Autonomous AI ransomware: inside JADEPUFFER, the first agent-run attack of 2026
JADEPUFFER exploited a critical Langflow flaw (CVE-2025-3248) and used an LLM to chain reconnaissance, theft and database extortion with no human operator. A breakdown of the attack and a 2026 defense checklist