<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>cybercrime.club</title><link>https://cybercrime.club/tags/database-security/</link><description>Infrastructure security news for people who build infrastructure.</description><generator>Hugo -- gohugo.io</generator><language>en-us</language><lastBuildDate>Sun, 05 Jul 2026 11:06:54 -0400</lastBuildDate><atom:link href="https://cybercrime.club/tags/database-security/" rel="self" type="application/rss+xml"/><item><title>JADEPUFFER: First Documented Ransomware Attack Run End-to-End by an AI Agent</title><link>https://cybercrime.club/posts/jadepuffer-ai-agent-langflow-cve-2025-3248-autonomous-ransomware/</link><pubDate>Sun, 05 Jul 2026 11:06:54 -0400</pubDate><guid>https://cybercrime.club/posts/jadepuffer-ai-agent-langflow-cve-2025-3248-autonomous-ransomware/</guid><description>Sysdig documents JADEPUFFER, an LLM-driven agent that autonomously exploited a year-old Langflow RCE (CVE-2025-3248) to breach, pivot, and encrypt a production database with zero human operator input.</description><category>vulnerabilities</category></item></channel></rss>