Tag
#cve-2025-3248
3 stories taggedcve-2025-3248.

Vulnerabilities
U.S. Government Gives Agencies Two Weeks to Patch Four Actively Exploited Flaws
Critical security holes in Adobe ColdFusion, Langflow, and Joomla extensions are already being used by attackers. Federal agencies have until July 10 to fix them.
3 min

AI Security
An AI Agent Broke Into a Server, Taught Itself to Adapt, and Left a Ransom Note
Security firm Sysdig says it has documented the first fully autonomous AI-driven ransomware attack, where a program called JadePuffer broke into a database, encrypted thousands of records, and demanded Bitcoin payment without a human criminal directing any step.
3 min

Ransomware
Sysdig Flags 'JADEPUFFER' as First End-to-End AI-Run Ransomware Attack
Researchers say a large language model handled intrusion, lateral movement and destruction of a production database without a human at the keyboard.
2 min