this flaw to install Flodrix, which then communicates with a command server. Users are advised to update Langflow to version 1.3.0 and monitor for any signs of compromise.
Hackers exploit Langflow flaw to deploy Flodrix botnet
Hackers are actively exploiting a critical vulnerability in Langflow, tracked as CVE-2025-3248, to deploy the Flodrix botnet. This flaw allows attackers to remotely run code and install malware. They scan for vulnerable Langflow servers and use a proof-of-concept exploit to gain access. Once in, they install the Flodrix botnet, which can launch DDoS attacks. Organizations should update to Langflow version 1.3.0 to fix this issue.
F5 secures AI attack surface from LLMs to cloud
F5 is working to secure the growing AI attack surface. Chuck Herrin from F5 says companies need to understand their assets, actors, interfaces, and actions. F5's report shows that most organizations use multiple cloud environments, increasing the attack surface. As AI use grows, so do the risks of API vulnerabilities and data exposure. F5 offers solutions like its AI Gateway to help companies manage and secure their AI infrastructure.
F5 and NVIDIA boost AI with better LLM routing
F5 and NVIDIA are working together to improve AI infrastructure. F5's BIG-IP Next for Kubernetes, using NVIDIA BlueField-3 DPUs, will manage traffic and security for AI. This helps AI applications run more efficiently. Sesterce, a European AI company, has tested and validated the solution. The new system improves GPU use, reduces latency, and secures Model Context Protocol (MCP) servers.
UH professors use handwritten exams to stop AI cheating
University of Hawaii professors are using handwritten exams to prevent AI cheating. Professors like David Kirch noticed students using AI to answer essay questions. To combat this, they're requiring students to write exams in blue books. While some students support this move, others face challenges with handwriting. The university is also drafting a new policy on AI use in classrooms.
Professors fight AI plagiarism with handwritten assignments
To combat AI plagiarism, some professors are returning to handwritten assignments. Professors like Melissa Ryckman are having students write essays in class to prevent cheating. While some worry about accommodating students with disabilities, others see improvements in student engagement. The shift aims to ensure students are learning and not just copying from AI tools like ChatGPT.
AI Acquisition helps businesses adopt AI easily
AI Acquisition, a UK-based firm, is helping businesses adopt AI without needing technical skills. The company, valued at $300 million, aims to simplify AI adoption for businesses and individuals. They provide systems and training that don't require software engineering knowledge. AI Acquisition also supports a charity in Kenya, building homes and teaching AI to children.
Mongolian startup Egune AI challenges China-US AI dominance
Egune AI, a Mongolian startup, has developed a homegrown large language model. This is a significant achievement for a small nation in the AI field. The company, valued at $38.5 million, aims to protect Mongolia's national identity and sovereignty in AI. Egune AI's model outperforms ChatGPT in Mongolian language tasks and is used by government organizations and businesses.
AI helps developers avoid bad real estate investments
Diald AI is using artificial intelligence to help developers make smarter real estate investments. AI can uncover key data that might be missed, preventing costly mistakes. Experts discussed how AI can improve underwriting, valuation, and financing processes. By analyzing data and removing human bias, AI can help developers avoid doomed nine-figure investments.
Bank of America recommends 4 AI stocks to watch
Bank of America suggests investors look beyond the biggest tech companies for AI opportunities. They highlight small and mid-cap stocks that are adopting AI to boost earnings. These companies are incorporating AI into their products and services. Bank of America recommends Datadog, Seagate Technology, Kyndryl Holdings, and JFrog as top AI stock picks.
Midjourney faces Hollywood's first AI copyright lawsuit
Disney and Universal have sued Midjourney, an AI image generator, for copyright infringement. The lawsuit claims Midjourney is duplicating iconic characters like Buzz Lightyear and Yoda. This is the first time major studios have taken legal action against an AI company. The studios argue that Midjourney is profiting from unauthorized use of their intellectual property.
SoftBank sells T-Mobile stake for $4.8B to fund AI
SoftBank is selling $4.8 billion worth of T-Mobile shares to invest in artificial intelligence. The company plans to invest heavily in OpenAI and related infrastructure. Masayoshi Son aims to make AI reasoning superior to humans. The sale will help fund these ambitious AI projects.
Kusari launches AI tool to secure software supply chains
Kusari has released Kusari Inspector, an AI-powered tool to protect software supply chains. The tool analyzes pull requests to find security risks early in the development process. It identifies weaknesses, exposed secrets, and risky licenses. Kusari Inspector helps developers fix issues quickly and maintain secure code.
Sources
- New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks
- Recent Langflow Vulnerability Exploited by Flodrix Botnet
- Hackers Weaponize Langflow Vulnerability to Launch Flodrix Botnet
- Hackers Exploit Langflow Flaw to Unleash Flodrix Botnet
- Flodrix botnet deployed via Langflow security issue
- Hackers Actively Exploiting Langflow RCE Vulnerability to Deploy Flodrix Botnet
- From LLMs to Cloud Infrastructure: F5 Aims to Secure the New AI Attack Surface
- F5, NVIDIA Expand AI Infrastructure with Enhanced LLM Routing and Security
- Denby Fawcett: UH Professors Turn To Handwritten Exams To Thwart AI Cheating
- Amid AI Plagiarism, More Professors Turn to Handwritten Work
- AI Acquisition Announces Early Progress in Supporting Practical AI Adoption for Businesses
- Tiny Startup Brings Homegrown AI to Mongolia, Avoiding China-US Dominance
- How AI Can Save Developers From Doomed Nine-Figure Investments
- Bank of America is bullish on these 4 under-the-radar AI stocks
- Why Midjourney Made the Perfect Target for Hollywood’s First AI Lawsuit
- SoftBank Sells T-Mobile Stake for $4.8 Billion to Fund AI Push
- Kusari debuts AI-powered pull request security tool for software supply chain protection