IOC Radar
TLP:WHITE5 IOCs

Langflow RCE Flaw Exploited to Deploy Monero Cryptominer on AI Servers

CP
Cyber Press
Published June 29, 2026Original Report

Malware Families

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTUREhttp://83.142.209.214…83.142.209.214CAPABILITYCobalt StrikeXMRigVICTIMunknown
Adversary
Infrastructure(2)
Capability(2)
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise5

TypeIndicatorConfidenceScoreFirst Seen
CVECVE-2026-33017
cryptominerexploitintel-blog
High
61
Jun 3, 26
URLhttp://83.142.209.214:8080/isp.sh
intel-blogmalwarenetwork
High
58
Jun 29, 26
CVECVE-2025-3248
botnetddosexploit
Medium
51
Jun 29, 26
MD546096a72d84db5f1dafd944fcf6571c8
cryptominerfile-hashintel-blog
Medium
53
Jun 29, 26
IP83.142.209.214
intel-blogmalwarenetwork
High
58
Jun 29, 26

IOC Relationship Graph

IOC Relationship Graph5 total IOCs
CVEURLMD5IP
CVE2URL1MD51IP1Malware2REPORTLangflow RCE Flaw ExploiteCobalt StrikeXMRig
scroll to zoom · drag to pan · click IOC to open