Three weeks ago, security researchers watched something they’ve been warning about for a year actually happen: an AI agent ran a complete ransomware attack by itself. No human attacker typing commands. No delays waiting for approval. Start to finish — reconnaissance, exploitation, lateral movement, data exfiltration, and the extortion demand — all orchestrated by software.

The attack is called JADEPUFFER. It’s the first confirmed case of end-to-end autonomous ransomware. And it means your incident response playbook, which is built around the assumption that humans are doing the attacking, is already obsolete.

What JADEPUFFER actually did

On July 7, 2026, Sysdig (a container security firm) published the technical details. JADEPUFFER isn’t a new piece of malware — it’s a proof of concept showing how an agentic AI can automate every stage of a ransomware intrusion without a human operator stopping to check in, approve, or adjust course.

The kill chain it executed: