• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Sq Magazine LogoSQ Magazine

Smarter Insights for a Fast-Moving Digital World

  • Latest News
  • Statistics
  • About
  • Contact
Subscribe
Sq Magazine Logo
  • Latest News
  • Statistics
  • About
  • Contact
Subscribe
Home » Cybersecurity

Langflow Flaw Exploited to Steal AWS Keys and Deploy Botnet

Published on: May 14, 2026
Sofia Ramirez
Written By
Sofia Ramirez
Sofia Ramirez
Senior Tech Writer • 473 Articles
Sofia Ramirez is a technology and cybersecurity writer at SQ Magazine. With a keen eye on emerging threats and innovations, she helps reader...
LATEST POSTS:
PamStealer Malware Verifies Stolen Mac Passwords Live
Google, FBI Disrupt NetNut Residential Proxy Network
India Drafts Stricter Rules for VPN Providers: Report
Robert A. Lee
Reviewed By
Robert A. Lee
Robert A. Lee
Senior Editor • 396 Articles
Robert A. Lee is a journalist at SQ Magazine who unpacks the fast-moving worlds of gaming and internet trends. He tracks everything from maj...
LATEST POSTS:
Spotify vs Apple Music Statistics 2026: Subscribers, Revenue, Market Share
How UK Online Casino Regulation Compares to the Rest of Europe
Time Spent on TikTok Statistics 2026: Daily Minutes by Age
Langflow Flaw Exploited To Steal Aws Keys
As Featured In
The New York Times LogoForbes LogoWired LogoDeloitte LogoResearch.com Logo
Share on LinkedIn ChatGPT Perplexity Share on X Share on Facebook

A newly exploited vulnerability in Langflow is being used by attackers to steal AWS credentials, abuse cloud services, and deploy a stealthy NATS based worker botnet across compromised systems.

Quick Summary – TLDR:

  • Attackers are exploiting CVE-2026-33017, a critical Langflow vulnerability tied to unauthenticated remote code execution.
  • Stolen AWS keys are being used to access cloud resources, query AI services, and deploy botnet workers.
  • Researchers linked the campaign to a NATS powered infrastructure called KeyHunter.
  • Security experts warn that exposed AI workflow tools are becoming a major target for cloud credential theft.

What Happened?

Security researchers have uncovered an active campaign targeting vulnerable Langflow instances exposed to the internet. The attacks exploit CVE-2026-33017, a recently disclosed flaw that allows attackers to execute Python code remotely without authentication.

According to reports from Sysdig Threat Research Team and coverage by gbHackers, attackers are abusing the vulnerability to extract sensitive environment variables, including active AWS access credentials, directly from compromised systems.

CVE-2026-42048 Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowledge Bases API (DE… https://t.co/XQIV9orQms

— CVE (@CVEnew) May 12, 2026

How the Langflow Exploit Works?

The vulnerability exists in a public Langflow API endpoint that can be accessed without login credentials. By sending specially crafted requests to the vulnerable endpoint, attackers can execute commands inside the Langflow container and dump environment variables stored by the application.

Researchers said the attackers specifically searched for credentials such as:

  • AWS_ACCESS_KEY_ID
  • AWS_SECRET_ACCESS_KEY
  • Session tokens and cloud authentication variables

Once stolen, the credentials were immediately validated using the AWS sts:GetCallerIdentity API to confirm they were active.

The attackers then began cloud reconnaissance operations that included:

  • Listing S3 buckets
  • Enumerating EC2 instances
  • Querying IAM permissions
  • Accessing AWS Bedrock services
  • Checking Lambda and logging services

Researchers observed attempts to interact with premium AI models through AWS Bedrock, suggesting the attackers may have been trying to run expensive AI workloads using stolen cloud accounts.

KeyHunter Botnet Activity Emerges

One of the most concerning parts of the campaign is the deployment of a worker framework known as KeyHunter. The tooling appears designed to turn compromised systems into nodes within a larger credential harvesting network.

Researchers found that the attackers downloaded both Python and Go based worker payloads shortly after gaining access to vulnerable Langflow servers.

The malware connects to a NATS messaging server located at 45.192.109.25:14222, where workers receive commands and return harvested data. Instead of using a traditional command and control panel, the attackers rely on NATS, a lightweight messaging platform commonly used in distributed applications.

The worker infrastructure reportedly supports tasks such as:

  • Validating AWS credentials.
  • Testing OpenAI and Anthropic API keys.
  • Scraping websites for exposed secrets.
  • Collecting cloud development credentials.
  • Coordinating worker activity through subject based channels.

Researchers noted that the attackers even configured subject level permissions inside the NATS server to limit worker visibility and improve operational security.

Newsletter
Subscribe To Our Newsletter!

Be the first to get exclusive offers and the latest news.

Attackers Attempted Container Escape

The investigation also revealed attempts to escalate access beyond the compromised Langflow container itself.

According to Sysdig researchers, the attackers attempted to use known Linux privilege escalation techniques including DirtyPipe and DirtyCred. These exploits are commonly used to break out of containers and gain deeper access to the host system.

Although some of the Go based payloads reportedly failed due to memory limitations, the attackers successfully continued operations using Python workers.

Why AI Workflow Tools Are Becoming Targets?

The campaign highlights growing risks around internet exposed AI orchestration platforms like Langflow.

These tools often have deep access to:

  • Cloud environments
  • AI APIs
  • Databases
  • Development pipelines
  • Sensitive environment variables

A single vulnerable endpoint can therefore expose an entire cloud environment to attackers. Security researchers warn that AI workflow platforms are increasingly attractive targets because they centralize access to multiple services and credentials.

The inclusion of CVE-2026-33017 in the CISA Known Exploited Vulnerabilities catalog further signals the seriousness of the issue.

Recommended Security Measures

Researchers recommend that organizations immediately update Langflow instances to patched versions and rotate any credentials that may have been exposed.

Additional recommendations include:

  • Restricting public access to Langflow APIs.
  • Monitoring CloudTrail logs for unusual AWS activity.
  • Blocking outbound connections to suspicious NATS servers.
  • Applying least privilege IAM policies.
  • Tightening egress filtering for AI infrastructure.
  • Auditing exposed environment variables inside containers.

Security teams are also advised to monitor for suspicious Bedrock activity and unexpected sts:GetCallerIdentity API calls, which may indicate credential validation attempts.

SQ Magazine Takeaway

I think this incident is another warning sign that AI infrastructure is quickly becoming one of the biggest targets in cloud security. Tools like Langflow make AI development easier, but they also concentrate massive amounts of access in one place. A single exposed endpoint was enough here to expose AWS accounts, AI services, and cloud resources in minutes.

What stands out most is how organized this operation looks. The attackers were not simply stealing credentials. They were building a scalable worker network designed for long term cloud abuse and AI resource hijacking. Companies deploying AI workflow platforms now need to treat them with the same security priority as production cloud infrastructure.

This article has been reviewed and fact-checked by Robert A. Lee. SQ Magazine follows strict Publishing Principles and a documented Fact-Check Policy to ensure accuracy, transparency, and editorial independence across all content.

Add SQ Magazine as a Preferred Source on Google for updates! Follow on Google News
Share ChatGPT Perplexity

References

  • CVE-2026-33017 Details
Sofia Ramirez

Sofia Ramirez

Senior Tech Writer


Sofia Ramirez is a technology and cybersecurity writer at SQ Magazine. With a keen eye on emerging threats and innovations, she helps readers stay informed and secure in today’s fast-changing tech landscape. Passionate about making cybersecurity accessible, Sofia blends research-driven analysis with straightforward explanations; so whether you’re a tech professional or a curious reader, her work ensures you’re always one step ahead in the digital world.

Related Posts

Aws Codebreach Bug Exposed Millions
Cybersecurity

AWS CodeBreach Bug Exposed Millions to Potential Supply Chain Attack

Crimson Collective Exploits Aws Cloud
Cybersecurity

Crimson Collective Breaches Cloud Defenses with Advanced AWS Exploits

N8n Rce Threat Affects Thousands Of Systems
Cybersecurity

Massive RCE Threat in n8n Platform Impacts Thousands of Exposed Systems

Disclaimer: The content published on SQ Magazine is for informational and educational purposes only. Please verify details independently before making any important decisions based on our content.

Reader Interactions

Leave a Comment Cancel reply

Primary Sidebar

Connect With Us

facebook x linkedin google-news telegram pinterest whatsapp email
google-preferred-source-badge Add as a preferred source on Google

You Should Also Read

LangGraph and LangChain Bugs Leak Sensitive Enterprise Data
Cursor AI Flaw Lets Hackers Steal API Keys and Run Code Silently
Critical Argument Injection Flaw Lets Hackers Hijack AI Agents

Table of Contents

  • Quick Summary – TLDR:
  • What Happened?
  • How the Langflow Exploit Works?
  • KeyHunter Botnet Activity Emerges
  • Attackers Attempted Container Escape
  • Why AI Workflow Tools Are Becoming Targets?
  • Recommended Security Measures
  • SQ Magazine Takeaway
Connect on Telegram

Footer

SQ Magazine Logo

Smarter Insights for a Fast-Moving Digital World

Connect With Us

Follow Us on Google News

Editorial & Trust

  • About
  • Publishing Principles
  • Fact-Check Policy
  • Corrections Policy
  • Ethics Policy
  • Disclaimer

Worth Checking

  • Social Media Attention Span Stats
  • Gen Z Social Media Statistics
  • TikTok vs. Instagram Statistics
  • LLM Hallucination Statistics
  • Spotify User Statistics
  • Apple Customer Loyalty Statistics
Contact Us
13570 Grove Dr #189,
Maple Grove, MN 55311,
United States
10 a.m. to 6 p.m. | Every day

Copyright © 2022–2026 SQ Magazine. All Rights Reserved. Powered by the Neural Stack.

  • Privacy Policy
  • Terms
  • Accessibility Statement
Company
  • About Us
  • Our Team
  • Our Mission
  • Core Values
Discover
  • Brand Assets
    Brand Assets
  • Stats Methodology
    Stats Research Process
  • Glossary
    Glossary
Categories
  • Internet
  • Technology
  • Artificial Intelligence
  • Gaming
  • Cybersecurity
Internet
Spotify vs Apple Music Statistics
Spotify vs Apple Music Statistics 2026: Subscribers, Revenue, Market Share
Time Spent on TikTok Statistics
Time Spent on TikTok Statistics 2026: Daily Minutes by Age
Google Workspace Statistics
Google Workspace Statistics 2026: Users, Market Share and AI
YouTube vs TikTok Statistics
YouTube vs TikTok Statistics 2026: Users, Revenue, Creator Economy
Internet Outage Statistics
Internet Outage Statistics 2026: Frequency, Cost and Causes
Upwork Statistics
Upwork Statistics 2026: Revenue, GSV, AI Work
Technology
Google Cloud Platform Statistics
Google Cloud Platform Statistics 2026: Market Growth
Asana Statistics
Asana Statistics 2026: Revenue, Customers, AI ARR and Market Share
AWS Statistics
AWS Statistics 2026: Revenue, Market Share and AI Growth
Adobe Creative Cloud Statistics
Adobe Creative Cloud Statistics 2026: Subscribers, Revenue and Market Share
Adobe Statistics
Adobe Statistics 2026: Revenue, ARR, and Workforce Data
Employee Productivity Statistics
Employee Productivity Statistics 2026: Engagement, Costs & Trends
Artificial Intelligence
Grammarly AI Statistics
Grammarly AI Statistics 2026: Users, Revenue, Funding, Rebrand
Copilot Statistics
Copilot Statistics 2026: Users, Adoption, Revenue and Market Share
AI Image Generation Statistics
AI Image Generation Statistics 2026: Market Size, Adoption & Risks
Machine Learning Adoption
Machine Learning Adoption in 2026: What Businesses Need to Know
AI Influencer Marketing Statistics
AI Influencer Marketing Statistics: Market Size and Engagement
AI Market Statistics
AI Market Statistics 2026: Size, Growth & Investment
Gaming
Online Gambling Regulations Statistics
Online Gambling Regulations Statistics 2026: Global Compliance and Enforcement Data
Fantasy Sports Statistics
Fantasy Sports Statistics 2026: Users, Revenue & Trends
Apex Legends Statistics
Apex Legends Statistics 2026: Players, Revenue, and Esports
Fortnite Statistics
Fortnite Statistics 2026: Players, Revenue, Esports, and Engagement
Gamers Statistics
Gamers Statistics 2026: Players, Habits & Global Data
Minecraft Statistics
Minecraft Statistics 2026: 300 Million Copies Sold & 212M Monthly Players
Cybersecurity
Password Statistics
Password Statistics 2026: Credential Theft, MFA, and the Passkey Tipping Point
Identity Theft Statistics
Identity Theft Statistics 2026: Key Fraud Data and Trends
CVE Statistics
CVE Statistics 2026: Severity Distribution and Top Affected Vendors
Dark Web AI Tool Marketplace Statistics
Dark Web AI Tool Marketplace Statistics 2026: Explosive Market Growth
API Security Breach Statistics
API Security Breach Statistics 2026: Hidden Threats
AI Voice Cloning Fraud Statistics
AI Voice Cloning Fraud Statistics 2026: Alarming Trends You Must Know Now
Categories
  • Cybersecurity
  • Artificial Intelligence
  • Internet
  • Technology
  • Gaming
Cybersecurity
Pamstealer Macos Malware Exposed
PamStealer Malware Verifies Stolen Mac Passwords Live
Google Fbi Disrupt Netnut Residential Proxy Network
Google, FBI Disrupt NetNut Residential Proxy Network
India Drafts Stricter Rules For Vpn Providers
India Drafts Stricter Rules for VPN Providers: Report
Cisco Confirms Active Exploits Of Unified Cm Flaw
Cisco Confirms Active Exploits of Unified CM Flaw
Medtronic Confirms Shinyhunters Data Breach
Medtronic Notifies Patients of ShinyHunters Data Breach
India Orders Whatsapp To Pause Username Rollout
India Orders WhatsApp to Pause Username Rollout
Artificial Intelligence
Terawulf Signs 20 Year 19 Billion Anthropic Lease
TeraWulf Signs 20-Year, $19 Billion Anthropic Lease
Microsoft Launches Frontier Company
Microsoft Launches Frontier Company With $2.5B Bet
Openai Proposes 5 U S Government Equity Stake
OpenAI Proposes 5% U.S. Government Equity Stake
Meta Plans Cloud Business To Sell Excess Ai Compute
Meta Plans Cloud Business to Sell Excess AI Compute
Anthropic Receives Green Signal For Fable 5 And Mythos Release
Anthropic Restores Claude Fable 5 After Export Ban Lifts
Anthropic Unveils Claude Science
Anthropic Unveils Claude Science to Transform Research
Internet
Whatsapp Launches Username Reservation Feature
WhatsApp Opens Username Reservations for Its 3 Billion Users
Chrome 149 Update Fixes Serious Vulnerabilities
Google Chrome 149 Fixes 18 Serious Security Flaws
Meta Hands Whatsapp Reins To Cred Founder Kunal Shah
Meta Hands WhatsApp Reins to CRED Founder Kunal Shah
Major X Outage Disrupts Users Worldwide
Major X Outage Disrupts Users Worldwide, Service Restored
Meta Adds 13 Plus Age Verification For Teen Safety
Meta Adds 13+ Content Settings and AI Age Checks for Teens
Telegram Restricted In India Temporarily
Telegram Restricted in India as NEET Fraud Crackdown Grows
Technology
Chrome Update Fixes 382 Vulnerabilities
Chrome 150 Patches 382 Security Fixes, 15 Critical
Apple Leak Reveals Six New Iphones For 2027
Massive Apple Leak Reveals Six New iPhones for 2027
Google Finance Comes Out Of Beta With Android App
Google Finance Gets Major AI Upgrade and New Android App
Windows Recycle Bin Bug Confirmed After June Security Update
Windows Recycle Bin Bug Confirmed After June Security Update
Apple Urgently Fixes Beats Studio Buds Bug
Apple Urgently Fixes Beats Studio Buds Bug That Enabled Spying
Google Launches Android 17 With Gemini And Advanced Security
Android 17 Is Here With Powerful AI Features and Security Boosts
Gaming
Gta Vi Official Cover Art
GTA 6 Pre-Orders Start June 25, New Cover Art Unveiled
Epic Games Teases Unreal Engine 6 For Rocket League
Epic Games Teases Unreal Engine 6 for Rocket League
Stardew Valley Launched For Nintendo Switch 2 Edition
Stardew Valley Switch 2 Edition Arrives with Online Co-op
Hogwarts Legacy Game Crosses 40m Downloads
Hogwarts Legacy Crosses 40M Sales, Beating Industry Giants
Pubg Black Budget Closed Alpha Launched
PUBG: Black Budget Launches Closed Alpha Test With a Bold PvPvE Twist
Counter Strike 2 Skin Market Crashes After Valve Update
Counter-Strike 2’s $5.9 Billion Skin Economy Just Got Shattered
Newsletter

Subscribe To Our Newsletter!

Be the first to get exclusive offers and the latest news.

Newsletter

Subscribe To Our Newsletter!

Be the first to get exclusive offers and the latest news.