AI-Driven Ransomware Operations
AI-Driven Ransomware Operations
Articles on ransomware operations that leverage AI agents to automate attack workflows — including reconnaissance, exploitation, lateral movement, encryption, and extortion — covering the emerging threat of autonomous AI-powered ransomware campaigns.
ai driven ransomware operations1 hour ago6 min
When a Ransomware Gang Turns Out to Be an LLM Running on Its Own
Researchers at Sysdig identified JadePuffer as the first known ransomware campaign conducted entirely by a large language model agent — from initial access via Langflow's CVE-2025-3248 through credential theft, lateral movement to Alibaba Nacos, and encryption of 1,342 service configurations — demonstrating the arrival of autonomous agentic threat actors.