Discover how the Rogue Agent vulnerability in Google Dialogflow CX enabled persistent AI agent compromise, data exfiltration, ...
Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
One of the Russian government’s most elite hacking groups has adopted an attack, known as Clickfix, to compromise devices belonging to sensitive organizations in Ukraine, the latter country’s CERT ...
Cloud security firm Sysdig has documented what it says is the first ransomware attack carried out from initial exploitation through encryption by an autonomous AI agent, without a human directing each ...
A threat group researchers call "Armored Likho" has gained access to government agencies and electrical power entities in ...
The FBI warned that TeamPCP software supply chain attacks targeted developer tools to steal cloud credentials, SSH keys, and ...
Threat researchers at cloud security firm Sysdig have disclosed what they describe as the first documented ransomware operation carried out end-to-end by an autonomous AI agent, with no human typing ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Sophos says Claude Code, Cursor, and Codex triggered Windows endpoint rules for credential access, LOLBin downloads, and ...
Researchers at Sysdig say an AI agent called JADEPUFFER carried out a fully autonomous ransomware attack in just 31 seconds, exploiting a Langflow CVE-2025-3248 flaw, adapting to failed exploits in ...
Rogue Agent, a vulnerability in Google Cloud Dialogflow CX, allowed attackers to control agents and exfiltrate sensitive data.
JadePuffer, a ransomware operation, used an AI agent to carry out much of the intrusion chain from reconnaissance, key theft, ...