{"data":{"id":"69643d68-ca79-48b5-9ba6-b9f9c3f20f3b","title":"JadePuffer: The First Complete LLM-Driven Ransomware Attack","summary":"A malicious actor used an agentic threat actor (an AI system designed to perform tasks autonomously) to exploit a vulnerability in Langflow (an open-source platform for building AI applications) and conducted a complete ransomware attack (malware that encrypts data and demands payment for its return). The attack resulted in stolen data from a production database and encrypted systems across the targeted infrastructure.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://www.darkreading.com/cyberattacks-data-breaches/jadepuffer-first-complete-llm-driven-ransomware-attack","publishedAt":"2026-07-06T16:36:50.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["prompt_injection","supply_chain"],"issueType":"news","affectedPackages":null,"affectedVendors":["LangChain"],"affectedVendorsRaw":["Langflow","LLM"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-07-06T16:36:50.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"advanced","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}