NCSC flags PAN-OS VPN exploit and Langflow AI attacks
Key insights
- PAN-OS CVE-2026-0257 is under active exploitation with US federal agencies facing a mandatory June 19 remediation deadline.
- Langflow CVE-2025-34291 has escalated to a live exploit campaign specifically targeting AI developer pipeline infrastructure.
- An unexplained EPSS score spike on a Windows vulnerability suggests threat actors conducting organized pre-exploitation reconnaissance.
Why this matters
AI developer pipelines running Langflow are now confirmed targets for active exploit campaigns, meaning organizations deploying AI infrastructure face security exposure on the same tooling they depend on for model development. The simultaneous activation of PAN-OS exploitation and the Windows EPSS anomaly points to coordinated threat actor activity across multiple attack surfaces rather than isolated opportunistic scanning. The NCSC's framing of all three signals as precursors to an AI-accelerated CVE disclosure wave means security teams should treat current patch backlogs as more urgent than a typical quarterly cadence.
Summary
The NCSC CTO's May 31 digest flags three active threats hitting enterprise and AI infrastructure simultaneously.
PAN-OS CVE-2026-0257 is under live exploitation, with US federal agencies facing a June 19 remediation deadline. Langflow CVE-2025-34291 has moved from proof-of-concept to active campaign, targeting AI developer pipelines embedded in enterprise ML stacks.
Essentially: (Palo Alto Networks, Langflow) are the key exposed surfaces, with an unexplained Windows EPSS spike adding a third signal pointing to organized pre-exploitation activity.
- PAN-OS VPN exploitation confirmed; June 19 federal deadline binding
- Langflow attacks intensifying against AI pipeline deployments
- Windows EPSS spike signals possible coordinated target reconnaissance
All three fit the NCSC's standing call to shrink internet-exposed attack surfaces before an AI-accelerated CVE wave arrives in late 2026.
Potential risks and opportunities
Risks
- Federal agencies that miss the June 19 PAN-OS remediation deadline face potential VPN network compromise and mandatory incident reporting under CISA binding operational directives
- AI teams running Langflow in production pipelines risk supply-chain-style compromise before CVE-2025-34291 patches are applied, potentially exposing model weights or training data
- If the Windows EPSS spike resolves into confirmed active exploitation, organizations with large unpatched Windows estates face a race-condition patch window measured in days rather than weeks
Opportunities
- Palo Alto Networks' Cortex and Prisma SASE teams can accelerate enterprise VPN-replacement deals by citing active CVE-2026-0257 exploitation as direct evidence of on-prem perimeter risk
- AI security posture management vendors (Protect AI, HiddenLayer, Robust Intelligence) gain concrete budget justification at Langflow-dependent organizations now facing active pipeline compromise attempts
- EPSS-based threat prioritization vendors (Tenable, Qualys, Rapid7) can use the Windows score spike as a live case study for selling EPSS-weighted patching programs over CVE severity-only triage approaches
What we don't know yet
- Attribution behind the Langflow CVE-2025-34291 campaign: no threat actor group has been named in public reporting as of May 31
- Whether the Windows EPSS spike maps to a specific CVE or represents a blended signature across multiple unpatched vulnerabilities
- How many federal agencies remain unpatched against PAN-OS CVE-2026-0257 with the June 19 deadline approaching
Originally reported by ctoatncsc.substack.com
Read the original article →Original headline: NCSC CTO Week-Ending May 31 Security Summary: PAN-OS Active Exploitation, Langflow Campaigns, and Unexpected Windows EPSS Spike