Cyberside Chats: Cybersecurity Insights from the Experts
In this episode, Sherri and Matt discuss JADEPUFFER — the first publicly documented ransomware operation executed end-to-end by an AI agent. According to Sysdig Threat Research, the AI drove the whole intrusion: reconnaissance, exploitation, lateral movement, and extortion. It fixed its own failed attacks in 31 seconds, fired off 600+ payloads, and encrypted 1,342 database records — yet it also narrated its crimes in plain English and demanded ransom to a hallucinated Bitcoin address. Fast AND flawed: an amateur hacker operating at machine speed. Sherri and Matt trace how we got here — from PromptLock to criminal “vibe hacking” — and what machine-speed adversaries mean for your incident response, your threat model, and your Monday-morning to-do list. Key Takeaways: 1. Inventory your AI attack surface. Ask which of your vendors' and internal AI tools are internet-facing and unpatched — JADEPUFFER walked in through a known, long-patched Langflow vulnerability. 2. Reset your incident response expectations. Adversaries can now adapt in seconds, not hours. Human-paced SLAs are no defense against a 31-second fix loop — invest in automated detection and containment. 3. Widen your threat model. The skill floor has collapsed. Adaptive, competent attacks can now come from completely unsophisticated actors armed with an AI agent and a target list. 4. Add AI-driven attack scenarios to your next tabletop exercise — and decide in advance who can authorize automated containment, because you won't have time to convene a meeting mid-attack. References: 1. Sysdig — JADEPUFFER: Agentic Ransomware for Automated Database Extortion (https://www.sysdig.com/blog/jadepuffer-agentic-ransomware-for-automated-database-extortion [https://www.sysdig.com/blog/jadepuffer-agentic-ransomware-for-automated-database-extortion]) 2. BleepingComputer — JADEPUFFER ransomware used AI agent to automate entire attack (https://www.bleepingcomputer.com/news/security/jadepuffer-ransomware-used-ai-agent-to-automate-entire-attack/ [https://www.bleepingcomputer.com/news/security/jadepuffer-ransomware-used-ai-agent-to-automate-entire-attack/]) 3. The Hacker News — AI agent exploits Langflow RCE (https://thehackernews.com/2026/07/ai-agent-exploits-langflow-rce-to.html [https://thehackernews.com/2026/07/ai-agent-exploits-langflow-rce-to.html]) 4. NVD — CVE-2025-3248 (Langflow unauthenticated RCE) (https://nvd.nist.gov/vuln/detail/CVE-2025-3248 [https://nvd.nist.gov/vuln/detail/CVE-2025-3248]) 5. ESET — PromptLock, the first AI-powered ransomware (NYU proof-of-concept) (https://www.eset.com/us/about/newsroom/research/eset-discovers-promptlock-the-first-ai-powered-ransomware/ [https://www.eset.com/us/about/newsroom/research/eset-discovers-promptlock-the-first-ai-powered-ransomware/]) 6. Anthropic — Detecting and countering misuse (vibe hacking / GTG-2002) (https://www.anthropic.com/news/detecting-countering-misuse-aug-2025 [https://www.anthropic.com/news/detecting-countering-misuse-aug-2025]) 7. Anthropic — Disrupting AI espionage (GTG-1002) (https://www.anthropic.com/news/disrupting-AI-espionage [https://www.anthropic.com/news/disrupting-AI-espionage])
79 episoder
Kommentarer
0Vær den første til at kommentere
Tilmeld dig nu og bliv en del af Cyberside Chats: Cybersecurity Insights from the Experts-fællesskabet!