Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
has documented what it says is the first ransomware operation carried out from start to finish by an autonomous artificial ...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies until Friday to patch an actively ...
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...
Researchers claimed to have uncovered what may be the first ransomware attack to be conducted by an AI agent. Dubbed ...
Sysdig's JadePuffer case is billed as the first ransomware attack planned and executed end to end by an AI agent, with no human directing it.
Autonomous AI agents are no longer theoretical cyber risks as new research shows a large language model executing an end-to-end ransomware campaign, highlighting the urgency of patching known ...
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted ...
Researchers from security firm Trend Micro warn that a critical remote code execution vulnerability patched in April in the Langflow AI agent framework is being exploited to deploy botnet malware. The ...