A ransomware attack was carried out by a threat actor known as JadePuffer, who exploited a critical vulnerability (CVE-2025-3248) in the open source Langflow framework, which is designed for LLM-driven applications. The vulnerability allowed JadePuffer to run arbitrary Python code, facilitating access to sensitive data including API keys and database credentials.
Following reconnaissance, the attacker pivoted to a production server linked to a MySQL database and Nacos, exploiting multiple vulnerabilities to inject a backdoor and encrypt configuration files. Notably, the attack showcased the ability of LLMs to adapt and respond to challenges in real-time, signaling a rise in such AI-driven threats. The cybersecurity firm Sysdig warns of increasing risks associated with similar agentic attacks and advises on hardening defenses for exposed servers and databases.