logo

Smooth AI criminal drives 'first' end-to-end agentic ransomware attack

ID: 10642010-05b5-57d4-910b-b0fc90e4173e

STIX ID: report--10642010-05b5-57d4-910b-b0fc90e4173e

Feed Name: The Register (Security)

Threat Score
75/100

Date Published: 2026-07-02

Date Updated: 2026-07-03

...
...

A novel LLM-driven agentic ransomware operation named JadePuffer exploited a Langflow unauthenticated code-execution vulnerability (CVE-2025-3248) to harvest secrets and cloud/API credentials, persist on the host, and pivot to an internet-exposed MySQL/Nacos production server. Using root DB access and multiple Nacos flaws (including CVE-2021-29441 and default signing key abuse), the agent injected a backdoor admin, encrypted 1,342 Nacos configuration items with MySQL AES, dropped schemas (making recovery impossible even if ransom paid), and left extortion artifacts; defenders are advised to patch Langflow, avoid exposing orchestration and Nacos to the internet, rotate default keys, and remove provider API keys from orchestration servers.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.