
JadePuffer: Researchers Flag First Ransomware Attack Run Entirely by an AI Agent
Security researchers say the JadePuffer operation marks the first documented case of a ransomware attack automated end-to-end by a large language model agent.

Oliver Bennett
Editor-in-Chief · London
A new milestone in automated cyberattacks
Security researchers have identified what they describe as the first documented instance of a ransomware operation carried out entirely by a large language model (LLM) agent, according to reporting by BleepingComputer. The operation, tracked under the name JadePuffer, reportedly relied on an autonomous AI system to manage the full sequence of the attack rather than depending on step-by-step human direction.
The finding is significant because it suggests a shift in how intrusions may be conducted. Traditionally, ransomware campaigns involve human operators moving through distinct stages — initial access, escalation, lateral movement, data handling and extortion. In the JadePuffer case, researchers indicate that these tasks were coordinated by an AI agent, pointing to a level of automation not previously confirmed in a real-world ransomware event.
Keep reading
Malicious PyPI Packages Hijack Telegram Bot Servers, Researchers Warn
A supply-chain campaign active since November has been slipping trojanized Pyrogram forks onto PyPI, handing attackers the ability to read files on compromised Telegram bot servers.
One newsletter, two continents
The Bridge brings you the tech, startups, and leaders moving between Africa and Europe — one sharp email each morning. No spam, unsubscribe anytime.









