[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fJQTFOWRPx-VZp9f9hzDNuljaeAZWDEm2RJBUd-RHp_M":3},{"article":4,"iocs":52},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":27,"category":28,"article_tags":31},"f59f687c-3ae1-4779-b768-89e908c77ed0","JadePuffer: The First Complete LLM-Driven Ransomware Attack","jadepuffer-the-first-complete-llm-driven-ransomware-attack-c0578c","An \"agentic threat actor\" successfully exploited a Langflow flaw to steal data from a production database server and encrypt other systems.","A novel ransomware attack, dubbed JadePuffer, has been identified, marking the first known instance of an 'agentic threat actor' leveraging Large Language Models (LLMs). The attacker exploited a vulnerability in Langflow, a tool for building LLM applications, to gain access to a production database server, exfiltrate data, and subsequently encrypt other systems. This development signifies a significant advancement in automated cyber threats.","Agentic threat actor uses Langflow flaw for LLM-driven ransomware attack.",null,"https:\u002F\u002Fwww.darkreading.com\u002Fcyberattacks-data-breaches\u002Fjadepuffer-first-complete-llm-driven-ransomware-attack","https:\u002F\u002Feu-images.contentstack.com\u002Fv3\u002Fassets\u002Fblt6d90778a997de1cd\u002Fbltbc06310368e21110\u002F6a4bdbe6a6d4757864059ce1\u002Fllm-Boy_Wirat-Getty-2149059417.jpg?width=720&quality=80&disable=upscale","2026-07-06T16:36:50+00:00","2026-07-06T18:00:29.685311+00:00",9,[18,21,24],{"name":19,"type":20},"JadePuffer","threat_actor",{"name":22,"type":23},"LLM","technology",{"name":25,"type":26},"Langflow","product","7d8b5ab8-ea0b-4ced-ae97-ec251b86993a",{"id":27,"icon":11,"name":29,"slug":30},"Ransomware","ransomware",[32,37,42,47],{"category":33},{"id":34,"icon":11,"name":35,"slug":36},"80544778-fabb-4dcd-aa35-17492e5dcf4f","Vulnerabilities","vulnerabilities",{"category":38},{"id":39,"icon":11,"name":40,"slug":41},"839da5c1-3c34-47e2-9499-f7201640e3ac","AI Security","ai-security",{"category":43},{"id":44,"icon":11,"name":45,"slug":46},"89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5","Malware","malware",{"category":48},{"id":49,"icon":11,"name":50,"slug":51},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[53],{"type":46,"value":19,"context":54},"Name of the LLM-driven ransomware"]