{"uuid": "c6a2ddac-7b88-4160-8cc5-375c1df5b9c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3248", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mpoohok6u22c", "content": "Sysdig reports the first ransomware attack fully executed by an AI agent, named JADEPUFFER, exploiting CVE-2025-3248 in Langflow. The AI autonomously infiltrated a network, stole credentials, and encrypted a MySQL database, leaving a ransom note with a Bitcoin address.", "creation_timestamp": "2026-07-02T18:37:57.743709Z"}