• Experts warn of the 'first documented case of agentic ransomware'

    From TechnologyDaily@1337:1/100 to All on Wednesday, July 08, 2026 19:30:24
    Experts warn of the 'first documented case of agentic ransomware' dangerous JADEPUFFER attack run entirely by an LLM

    Date:
    Wed, 08 Jul 2026 18:15:00 +0000

    Description:
    An LLM-based ransomware attack has been detected by researchers, and is notable for losing the data it encrypted...

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter The first agentic ransomware attack has been dubbed JADEPUFFER by researchers at Sysdig Threat exploited a known vulnerability, adapted to obstacles, and targeted an Alibaba Nacos Unfortunately for victims, paying up means nothing, as JADEPUFFER fails to back up the data Has ransomware become self-aware? Sysdig researchers have analyzed an attack on an internet-facing Langflow instance, and discovered what they believe to be the first ransomware infection driven not by a human, but by AI.

    As the attack progressed via a vulnerability, it accessed a server, removed data, overcame challenges, and phoned home regularly all controlled not by a remote operator, but by a large language model (LLM). Dubbed JADEPUFFER the attack seems to point to the direction of travel for extortion-based cybercrime -- if not for the entire sector, then certainly for the cybercrime-as-a-service (CaaS) market. As highlighted in Sysdigs conclusion: Its a marker of where extortion tradecraft is heading. Latest Videos From Watch full video here: Fully autonomous hack Using a code-injection attack on a Langflow deployment, Sysdig reported that the attack was fully automated, and after exploiting the vulnerability (CVE-2025-3248) JADEPUFFER sought out credentials for LLM providers, databases cloud platforms, and cryptocurrency wallets.

    It also harvested data from the Langflow instances Postgres database, and committed various acts of destruction before the intended Alibaba Nacos (Naming and Configuration Service) and connected MySQL database were reached. You may like DeepSeek accidentally built a working ransomware strain What the OpenClaw vulnerability reveals about the future of agentic AI security
    Hackers used AI to discover and weaponize a zero-day for the first time

    At this point, the ransomware demand was issued, with 1,342 Nacos configuration items encrypted and crucial database tables dropped. What is interesting about this is that random encryption was applied, but no backup was made and no key or report was created so even if the ransom was paid,
    the data would remain unrecovered.

    (Langflow fixed the vulnerability in April 2025, so this attack could have been avoided if the instance had been patched. Ironically, Langflow is also
    an AI platform, providing low-code solutions to build and deploy chatbots, agents, and advanced workflows using artificial intelligence.) Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get
    all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting
    your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. A new phase in cybersecurity Security researchers have been on the lookout for Agentic Threat Actors (ATAs) for a while now, so the arrival of JADEPUFFER is not completely unexpected. Its arrival essentially means that anyone can create and operate a ransomware (or other cyberthreat) operation, relying on intelligent prompts and low-effort, fully automated testing in the wild, from which the LLM can learn and improve.

    If this does indeed represent the dawning of a new age of cybersecurity, it isnt all bad news. This incident has demonstrated how LLM-based attacks can
    be detected.

    It used historical vulnerabilities, for example, but the most interesting thing about it is that this attempt was pretty verbose. The Sysdig team noticed that when JADEPUFFER was presented with obstacles to its primary aim, it adapted and shared its rationale.

    While this narration is common among LLMs, other threats dont do this, which offers an advantage for detecting LLM-based threats like JADEPUFFER and the variants which will inevitably appear. Follow TechRadar on Google News and
    add us as a preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/experts-warn-of-the-first-documented-ca se-of-agentic-ransomware-dangerous-jadepuffer-attack-run-entirely-by-an-llm


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)