www.infosecurity-magazine.com 7/6/2026, 8:51:17 AM · external

Agentic ransomware JadePuffer driven by LLM hits Langflow flaw

Agentic ransomware JadePuffer driven by LLM hits Langflow flaw
Developing story campaign 4 articles tracked
JadePuffer AI ransomware exploits Langflow flaw (CVE-2025-3248)
CyberSIXT Evidence Panel
Primary Source sysdig.com

CLOUD security firm Sysdig reports the emergence of JadePuffer, the first fully agentic ransomware campaign, driven entirely by a large language model (LLM). This campaign exploited a vulnerability in a Langflow instance to automate various attack stages, including credential harvesting, local data theft, and massive database destruction, all without human intervention.

Key points highlight that LLMs can autonomously handle tasks such as reconnaissance and destruction, the automation of outdated vulnerabilities is a growing concern, and new detection opportunities arise from the LLM's self-narration of its objectives. The enhanced speed of agentic threats poses increased risks for security teams, necessitating a focus on proactive defenses and rapid patching of vulnerabilities.

View Primary Source Via www.infosecurity-magazine.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline