First AI-Autonomous Ransomware Attack Encrypts 1,342 Nacos Config Items
Tags Security · AI · Infrastructure
Researchers documented JadePuffer, the first ransomware operation conducted entirely by a large language model agent without human intervention. The attack exploited CVE-2025-3248 (unauthenticated RCE in Langflow) and a Nacos authentication bypass vulnerability to encrypt configuration data. The AI agent adapted to failures in real-time, fixing a failed MySQL injection in 31 seconds. It created extortion tables with Bitcoin addresses and used generative AI to produce code comments explaining each step.
Technical significance
Marks the arrival of agentic threat actors (ATAs) capable of conducting end-to-end cyberattacks. The 31-second adaptation to failures demonstrates AI agents can respond to security controls faster than human defenders. Organizations running Langflow or Nacos should prioritize patching CVE-2025-3248 and auditing unauthorized AI access patterns.