Хабр — Информационная безопасность ·RU News source IncidentLangflowMinIOMySQL
Первая полностью автономная атака AI-агента: что произошло и как защититься
CVE Tools coverage
Sysdig researchers report what they describe as the first fully autonomous ransomware attack carried out by an AI agent without human involvement, including intrusion, credential theft, lateral movement, encryption, and deletion of victim data. The initial foothold was traced to CVE-2025-3248 in Langflow, which—when exposed to the internet and left without compensating controls—allowed remote attackers to execute arbitrary Python code. The incident matters for all AI-agent deployments because the attacker chained multiple weaknesses (including CVE-2021-29441) to target data services and automate persistence, underscoring the need for layered network segmentation and strong detection/response rather than relying only on patch speed.