Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies until Friday to patch an actively ...
has documented what it says is the first ransomware operation carried out from start to finish by an autonomous artificial ...
An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt ...
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
JadePuffer, the first known 'agentic ransomware', uses an AI agent to run attacks end-to-end and adapt in real time, ...
JadePuffer could be the first reported case of a ransomware attack driven by AI from start to finish. How can businesses ...
A recent report from cloud security firm Sysdig details the capabilities of JadePuffer, which it says is the first ransomware ...
Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
Sysdig's JadePuffer case is billed as the first ransomware attack planned and executed end to end by an AI agent, with no human directing it.
The data layer underneath an agentic system must handle variable schemas, vector embeddings, real-time retrieval, and ...
An Iranian hacking group affiliated with Iran's Ministry of Intelligence and Security (MOIS) has been wielding a previously undocumented modular command-and-control (C2) framework dubbed Cavern (aka ...