Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
Sysdig's JadePuffer case is billed as the first ransomware attack planned and executed end to end by an AI agent, with no human directing it.
An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt ...
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted ...
A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram ...
A leaked chat and bitcoin trail show a US government entity paid Kairos $1m to suppress stolen files, no encryption involved, with clues pointing to Ohio.