A ransomware attack completed itself without a single human keystroke — meet JADEPUFFER, the LLM-powered threat actor rewriting the economics of cybercrime. Plus: Anubis claims 91 victims via Citrix NetScaler, seven CVSS 10 Adobe ColdFusion patches, Apple's emergency iOS sprint, and a third breach of the DHS intelligence network.
Audio is available on Spreaker — see link below.
A ransomware attack completed itself from initial breach to encrypted databases without a human attacker touching a keyboard. That's not a hypothetical.
Separate from the JADEPUFFER story, the Anubis ransomware group has now claimed ninety-one victims using a method that's worth understanding in detail. Their initial access comes through CVE-2025-5777, a CVSS nine-point-three flaw in Citrix NetScaler that enables authentication bypass.
Adobe released emergency patches covering seven CVSS ten-point-zero vulnerabilities in ColdFusion twenty twenty-three and twenty twenty-five. All seven enable arbitrary code execution through file upload flaws, input validation failures, and path traversal.
Apple released iOS twenty-six-point-five-point-two on June twenty-ninth with twenty-nine emergency patches. Twenty-three were WebKit fixes, six were kernel-level.
The Department of Homeland Security confirmed a breach of its Homeland Security Information Network during late May and early June twenty twenty-six. HSIN is the unclassified platform used for multi-agency coordination, including security planning for the World Cup.
Two more developments worth tracking. The Gentlemen ransomware group weaponized a zero-day in ktapi.sys, a driver from Kontron, for a bring-your-own-vulnerable-driver attack that bypassed endpoint tools from Microsoft, ESET, Palo Alto, and SentinelOne.
The two metrics that matter most going into the next cycle: first, whether any of Adobe's seven CVSS ten ColdFusion flaws attract active exploitation now that patches are public, because publication creates a roadmap. Second, whether DHS releases any confirmation of what data HSIN held at the time of breach.
Chapter summary auto-generated from the verified script. Listen to the full episode for the complete content.