Skip to main content
  1. Home
  2. Emerging Tech
  3. News

AI agent reportedly carried out an entire ransomware attack on its own

AI didn't just write malware. It apparently clocked in for work.

Add as a preferred source on Google
Cybersecurity
Cybersecurity Unsplash

Cybersecurity researchers say they have documented what could be the first ransomware attack carried out almost entirely by an autonomous AI agent, marking a significant shift in how cyberattacks could be conducted in the future. According to cloud security firm Sysdig, they have uncovered a ransomware operation dubbed JadePuffer that appears to have relied on a large language model (LLM) agent to perform nearly every stage of the attack without continuous human intervention.

If confirmed, the incident suggests AI is moving beyond writing malicious code and into actively planning, adapting, and executing cyberattacks in real time.

JadePuffer adapted to obstacles much like a human hacker

According to Sysdig’s findings, JadePuffer began by exploiting CVE-2025-3248, a remote code execution vulnerability in Langflow, an open-source framework used to build LLM-powered applications. The flaw, patched in April 2025, was later added to the US Cybersecurity and Infrastructure Security Agency’s (CISA) list of vulnerabilities known to be exploited in the wild.

Once inside the system, the AI agent reportedly carried out a full attack chain that security researchers typically associate with experienced human operators. It collected host information, searched for credentials and sensitive files, extracted cloud secrets, and mapped storage resources before moving laterally through the victim’s infrastructure.

What stood out wasn’t simply the automation – it was the adaptability.

According to the Sysdig report, the researchers observed the AI agent responding dynamically when certain commands failed. In one instance, the malware encountered an unexpected XML response while querying a MinIO object store. Instead of failing, the agent modified its parsing logic and retried using a different approach. Researchers also documented a failed login attempt that was automatically corrected within 31 seconds, without requiring human input.

Recommended Videos

The AI later established persistence by creating scheduled cron jobs before pivoting to a production server running Alibaba Nacos, where it exploited CVE-2021-29441 to create rogue administrator accounts. It eventually encrypted 1,342 Nacos configuration records, deleted the original data, and replaced it with a ransom note demanding payment in Bitcoin.

Interestingly, researchers found several signs suggesting the operation was AI-generated. The malicious code contained unusually detailed natural-language comments explaining its own reasoning, while the ransom note referenced a Bitcoin wallet commonly used as an example in documentation rather than a genuine payment address. Sysdig also believes the malware likely used AES-128 in ECB mode, despite claiming AES-256 encryption.

The findings arrive as cybersecurity experts increasingly warn about the emergence of agentic AI, where AI systems can independently plan and execute complex tasks rather than simply responding to prompts. While JadePuffer still exploited known vulnerabilities rather than inventing new attack methods, the ability to autonomously perform reconnaissance, privilege escalation, persistence, and ransomware deployment represents a notable escalation in offensive AI capabilities.

Sysdig says the incident demonstrates that “agentic threat actors” have effectively arrived, potentially lowering the technical expertise required to launch sophisticated cyberattacks. At the same time, researchers note that AI-generated attacks may also leave distinct behavioural patterns and coding characteristics that defenders can use to build new detection techniques.

For organizations, the report serves as another reminder that patching internet-facing systems and securing cloud credentials remain essential – even as the attackers themselves begin to change.

Moinak Pal
Moinak Pal is has been working in the technology sector covering both consumer centric tech and automotive technology for the…
The Washington Post predicted how tech will advance 50 years ago and the success rate is humbling
The Washington Post predicted 2026 tech in 1976. It got a lot right.
Representative Image

Fifty years ago, when floppy disks were cutting-edge and the personal computer revolution had barely begun, The Washington Post attempted a remarkably ambitious exercise: predict what life in 2026 would look like. Some of those predictions now read like science fiction. Others feel surprisingly ordinary because they have become part of everyday life.

In a retrospective published for America's 250th anniversary, the newspaper revisited science editor Thomas O'Toole's 1976 article Inventing the Future, comparing its forecasts with today's technological reality. The results reveal that while predicting exact timelines is nearly impossible, identifying long-term scientific trends can be remarkably accurate.

Read more
Australian government warns doctors over AI scribing tools as privacy and safety concerns grow
AI medical scribes face regulatory scrutiny in Australia amid safety concerns
Representative Image

The Australian government is urging healthcare professionals to exercise caution when using AI-powered medical scribing tools, as regulators examine whether stronger safeguards are needed around one of healthcare's fastest-growing technologies, according to a report by The Guardian.

AI scribes have rapidly gained popularity by recording, transcribing, and summarising doctor-patient conversations into clinical notes, reducing the administrative burden on healthcare workers. However, government officials now warn that the technology's rapid adoption has outpaced oversight, raising questions around patient privacy, informed consent, and the accuracy of medical records.

Read more
Merlin bird ID app is now eyeing a global database of our vanishing feathery friends
Your phone is about to become a part-time ornithologist
Merlin bird ID

The Merlin Bird ID app, already one of the world's most popular bird identification tools, is set to become an even more valuable resource for conservationists. According to a report by The Guardian, an upcoming update will allow bird identifications made through the app to flow directly into eBird, one of the largest citizen-science biodiversity databases in the world.

The move means millions of users listening to birds in their backyards, local parks, or hiking trails could soon contribute valuable scientific data that helps researchers monitor bird populations and track changes in biodiversity.

Read more