Researchers have uncovered what is being described as the first fully autonomous, AI-orchestrated ransomware attack. Dubbed “Jade Puffer,” or “JADEPUFFER”, this intrusion was coordinated almost entirely by a large language model (LLM). From initial reconnaissance and credential theft to network encryption and ransom demand generation, the AI agent executed the attack chain with minimal human oversight.
As highlighted in a recent report, 🔗this marks a stark warning for enterprise security teams. The technical barrier to entry for cybercriminals has just plummeted, meaning the volume and velocity of highly sophisticated attacks are set to rise.
At Mondas, our aim is to ensure organisations stay steps ahead of these emerging threats. Combating agentic AI requires a multi-layered, highly informed approach that blends expert human oversight with best-in-class technological defences.
AI Risk Reviews
You can’t defend against a threat you do not fully understand. As AI systems become deeply integrated into everyday business operations, they introduce an entirely new attack surface.
The first step towards robust resilience for some businesses is conducting an AI Risk Review. At Mondas, our teams conduct deep-dive assessments of your digital infrastructure to identify where AI could be exploited, either by external threat actors leveraging tools like Jade Puffer, or through internal vulnerabilities such as “shadow AI” (unauthorised generative AI tools used by employees).
Our review process maps your complete data ecosystem, evaluating:
Data Access and Flow |
Identifying where sensitive information interacts with external or internal LLMs. |
Vulnerability Profiling |
Assessing current perimeter defences against AI-driven tactics, such as automated prompt injections or rapid credential stuffing. |
Compliance and Governance |
Ensuring your data handling aligns with the latest regulatory standards for AI usage, echoing the 🔗guidance provided by the National Cyber Security Centre (NCSC). |
The Human Firewall
The Jade Puffer attack demonstrates the chilling efficiency of autonomous code but threat actors still rely on human error to gain that vital initial foothold. AI has supercharged social engineering, allowing attackers to generate hyper-personalised, contextually flawless phishing emails and deepfake audio at an unprecedented scale.
Technology alone can’t secure an organisation; your teams need to be equipped to recognise elevated threats. Continuous, up-to-date training is non-negotiable. Mondas provides tailored programmes designed to foster a culture of vigilance. We aim to teach teams how to spot the subtle hallmarks of AI-generated communications, instilling critical thinking workflows that act as a primary line of defence before a malicious payload ever touches your network.
CrowdStrike AIDR
Traditional Endpoint Detection and Response (EDR) solutions are foundational, but they’re increasingly insufficient against AI models that can dynamically alter their tactics to evade detection.
To neutralise threats like Jade Puffer, we would typically look at solutions like CrowdStrike’s AI Detection and Response (AIDR) platform. AIDR represents the next evolution in cyber defence, specifically built to secure the AI-native attack surface. By integrating this platform, Mondas helps organisations:
Monitor Autonomous Agents |
AIDR establishes baselines for normal network operations and continuously tracks behaviour. If an AI agent attempts to access data outside its typical scope or execute unauthorised commands, AIDR halts it in real-time. |
Block Prompt Injections |
Adversaries frequently use malicious prompts to bypass safety guardrails or extract sensitive training data. AIDR inspects inputs and outputs at sub-millisecond latency, neutralising these attempts before they compromise the system. |
Automate Intelligent Response |
When an autonomous threat strikes, manual triage is too slow. We configure AIDR to automatically contain threats, prevent data exfiltration, and enforce security policies without degrading the end-user experience. |
Securing Digital Footprints
The emergence of JadePuffer isn’t a reason to panic, but it is a clear signal that the rules of the game have changed. As artificial intelligence continues to democratise the capabilities of cybercriminals, businesses need to respond by elevating their security posture with expert insights, rigorous training, and cutting-edge defensive AI.
If you’re struggling to navigate the complexities of the issues outlined in this article, Mondas specialises in advanced AI risk mitigation and data security. Contact our security team today to schedule an AI Risk Review and secure your organisation against the next generation of cyber threats.
Article brought to you by Lance Nevill – vCISO, Mondas, see Lance’s profile here: 🔗LinkedIn Profile
Article First Published: July 7, 2026


