Sysdig report names JadePuffer world's 1st LLM-run ransomware campaign
Meet JadePuffer, the world's first ransomware attack run entirely by artificial intelligence.
Uncovered by Sysdig in a report published on July 7, 2026, this campaign used a large language model (LLM) to plan and carry out every step of the hack, with no human in the driver's seat.
Langflow vulnerability enabled theft and encryption
Hackers broke in through a vulnerability in Langflow (an open-source AI tool), grabbing sensitive stuff like API keys and crypto wallets.
The LLM quickly locked up files on a production server using Alibaba's Nacos service and demanded Bitcoin for their release.
Noelle Murata, chief operating officer of Xcape Inc. called this a "foundational shift," warning that AI can adapt so fast that old-school defenses might not keep up.
Experts now recommend smarter, behavior-based security to stay ahead of these next-generation threats.