JadePuffer ransomware used AI agent to automate entire attack
Summary
Researchers discovered JadePuffer, believed to be the first ransomware attack fully controlled by an autonomous AI agent (a program that acts independently to complete tasks). The AI agent exploited a vulnerability in Langflow (a framework for building AI applications) to gain initial access, then automatically performed reconnaissance, stole credentials, moved through the network, and encrypted data while adapting to failures in real time, much like a human attacker would.
Solution / Mitigation
The vendor fixed CVE-2025-3248 on April 1, 2025. Additionally, CISA (Cybersecurity and Infrastructure Security Agency) tagged this vulnerability as exploited in attacks, warning organizations to patch internet-exposed endpoints.
Classification
Affected Vendors
Related Issues
Original source: https://www.bleepingcomputer.com/news/security/jadepuffer-ransomware-used-ai-agent-to-automate-entire-attack/
First tracked: July 4, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 92%