“The skill floor for running ransomware has dropped to whatever it costs to run an agent, and if that agent is running on stolen credentials through LLMjacking, the cost to an attacker is close to zero.”

Sysdig says an LLM agent it calls JadePuffer broke into Langflow, pivoted to a database, encrypted 1,342 config items and wrote its own ransom note. No human at the wheel. The kicker: it destroyed the backups too, so paying gets you nothing. The security vendors who spent two years warning about this are the same ones now selling you the cure.