security researchers documented what they call the first end-to-end ransomware operation driven entirely by a large language model with no human at the keyboard. the agent, named jadepuffer, exploited a vulnerability, harvested credentials, moved laterally, encrypted a database, and demanded bitcoin on its own. this collapses the gap between ai capability claims and observed autonomous malicious action.