Monday , July 6 2026
AI

An AI performed a cyber attack without any human help for the first time

Security experts found what they think is the first time an AI carried out a cyber attack all by itself. The complete automated campaign used an AI to carry out a ransomware attack. Victims have to pay money to get their data back.

A team from the cloud security company Sysdig said that an AI attacker dubbed ” Jadepuffer ” got into a weak server, found passwords and login details, and then locked a production database while asking for a bitcoin ransom.

“Bad Epoll” 0-Day Vulnerability Allows Root Access on Linux Servers, Android Devices

A new Linux flaw called “Bad Epoll” (CVE-2026-46242) lets regular users get root access on Linux servers, desktops, and Android...
Read More
“Bad Epoll” 0-Day Vulnerability Allows Root Access on Linux Servers, Android Devices

An AI performed a cyber attack without any human help for the first time

Security experts found what they think is the first time an AI carried out a cyber attack all by itself....
Read More
An AI performed a cyber attack without any human help for the first time

Singapore major data centres, cloud providers could incur fine up to $1m

Major data center and cloud service providers might have to pay a fine of up to $1 million or up...
Read More
Singapore major data centres, cloud providers could incur fine up to $1m

IBM-managed instance breach exposes personal data of 70,000 in Singapore

The Singapore Land Authority (SLA) has announced that the personal details of around 70,000 people were leaked after someone accessed...
Read More
IBM-managed instance breach exposes personal data of 70,000 in Singapore

Alibaba Reportedly Bans Claude Code for Suspected AI Tool Backdoor

Alibaba is said to be getting ready to ban the use of Anthropic’s Claude Code in its own systems starting...
Read More
Alibaba Reportedly Bans Claude Code for Suspected AI Tool Backdoor

CISA KEV Adds SharePoint RCE CVE-2026-45659 After Active Exploits

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a serious problem affecting Microsoft SharePoint Server to its list of...
Read More
CISA KEV Adds SharePoint RCE CVE-2026-45659 After Active Exploits

Nepal Unveils First “Hall of Fame” for Ethical Hackers

Nepal has started a 'Hall of Fame' program to honor cybersecurity researchers who safely report security flaws in government digital...
Read More
Nepal Unveils First “Hall of Fame” for Ethical Hackers

900+ Oracle E-Business instances Exposed Online

The Shadowserver Foundation found about 950 Oracle E-Business Suite (EBS) systems on the internet around the world. This discovery came...
Read More
900+ Oracle E-Business instances Exposed Online

India asks WhatsApp not to roll out ‘username’ feature over fraud concerns

The Indian government issued a notice WhatsApp planned to roll out its new 'username' feature. They are worried about fake...
Read More
India asks WhatsApp not to roll out ‘username’ feature over fraud concerns

Azure CLI Password Spray Impacts 78 Microsoft Accounts in 81M+ Attempts

Cybersecurity researchers have warned of a "massive, ongoing, automated password spray attack" aimed at Microsoft's Azure command-line interface (CLI), compromising...
Read More
Azure CLI Password Spray Impacts 78 Microsoft Accounts in 81M+ Attempts

“Ransomware has had a human at the keyboard, or at least a human writing its script, since it was first established as a category of threat,” Michael Clark, director of threat research at Sysdig, wrote in a blog post”.

“The Sysdig Threat Research Team (TRT) has captured what we assess to be the first documented case of agentic ransomware: a complete extortion operation driven end-to-end by a large language model (LLM).”

Immediately after gaining access to Langflow, an open source tool for building AI applications, the LLM began looking for credentials “with explicit coverage of Chinese providers” like Alibaba, Tencent and Huawei.

The self-driving system could change its tactics right away, working faster than the best human operators. “The most striking characteristic, however, was the LLM’s behaviour,” Mr Clark said.

“The operation adapted in real time, retrying failed steps within refined parameters. In one sequence, it went from a failed login to a working fix in 31 seconds.”

Even if the victim paid the ransom, they still couldn’t get back the stolen data because the AI had already deleted it and didn’t make any backups.

The results need yet to be verified by others, but the event shows a rising danger that AI systems create as they get better at doing complicated cyber attacks without human control.

The Five Eyes security group gave a rare warning last month that AI could cause big havoc for businesses and governments in just a few months.

“Frontier AI models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities,” the warning stated. “A whole-of-organization and whole-of-society response is required.”

Check Also

AI chip

OpenAI unveils its first custom chip, Named Jalapeño

On Wednesday, OpenAI introduced its first special AI chip. This is aimed at growing from …