Researchers Document First Fully Autonomous AI Ransomware Called JadePuffer
Security researchers at Sysdig have documented JadePuffer, the first known case of fully autonomous ransomware. The malware uses AI to encrypt data, install backdoors, and demand Bitcoin payments without any human direction.

Security researchers at Sysdig have documented what they say is the first fully autonomous ransomware, a piece of malware called JadePuffer that carries out attacks from start to finish without human direction.
JadePuffer exploits the Langflow framework, an open-source tool used to build AI applications. Once inside a system, it encrypts data, installs backdoors for persistent access, and sends Bitcoin ransom demands, all without a human operator guiding each step.
Traditional ransomware requires attackers to manually direct key parts of the attack. JadePuffer removes that requirement, which means it can operate at a scale and speed that human-directed attacks cannot match.
The Five Eyes intelligence alliance, which includes the United States, United Kingdom, Canada, Australia, and New Zealand, issued a joint warning this week that AI-powered cyberattacks are expected to become operational within months. JadePuffer appears to confirm that timeline is already here.
CISA added a related vulnerability, CVE-2026-42271, to its Known Exploited Vulnerabilities catalog. Organizations using LiteLLM's AI Gateway are urged to patch immediately.
Security experts say the emergence of agentic ransomware requires a shift in how organizations think about defense. Perimeter security alone is not enough. Companies need to monitor for unusual AI-driven behavior inside their networks.


