A newly discovered threat actor named JADEPUFFER has conducted what researchers believe is the first fully autonomous ransomware attack driven by an AI agent. The operation exploited CVE-2025-3248, a remote code execution vulnerability in Langflow, an open-source framework used to design large language model workflows. Once inside the environment, the AI agent performed reconnaissance, harvested cloud and API credentials, and established persistence without human intervention.
Source