Daily Threat Briefing
Diamond Trail

Cyware Daily Threat Intelligence - June 23, 2026

shutterstock 2151784445

Attackers are turning exposed AI endpoints into cryptocurrency-mining engines, with CVE-2026-33017 at the center of a campaign that hijacks Langflow servers and drives up cloud costs. Cyware.com highlights how a single unauthenticated POST request can trigger a chain reaction—droppers, persistence, and lateral movement—leaving organizations with degraded performance and a risk of deeper compromise.

On macOS, a new threat called FlutterShell is hiding in plain sight by leveraging the Flutter framework and ramping up obfuscation by 669%. This malware keeps its payloads off-disk until runtime, making detection difficult and allowing infections to slip past automated defenses until they reach a live system.

A global WhatsApp campaign is using trusted contacts and multilingual lures to trick users into running scripts that install legitimate remote management tools under attacker control. With a significant concentration of victims in Malaysia and filenames localized in four languages, this operation blurs the line between IT administration and intrusion, leaving users exposed to persistent unauthorized access.

Top Malware Reported in the Last 24 Hours

CVE-2026-33017 cryptominers hit Langflow servers

CVE-2026-33017 is a remote code execution vulnerability exploited to convert exposed Langflow instances into cryptocurrency-mining infrastructure. CVE-2026-33017 enables attackers to trigger an unauthenticated POST to /api/v1/build_public_tmp/{flow_id}/, download a dropper, and deploy a binary that disables security controls, establishes persistence, and connects to a command-and-control server. CVE-2026-33017 allows lateral movement by reusing SSH keys, expanding a single exposed endpoint into a broader network foothold. Attackers deliver the initial payload via public-facing app exploitation, then move laterally using credential access and SSH. CVE-2026-33017 primarily targets organizations running Langflow, impacting cloud costs and performance. Trend Micro discovered this campaign and mapped it to techniques including resource hijacking and credential access.

FlutterShell macOS malware hides via Flutter

FlutterShell is a macOS malware family classified as a stealthy loader that leverages the Flutter framework to evade detection. FlutterShell keeps its most suspicious behavior off-disk until runtime, using a C2-conditional model where JavaScript payloads execute inside a WKWebView-based WebView. FlutterShell employs certificate rotation to self-signed artifacts and full Dart obfuscation, resulting in a 669% increase in obfuscated Dart symbols and renamed JavaScript bridge commands. FlutterShell infects macOS systems, with researchers analyzing ten Mach-O samples across three generations and identifying architecture-keyed clusters for x86_64 and arm64. FlutterShell targets Mac users and businesses, increasing the risk of undetected infections. Researchers tracked FlutterShell through March 2026 using structural hashing and binary analysis.

WhatsApp lure installs legitimate admin tools

A WhatsApp-driven malware campaign uses social engineering to deliver malicious VBScript attachments that install legitimate remote management software under attacker control. The campaign sends messages from known contacts, often without text, and localizes filenames into Portuguese, French, German, and Malay to increase success rates. The scripts download additional components, obfuscate code with randomized variable names and fake Windows Update comments, and suppress Windows prompts while deploying a pre-configured ManageEngine Endpoint Central package. The campaign impacts users globally, with a significant concentration in Malaysia. Attribution remains uncertain, with a suspected Chinese-speaking operator, and victims face persistent remote access that mimics ordinary IT administration.

Top Vulnerabilities Reported in Last 24 hours

CVE-2026-33017: Remote code execution in Langflow AI (CVSS 9.8)

CVE-2026-33017 is an unauthenticated remote code execution vulnerability in the Langflow AI application framework with a CVSS score of 9.8. CVE-2026-33017 allows attackers to run arbitrary code and install cryptocurrency miners, leading to persistent resource hijacking and degraded system performance. CVE-2026-33017 is actively exploited in the wild. Trend Micro reported the campaign, detailing an attack chain involving the isp.sh dropper and lambsys binary, with SSH key reuse enabling lateral movement. Organizations should patch exposed Langflow instances to prevent exploitation, as prior issues like CVE-2025-3248 show repeated targeting of AI endpoints.

CVE-2026-8461: FFmpeg “PixelSmash” bug (CVSS 8.8)

CVE-2026-8461 is a heap buffer overflow vulnerability in the MagicYUV decoder of FFmpeg (libavcodec) with a CVSS score of 8.8. CVE-2026-8461 can be triggered by a specially crafted media file, resulting in remote code execution or denial-of-service during video processing. No active exploitation has been reported. Researchers highlight that CVE-2026-8461 affects downstream products including VLC, Jellyfin, Plex, Emby, and cloud transcoding pipelines. A fix is available in FFmpeg 8.1.2, and users should update to mitigate risk.

CVE-2026-0257: PAN-OS GlobalProtect authentication bypass

CVE-2026-0257 is an authentication bypass vulnerability in Palo Alto Networks PAN-OS GlobalProtect portal and gateway that enables unauthorized VPN connections. CVE-2026-0257 allows attackers to access and manipulate data inside targeted networks by exploiting specific conditions, including enabled authentication override cookies and certain certificate configurations. CVE-2026-0257 is actively exploited in the wild and is listed in CISA’s Known Exploited Vulnerabilities catalog. CVE-2026-0257 primarily threatens government and business environments relying on GlobalProtect for remote access. Fixes are available in updated PAN-OS and Prisma Access releases, and organizations should apply them to prevent unauthorized VPN sessions.

Frequently Asked Questions

  1. What is CVE-2026-33017? CVE-2026-33017 is being exploited in the wild to remotely run code on exposed Langflow instances and turn them into cryptocurrency-mining infrastructure. Attackers trigger it through an unauthenticated POST to /api/v1/build_public_tmp/{flow_id}/, then pull down a dropper that leads to a binary designed to disable security controls, establish persistence, and reach a command-and-control server.

  2. What is FlutterShell? FlutterShell is a macOS malware family that uses the Flutter framework to blend in while keeping its most suspicious behavior off-disk until the last possible moment. It relies on a C2-conditional model where JavaScript payloads arrive at runtime and execute inside a WKWebView-based WebView, which helps it show minimal behavior in sandbox environments.

  3. What is CVE-2026-33017? Attackers are exploiting an unauthenticated remote code execution flaw in the Langflow AI application framework (CVE-2026-33017) to remotely run code and install cryptocurrency miners on exposed systems. In practice, that foothold is used to pull down a dropper and then a follow-on payload that disables security controls and sets up persistence, turning AI app infrastructure into an always-on mining rig that drives up costs and drags performance.

  4. What is CVE-2026-8461? A critical FFmpeg vulnerability in the MagicYUV decoder of libavcodec (CVE-2026-8461, CVSS 8.8) can be triggered by a specially crafted media file to cause remote code execution or a denial-of-service. The underlying issue is a heap buffer overflow (heap out-of-bounds write), meaning routine video processing can become the moment an attacker’s payload runs.

  5. What is CVE-2026-0257? An authentication bypass in Palo Alto Networks PAN-OS GlobalProtect portal and gateway (CVE-2026-0257) can let attackers establish unauthorized VPN connections, opening a path to data access and manipulation inside targeted networks. The advisory says exploitation depends on specific conditions, including enabled authentication override cookies and particular certificate configurations, which can turn a perimeter control into an open door.

Discover Related Resources