The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

JADEPUFFER: Agentic Ransomware Signals a New Era of AI-Driven Cyber Operations

Jul 10, 2026 11:24:05 AM / by The Hivemind posted in Threat Bulletin, AI-powered ransomware, AI-generated malware, autonomous cyber attacks, JADEPUFFER, autonomous malware, agentic ransomware, LLM malware

0 Comments


Executive Summary

Industry researchers recently documented JADEPUFFER, a ransomware operation they assess to be the first publicly documented example of agentic ransomware. Unlike traditional ransomware operations that rely on manually operated toolkits or prebuilt malware, JADEPUFFER reportedly leveraged a large language model (LLM) to autonomously perform reconnaissance, credential theft, lateral movement, persistence, and database extortion. Although the campaign primarily abused well-known vulnerabilities and insecure configurations rather than novel exploits, its ability to adapt to operational failures and generate new task-specific payloads demonstrates how AI may significantly lower the barrier to conducting sophisticated cyberattacks while creating new challenges for defenders.

Read More

PromptLock AI-Powered Ransomware

Sep 5, 2025 2:36:00 PM / by The Hivemind posted in Threat Bulletin, Data Exfiltration, Linux Malware, Windows Malware, file encryption, proof of concept, AI-powered ransomware, PromptLock malware, AI cybersecurity threats, Golang ransomware, Lua scripts, POC

0 Comments

Verticals Targeted: None yet
Regions Targeted: None yet
Related Families: None

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts