Nvidia, Midjourney Face AI Security, Legal Challenges

Recent developments in the AI space range from security vulnerabilities to innovative applications and legal challenges. A significant security threat involves the Flodrix botnet, which exploits a vulnerability (CVE-2025-3248) in Langflow, a Python-based AI tool, to launch DDoS attacks. Trend Micro advises users to update to Langflow version 1.3.0 to mitigate this risk. In response to growing AI-related security concerns, F5 is collaborating with NVIDIA to enhance AI infrastructure security using F5's BIG-IP Next for Kubernetes and NVIDIA BlueField-3 DPUs, aiming to improve traffic management and reduce latency. Kusari has also launched Kusari Inspector, an AI-powered tool designed to secure software supply chains by identifying security risks in pull requests. On the application front, AI Acquisition, a UK-based firm valued at $300 million, is focused on simplifying AI adoption for businesses, while Diald AI is helping real estate developers make informed investment decisions. Bank of America has recommended several AI stocks, including Datadog, Seagate Technology, Kyndryl Holdings, and JFrog, highlighting companies integrating AI to boost earnings. In Mongolia, Egune AI, valued at $38.5 million, has developed a large language model that outperforms ChatGPT in Mongolian, supporting national identity and sovereignty. However, AI also faces challenges, including academic integrity and copyright issues. University of Hawaii professors are using handwritten exams to combat AI cheating, and professors like Melissa Ryckman are assigning in-class essays. Midjourney, an AI image generator, is being sued by Disney and Universal for copyright infringement, marking the first major studio legal action against an AI company for allegedly duplicating iconic characters. Finally, SoftBank is selling $4.8 billion in T-Mobile shares to fund AI investments, including OpenAI, as Masayoshi Son aims to advance AI reasoning capabilities.

Key Takeaways

  • The Flodrix botnet exploits a vulnerability (CVE-2025-3248) in Langflow, a Python-based AI tool, to launch DDoS attacks; users should update to version 1.3.0.
  • F5 and NVIDIA are collaborating to improve AI infrastructure security using F5's BIG-IP Next for Kubernetes and NVIDIA BlueField-3 DPUs.
  • Kusari has launched Kusari Inspector, an AI-powered tool to secure software supply chains by identifying security risks in pull requests.
  • AI Acquisition, a UK-based firm valued at $300 million, is simplifying AI adoption for businesses.
  • Diald AI is using AI to help real estate developers make smarter investment decisions.
  • Bank of America recommends Datadog, Seagate Technology, Kyndryl Holdings, and JFrog as AI stocks to watch.
  • Egune AI, a Mongolian startup valued at $38.5 million, has developed a large language model that outperforms ChatGPT in Mongolian.
  • University of Hawaii professors are using handwritten exams to combat AI cheating.
  • Midjourney is being sued by Disney and Universal for copyright infringement related to AI-generated images.
  • SoftBank is selling $4.8 billion in T-Mobile shares to fund AI investments, including OpenAI.

Flodrix botnet uses Langflow AI flaw for DDoS attacks

A new Flodrix botnet is exploiting a security flaw in Langflow, an AI application builder. The vulnerability, CVE-2025-3248, lets attackers run malicious code on Langflow servers. This allows them to install the Flodrix malware, which launches DDoS attacks. Trend Micro researchers found the botnet uses stealth techniques to hide its activity and is actively evolving.

Flodrix botnet exploits Langflow vulnerability to attack devices

Trend Micro warns that hackers are using a Langflow vulnerability to add devices to the Flodrix botnet. The vulnerability, CVE-2025-3248, allows attackers to run code without permission. They scan for vulnerable Langflow systems and use exploits to gain access. Once in, they install Flodrix malware, which connects to a server and waits for commands to launch DDoS attacks.

Hackers use Langflow flaw to spread Flodrix botnet

Cybercriminals are exploiting a critical flaw in Langflow, an AI framework, to spread the Flodrix botnet. They're using CVE-2025-3248 to take over Langflow servers and add them to the botnet. This botnet can launch DDoS attacks and steal data. The malware hides itself and uses encryption to avoid detection, making it a dangerous threat to unpatched systems.

Langflow flaw lets hackers unleash Flodrix botnet

Hackers are exploiting a critical vulnerability in Langflow, a Python-based AI tool, to spread the Flodrix botnet. The flaw, CVE-2025-3248, allows attackers to take control of systems and launch DDoS attacks. Trend Micro reports that hackers are using this flaw to install Flodrix malware on vulnerable servers. Users should update to Langflow version 1.3.0 to protect against these attacks.

Flodrix botnet spreads through Langflow security hole

The Flodrix botnet is spreading by exploiting a security issue in Langflow, a Python-based AI tool. The vulnerability, CVE-2025-3248, allows attackers to remotely access systems and run commands. Trend Micro reports that hackers are using this flaw to install Flodrix, which then communicates with a command server. Users are advised to update Langflow to version 1.3.0 and monitor for any signs of compromise.

Hackers exploit Langflow flaw to deploy Flodrix botnet

Hackers are actively exploiting a critical vulnerability in Langflow, tracked as CVE-2025-3248, to deploy the Flodrix botnet. This flaw allows attackers to remotely run code and install malware. They scan for vulnerable Langflow servers and use a proof-of-concept exploit to gain access. Once in, they install the Flodrix botnet, which can launch DDoS attacks. Organizations should update to Langflow version 1.3.0 to fix this issue.

F5 secures AI attack surface from LLMs to cloud

F5 is working to secure the growing AI attack surface. Chuck Herrin from F5 says companies need to understand their assets, actors, interfaces, and actions. F5's report shows that most organizations use multiple cloud environments, increasing the attack surface. As AI use grows, so do the risks of API vulnerabilities and data exposure. F5 offers solutions like its AI Gateway to help companies manage and secure their AI infrastructure.

F5 and NVIDIA boost AI with better LLM routing

F5 and NVIDIA are working together to improve AI infrastructure. F5's BIG-IP Next for Kubernetes, using NVIDIA BlueField-3 DPUs, will manage traffic and security for AI. This helps AI applications run more efficiently. Sesterce, a European AI company, has tested and validated the solution. The new system improves GPU use, reduces latency, and secures Model Context Protocol (MCP) servers.

UH professors use handwritten exams to stop AI cheating

University of Hawaii professors are using handwritten exams to prevent AI cheating. Professors like David Kirch noticed students using AI to answer essay questions. To combat this, they're requiring students to write exams in blue books. While some students support this move, others face challenges with handwriting. The university is also drafting a new policy on AI use in classrooms.

Professors fight AI plagiarism with handwritten assignments

To combat AI plagiarism, some professors are returning to handwritten assignments. Professors like Melissa Ryckman are having students write essays in class to prevent cheating. While some worry about accommodating students with disabilities, others see improvements in student engagement. The shift aims to ensure students are learning and not just copying from AI tools like ChatGPT.

AI Acquisition helps businesses adopt AI easily

AI Acquisition, a UK-based firm, is helping businesses adopt AI without needing technical skills. The company, valued at $300 million, aims to simplify AI adoption for businesses and individuals. They provide systems and training that don't require software engineering knowledge. AI Acquisition also supports a charity in Kenya, building homes and teaching AI to children.

Mongolian startup Egune AI challenges China-US AI dominance

Egune AI, a Mongolian startup, has developed a homegrown large language model. This is a significant achievement for a small nation in the AI field. The company, valued at $38.5 million, aims to protect Mongolia's national identity and sovereignty in AI. Egune AI's model outperforms ChatGPT in Mongolian language tasks and is used by government organizations and businesses.

AI helps developers avoid bad real estate investments

Diald AI is using artificial intelligence to help developers make smarter real estate investments. AI can uncover key data that might be missed, preventing costly mistakes. Experts discussed how AI can improve underwriting, valuation, and financing processes. By analyzing data and removing human bias, AI can help developers avoid doomed nine-figure investments.

Bank of America recommends 4 AI stocks to watch

Bank of America suggests investors look beyond the biggest tech companies for AI opportunities. They highlight small and mid-cap stocks that are adopting AI to boost earnings. These companies are incorporating AI into their products and services. Bank of America recommends Datadog, Seagate Technology, Kyndryl Holdings, and JFrog as top AI stock picks.

Midjourney faces Hollywood's first AI copyright lawsuit

Disney and Universal have sued Midjourney, an AI image generator, for copyright infringement. The lawsuit claims Midjourney is duplicating iconic characters like Buzz Lightyear and Yoda. This is the first time major studios have taken legal action against an AI company. The studios argue that Midjourney is profiting from unauthorized use of their intellectual property.

SoftBank sells T-Mobile stake for $4.8B to fund AI

SoftBank is selling $4.8 billion worth of T-Mobile shares to invest in artificial intelligence. The company plans to invest heavily in OpenAI and related infrastructure. Masayoshi Son aims to make AI reasoning superior to humans. The sale will help fund these ambitious AI projects.

Kusari launches AI tool to secure software supply chains

Kusari has released Kusari Inspector, an AI-powered tool to protect software supply chains. The tool analyzes pull requests to find security risks early in the development process. It identifies weaknesses, exposed secrets, and risky licenses. Kusari Inspector helps developers fix issues quickly and maintain secure code.

Sources

Flodrix botnet Langflow CVE-2025-3248 DDoS attacks Vulnerability Exploit Malware Trend Micro AI security F5 NVIDIA LLM routing Kubernetes BlueField-3 DPUs AI infrastructure Handwritten exams AI cheating Plagiarism AI Acquisition AI adoption Egune AI Mongolian startup Large language model Real estate investments Diald AI AI stocks Bank of America Midjourney Copyright lawsuit AI image generator SoftBank OpenAI Kusari Software supply chain security AI tool