LevelBlue says QuimaRAT uses encrypted plugins, OS-specific persistence, and JNA libraries to control Windows, Linux, and ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.