The U.S. Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies until Friday to patch an actively ...
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
Sysdig's JadePuffer case is billed as the first ransomware attack planned and executed end to end by an AI agent, with no human directing it.
Sophos says Claude Code, Cursor, and Codex triggered Windows endpoint rules for credential access, LOLBin downloads, and ...
4don MSN
Researchers may have identified first ever documented case of AI agent-led ransomware operation
A groundbreaking ransomware attack, reportedly the first fully executed by an AI agent named JadePuffer, has been uncovered.
Actively exploited CVE-2026-5027 lets attackers write files to arbitrary locations on vulnerable Langflow servers, creating a path to remote code execution and full system compromise. Enterprises ...
Your AI agent did exactly what it was designed to do. The framework underneath it just handed an attacker a shell on the box that holds your OpenAI key, your database credentials, and your CRM tokens.
a laptop screen with a webpage of the IT Army of Ukraine group of volunteer hackers. The IT Army of Ukraine first set up in the wake of Russia's devastating attack, and has since hugely grown in ...
The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framework ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results