Realtime AI News
Sysdig Uncovers First Fully AI-Agent-Driven Ransomware Attack: JADEPUFFER
Sysdig has documented the first known ransomware campaign driven end-to-end by an AI agent's own decision-making. The JadePuffer operation executed over 600 distinct payloads autonomously, with the AI redeploying a corrected payload just 31 seconds after hitting an error.
Cloud security firm Sysdig published a report on July 6 detailing the first fully AI-agent-driven ransomware attack it has tracked, codenamed JADEPUFFER. The finding marks a new phase in cyberattacks where AI no longer merely assists but directly drives the decision-making and execution of the kill chain.
According to Michael Clark, Senior Director of Threat Research at Sysdig, this was not a simple AI-assisted scripted attack but one driven end-to-end by the large language model's own decision-making. The attacker gained initial access by exploiting a Langflow vulnerability (CVE-2025-3248) before targeting a production server running MySQL and Alibaba Nacos.
Sysdig observed the AI agent executing more than 600 distinct, purposeful payloads throughout the operation. The payloads narrated their objectives in plain language and identified high-value databases automatically — details Clark said that LLMs annotate by default. More striking: when a payload encountered an error on first execution, the AI agent diagnosed the issue, switched its approach from subprocess calls to direct library imports, and redeployed the corrected payload within 31 seconds.
"We have seen attackers script attacks for years, and we have seen AI speed up individual steps of attack chains," Clark told CyberScoop. However, this attack was "driven end-to-end by the model's own decision-making, rather than a human at the keyboard." The 31-second failure-to-fix cycle, he noted, is "the clearest example of where agentic AI gave the attacker an advantage."
The investigation also found that multiple AI models were used — the agent accessed keys for OpenAI, Anthropic, DeepSeek, and Gemini as it gathered information on the victim's systems. While the AI played a central role, a human attacker was still involved at critical junctures.
The practical impact is significant: what previously required skilled security personnel hours to accomplish — lateral movement, exploitation, payload tuning — can now be compressed to minutes or even seconds by an AI agent. As Clark summarized: "The model closed loops that used to require a skilled human."
JADEPUFFER represents a major milestone in the weaponization of AI for cybercrime. The security community now faces a fundamental question: when attack speed drops from hours to seconds, can signature-based detection and manual incident response keep pace?
Sources
Why it matters
AI-agent-driven ransomware compresses attack timelines from hours to seconds, fundamentally challenging traditional security detection and manual response workflows.
Nearby Updates
All07/07, 03:09
Anthropic Sales Surge, Company Poised for First Quarterly Profit
Anthropic is nearing its first quarterly profit as sales surge sharply, according to financial reports. The milestone would break the long-standing "money-burning" cycle in the AI industry and mark a critical inflection point for large language model commercialization.
07/07, 03:01
Apple Adds Siri Pace and Expressivity Customization in Latest iOS 27 Beta
Apple has introduced new customization options for Siri's speaking pace and expressivity in the latest iOS 27 beta. The update is part of Apple's broader push to rebuild Siri around generative AI and make the assistant feel more natural and personal.
07/07, 03:31
China Targets AI Companions: Alibaba and ByteDance Ordered to Shut Down Products
Chinese regulators have ordered Alibaba and ByteDance to shut down their AI companion products, according to reports cited by TipRanks. The crackdown targets highly human-like AI chatbots over concerns about social and ethical risks.
07/07, 03:50
Meta Claims Its Next AI Model Matches OpenAI's GPT-5.5 Performance
Meta has reportedly claimed that its next-generation AI large language model can match the performance of OpenAI's GPT-5.5. If confirmed, this would mark a significant narrowing of the gap between Meta's AI capabilities and the industry leader.