An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt other systems.

July 6, 2026

The first documented case of an end-to-end ransomware operation executed autonomously by a large language model (LLM) has successfully performed extortion without a human operator, ushering in a new era in cyberattacks that has long been expected by security experts.

Researchers at Sysdig discovered a campaign run by an "agentic threat actor" (ATA) they call JadePuffer, which exploited a flaw in an Internet-facing Langflow deployment and then pivoted to a production database server to run an adaptive and fully automated ransomware campaign, according to a recent report.

The attack unfolded across two distinct targets. First, JadePuffer exploited CVE-2025-3248, an unauthenticated remote code execution (RCE) vulnerability affecting Langflow, which is an open source tool for building AI applications.