Close Menu
Tech Savvyed
  • Home
  • News
  • Artificial Intelligence
  • Gadgets
  • Apps
  • Mobile
  • Gaming
  • Accessories
  • More
    • Web Stories
    • Spotlight
    • Press Release

Subscribe to Updates

Get the latest tech news and updates directly to your inbox.

What's On
You can now walk through space and gaze into a black hole at this VR exhibit

You can now walk through space and gaze into a black hole at this VR exhibit

6 July 2026
Broad AI expertise may no longer be enough as companies look for more specialized talent 

Broad AI expertise may no longer be enough as companies look for more specialized talent 

6 July 2026
AI agent reportedly carried out an entire ransomware attack on its own

AI agent reportedly carried out an entire ransomware attack on its own

6 July 2026
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram
Tech Savvyed
SUBSCRIBE
  • Home
  • News
  • Artificial Intelligence
  • Gadgets
  • Apps
  • Mobile
  • Gaming
  • Accessories
  • More
    • Web Stories
    • Spotlight
    • Press Release
Tech Savvyed
Home»News»AI agent reportedly carried out an entire ransomware attack on its own
News

AI agent reportedly carried out an entire ransomware attack on its own

News RoomBy News Room6 July 20263 Mins Read
AI agent reportedly carried out an entire ransomware attack on its own
Share
Facebook Twitter Reddit Telegram Pinterest Email

Cybersecurity researchers say they have documented what could be the first ransomware attack carried out almost entirely by an autonomous AI agent, marking a significant shift in how cyberattacks could be conducted in the future. According to cloud security firm Sysdig, they have uncovered a ransomware operation dubbed JadePuffer that appears to have relied on a large language model (LLM) agent to perform nearly every stage of the attack without continuous human intervention.

If confirmed, the incident suggests AI is moving beyond writing malicious code and into actively planning, adapting, and executing cyberattacks in real time.

JadePuffer adapted to obstacles much like a human hacker

According to Sysdig’s findings, JadePuffer began by exploiting CVE-2025-3248, a remote code execution vulnerability in Langflow, an open-source framework used to build LLM-powered applications. The flaw, patched in April 2025, was later added to the US Cybersecurity and Infrastructure Security Agency’s (CISA) list of vulnerabilities known to be exploited in the wild.

Once inside the system, the AI agent reportedly carried out a full attack chain that security researchers typically associate with experienced human operators. It collected host information, searched for credentials and sensitive files, extracted cloud secrets, and mapped storage resources before moving laterally through the victim’s infrastructure.

What stood out wasn’t simply the automation – it was the adaptability.

According to the Sysdig report, the researchers observed the AI agent responding dynamically when certain commands failed. In one instance, the malware encountered an unexpected XML response while querying a MinIO object store. Instead of failing, the agent modified its parsing logic and retried using a different approach. Researchers also documented a failed login attempt that was automatically corrected within 31 seconds, without requiring human input.

The AI later established persistence by creating scheduled cron jobs before pivoting to a production server running Alibaba Nacos, where it exploited CVE-2021-29441 to create rogue administrator accounts. It eventually encrypted 1,342 Nacos configuration records, deleted the original data, and replaced it with a ransom note demanding payment in Bitcoin.

Interestingly, researchers found several signs suggesting the operation was AI-generated. The malicious code contained unusually detailed natural-language comments explaining its own reasoning, while the ransom note referenced a Bitcoin wallet commonly used as an example in documentation rather than a genuine payment address. Sysdig also believes the malware likely used AES-128 in ECB mode, despite claiming AES-256 encryption.

ransomware

The findings arrive as cybersecurity experts increasingly warn about the emergence of agentic AI, where AI systems can independently plan and execute complex tasks rather than simply responding to prompts. While JadePuffer still exploited known vulnerabilities rather than inventing new attack methods, the ability to autonomously perform reconnaissance, privilege escalation, persistence, and ransomware deployment represents a notable escalation in offensive AI capabilities.

Sysdig says the incident demonstrates that “agentic threat actors” have effectively arrived, potentially lowering the technical expertise required to launch sophisticated cyberattacks. At the same time, researchers note that AI-generated attacks may also leave distinct behavioural patterns and coding characteristics that defenders can use to build new detection techniques.

For organizations, the report serves as another reminder that patching internet-facing systems and securing cloud credentials remain essential – even as the attackers themselves begin to change.

Share. Facebook Twitter Pinterest LinkedIn Telegram Reddit Email
Previous ArticleAmerica’s 250th anniversary time capsule includes an iPhone 17 Pro Max
Next Article Broad AI expertise may no longer be enough as companies look for more specialized talent 

Related Articles

You can now walk through space and gaze into a black hole at this VR exhibit

You can now walk through space and gaze into a black hole at this VR exhibit

6 July 2026
Broad AI expertise may no longer be enough as companies look for more specialized talent 

Broad AI expertise may no longer be enough as companies look for more specialized talent 

6 July 2026
America’s 250th anniversary time capsule includes an iPhone 17 Pro Max

America’s 250th anniversary time capsule includes an iPhone 17 Pro Max

6 July 2026
Google executive ports Command & Conquer Generals: Zero Hour to iPhone and Mac using Claude

Google executive ports Command & Conquer Generals: Zero Hour to iPhone and Mac using Claude

6 July 2026
EV batteries are lasting much longer than the industry expected

EV batteries are lasting much longer than the industry expected

6 July 2026
AI’s energy tax was already concerning. Research says AI agents are over hundred times worse

AI’s energy tax was already concerning. Research says AI agents are over hundred times worse

6 July 2026
Demo
Stay In Touch
  • Facebook
  • Twitter
  • Pinterest
  • Instagram
  • YouTube
  • Vimeo
Don't Miss
Broad AI expertise may no longer be enough as companies look for more specialized talent 

Broad AI expertise may no longer be enough as companies look for more specialized talent 

By News Room6 July 2026

When the generative AI boom sparked into life in late 2022, business executives and team…

AI agent reportedly carried out an entire ransomware attack on its own

AI agent reportedly carried out an entire ransomware attack on its own

6 July 2026
America’s 250th anniversary time capsule includes an iPhone 17 Pro Max

America’s 250th anniversary time capsule includes an iPhone 17 Pro Max

6 July 2026
Google executive ports Command & Conquer Generals: Zero Hour to iPhone and Mac using Claude

Google executive ports Command & Conquer Generals: Zero Hour to iPhone and Mac using Claude

6 July 2026
Tech Savvyed
Facebook X (Twitter) Instagram Pinterest
  • Privacy Policy
  • Terms of use
  • Advertise
  • Contact
© 2026 Tech Savvyed. All Rights Reserved.

Type above and press Enter to search. Press Esc to cancel.