#jadepuffer — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #jadepuffer, aggregated by home.social.
-
"Ransomware has had a human at the keyboard, or at least a human writing its script, since it was first established as a category of threat. The Sysdig Threat Research Team (TRT) has captured what we assess to be the first documented case of agentic ransomware: a complete extortion operation driven end-to-end by a large language model (LLM).
This operator, which we have dubbed JADEPUFFER, gained initial access to an internet-facing Langflow instance through CVE-2025-3248 and ran an adaptive and fully automated campaign, ultimately pivoting to the intended target and running a destructive database-extortion playbook against the victim's production database server. JADEPUFFER is considered an agentic threat actor (ATA), or an operator whose attack capability is delivered by an AI agent rather than a human-driven toolkit.
The most striking characteristic, however, was the LLM's behavior. JADEPUFFER's own payloads were self-narrating. They contained natural language reasoning, target prioritization, and the kind of detailed annotations that human operators don’t often write but LLM-generated code produces reflexively. The operation also adapted in real time, retrying failed steps within refined parameters. In one sequence, it went from a failed login to a working fix in 31 seconds.
The research below examines the Sysdig TRT’s observations of JADEPUFFER, along with its indicators of compromise and recommended defensive actions."
https://www.sysdig.com/blog/jadepuffer-agentic-ransomware-for-automated-database-extortion
#AI #AiAgents #AgenticAI #CyberSecurity #LLMs #Ransomware #Jadepuffer
-
"Ransomware has had a human at the keyboard, or at least a human writing its script, since it was first established as a category of threat. The Sysdig Threat Research Team (TRT) has captured what we assess to be the first documented case of agentic ransomware: a complete extortion operation driven end-to-end by a large language model (LLM).
This operator, which we have dubbed JADEPUFFER, gained initial access to an internet-facing Langflow instance through CVE-2025-3248 and ran an adaptive and fully automated campaign, ultimately pivoting to the intended target and running a destructive database-extortion playbook against the victim's production database server. JADEPUFFER is considered an agentic threat actor (ATA), or an operator whose attack capability is delivered by an AI agent rather than a human-driven toolkit.
The most striking characteristic, however, was the LLM's behavior. JADEPUFFER's own payloads were self-narrating. They contained natural language reasoning, target prioritization, and the kind of detailed annotations that human operators don’t often write but LLM-generated code produces reflexively. The operation also adapted in real time, retrying failed steps within refined parameters. In one sequence, it went from a failed login to a working fix in 31 seconds.
The research below examines the Sysdig TRT’s observations of JADEPUFFER, along with its indicators of compromise and recommended defensive actions."
https://www.sysdig.com/blog/jadepuffer-agentic-ransomware-for-automated-database-extortion
#AI #AiAgents #AgenticAI #CyberSecurity #LLMs #Ransomware #Jadepuffer
-
Researchers identified the first documented case of a #ransomware operation, #JadePuffer, conducted entirely by an #AIagent. The agent exploited a vulnerability in Langflow to gain initial access, then used various techniques to move laterally, escalate privileges, and encrypt data on a production MySQL server. The attack demonstrates the potential of AI-driven cyberattacks and the need for improved detection methods. https://www.bleepingcomputer.com/news/security/jadepuffer-ransomware-used-ai-agent-to-automate-entire-attack/?eicker.news #tech #media #news
-
Researchers identified the first documented case of a #ransomware operation, #JadePuffer, conducted entirely by an #AIagent. The agent exploited a vulnerability in Langflow to gain initial access, then used various techniques to move laterally, escalate privileges, and encrypt data on a production MySQL server. The attack demonstrates the potential of AI-driven cyberattacks and the need for improved detection methods. https://www.bleepingcomputer.com/news/security/jadepuffer-ransomware-used-ai-agent-to-automate-entire-attack/?eicker.news #tech #media #news
-
We're here! AI Agent executed automated Ransomware operation.
JadePuffer used an autonomous AI agent for reconnaissance on the target, to steal credentials, move laterally, establish persistence, escalate privileges, and to encrypt data.
WHOA! “The operation also adapted in real time, retrying failed steps within refined parameters. In one sequence, it went from a failed login to a working fix in 31 seconds,”
NIST CVE (CVE-2025-3248) posted here: https://nvd.nist.gov/vuln/detail/CVE-2025-3248 #JadePuffer #Ransomware #Security #Hackers #NIST_CVE #CVE2025_3248 #AgenticThreatActors #AI #AIAgents #CyberAttack #CyberSecurity #LLMs #MySQL #PostgreSQL #CVE #JadePuffer
-
We're here! AI Agent executed automated Ransomware operation.
JadePuffer used an autonomous AI agent for reconnaissance on the target, to steal credentials, move laterally, establish persistence, escalate privileges, and to encrypt data.
WHOA! “The operation also adapted in real time, retrying failed steps within refined parameters. In one sequence, it went from a failed login to a working fix in 31 seconds,”
NIST CVE (CVE-2025-3248) posted here: https://nvd.nist.gov/vuln/detail/CVE-2025-3248 #JadePuffer #Ransomware #Security #Hackers #NIST_CVE #CVE2025_3248 #AgenticThreatActors #AI #AIAgents #CyberAttack #CyberSecurity #LLMs #MySQL #PostgreSQL #CVE #JadePuffer
-
Sysdig’s Threat Research Team has documented what it assesses to be the first ransomware operation
driven end-to-end by a large language model.The operator, which Sysdig calls #JADEPUFFER, broke into a server, harvested credentials, moved to a separate production target, encrypted a database, and destroyed data,
all without a human at the keyboard.
Ransomware has always needed a person somewhere in the loop.
That may no longer be true.
-
Sysdig’s Threat Research Team has documented what it assesses to be the first ransomware operation
driven end-to-end by a large language model.The operator, which Sysdig calls #JADEPUFFER, broke into a server, harvested credentials, moved to a separate production target, encrypted a database, and destroyed data,
all without a human at the keyboard.
Ransomware has always needed a person somewhere in the loop.
That may no longer be true.
-
That whole #JADEPUFFER feels like someone pointed a LLM based CTF toolkit against a (claimed) live target running an old unpatched langflow.
It's attacks were regurgitated stuff; like snippets from CTF and PoC writeups, down to the variables used.
The "ransomware" part is what I'll dub cyber-LARPing, where it destroyed MYSQL content by encrypting it with a random key, didn't store the key, didn't exfil any data, and dropped a bitcoin address in the ransomware note straight out of documentation.
I have no idea what to make of it, except I'm not at all surprised a cyber security company that has fully redPilled AI, creates hype around an LLM "autonomously" attacking a broken vibe-coded AI Agent deployment framework. But kudos for the "Agentic Threat Actor/ ATA" acronym.
May I suggest my own acronym for this? #TARP: Threat Actor Role Playing.
TLDR: It all feels... fake. But maybe the future of cyber attacks is LLMs destroying even more of the internet playing pretend?
https://www.sysdig.com/blog/jadepuffer-agentic-ransomware-for-automated-database-extortion
-
That whole #JADEPUFFER feels like someone pointed a LLM based CTF toolkit against a (claimed) live target running an old unpatched langflow.
It's attacks were regurgitated stuff; like snippets from CTF and PoC writeups, down to the variables used.
The "ransomware" part is what I'll dub cyber-LARPing, where it destroyed MYSQL content by encrypting it with a random key, didn't store the key, didn't exfil any data, and dropped a bitcoin address in the ransomware note straight out of documentation.
I have no idea what to make of it, except I'm not at all surprised a cyber security company that has fully redPilled AI, creates hype around an LLM "autonomously" attacking a broken vibe-coded AI Agent deployment framework. But kudos for the "Agentic Threat Actor/ ATA" acronym.
May I suggest my own acronym for this? #TARP: Threat Actor Role Playing.
TLDR: It all feels... fake. But maybe the future of cyber attacks is LLMs destroying even more of the internet playing pretend?
https://www.sysdig.com/blog/jadepuffer-agentic-ransomware-for-automated-database-extortion
-
📣🚨 Spotted: #JADEPUFFER, the first documented agentic ransomware operation in which an LLM agent abused a Langflow flaw, stole credentials, reached production MySQL, and destroyed Nacos config data.
Listen/Read: https://hackread.com/sysdig-jadepuffer-first-agentic-ransomware-operation/
-
📣🚨 Spotted: #JADEPUFFER, the first documented agentic ransomware operation in which an LLM agent abused a Langflow flaw, stole credentials, reached production MySQL, and destroyed Nacos config data.
Listen/Read: https://hackread.com/sysdig-jadepuffer-first-agentic-ransomware-operation/