AI could have carried out an entire cyber attack on its own

The entire process takes place automatically including hacking, credential theft, deeper penetration into the system, encryption and deletion of the company's production database before demanding a ransom in Bitcoin. Sysdig named the "attacker" Jadepuffer and called this the first case of an AI agent performing an end-to-end cyberattack without human assistance.
"Since becoming a form of threat, ransomware has always been directly controlled, or at least scripted. However, the Sysdig Threat Research Team (TRT) has recorded the first case of this: a complete ransomware campaign controlled from start to finish by a large language model (LLM), "Michael Clark, Director of Threat Research at Sysdig, wrote on a blog last week.
According to Hacker News, Jadepuffer exploits CVE-2025-3248, a lack of authentication vulnerability in Langflow - an open source tool that helps build AI applications and agent workflows. This vulnerability allows anyone with access to the server to run their Python code without logging in.
Servers running Langflow are attractive targets because they are often public on the Internet, storing many API keys and cloud credentials for the services they connect to. CVE-2025-3248 has been patched and added to the US Cybersecurity and Infrastructure Security Agency (CISA) vulnerability list in May 2025, but many servers are still not updated.
Jadepuffer has the ability to adjust strategies on the fly and work faster than good hackers. "The system automatically adjusts in real time, retrying the failed step with fine-tuned parameters. In one scenario, the system went from failed login to troubleshooting in just 31 seconds," Clark said.
The Sysdig expert team noted that even if the ransom is paid, victims cannot restore the compromised data because the AI agent deleted them without backup.

According to Independent, Sysdig's findings have not been independently verified but show a great risk from AI systems as they are increasingly capable of carrying out complex cyber attacks without human supervision.
Last month, security organization Five Eyes warned that in just "a few months", AI could cause serious impacts for businesses and governments. "The most advanced AI models are expected to far exceed current industry expectations, fundamentally changing both offensive and defensive cyber capabilities. This requires a response at an organization-wide and society-wide scale," the organization stated.