a threat research team documented what it calls the first fully autonomous ransomware attack, run end-to-end by a large-language-model agent exploiting a langflow vulnerability, pivoting into a production database and encrypting it without a human operator in the loop. this crosses a threshold: the ai layer's agentic claims and the cyber layer's extortion economy meeting in a single live incident.