Knowledge
An AI Ran a Ransomware Attack in 31 Seconds. The Doors It Used Were Old Ones.
The headline says a machine ran a ransomware attack with no human at the keyboard. The full story is calmer, and far more useful. The AI got in through a missed update and a stolen password. Here's what that means for your store.
July 8, 2026 · Confidanti · 4 min read
- news
- ai
- ransomware
- patching
- credentials
This month the security firm Sysdig published something unsettling: an operation it calls JadePuffer, which it describes as a ransomware attack whose hands-on-keyboard work was run by an autonomous AI agent. The agent broke in, moved through the network, encrypted more than 1,300 records, wrote its own ransom note and recovered from a failed step and pressed on in about 31 seconds. The headlines wrote themselves: the first ransomware attack with no human at the keyboard.
It's a genuinely important story. It's also been oversold. But the calmer, true version is the one that actually helps you protect your store.
Read past the headline
The "no human involved" framing didn't survive the week. As Sysdig's own threat researchers clarified, humans were involved — they just weren't the ones typing. People chose the victim, set up the attack infrastructure, and handed the AI the stolen credentials it needed to get started. The AI did the technical execution; the strategy was human.
And here's the detail that deflates the sci-fi version entirely: researchers couldn't even identify which AI was behind it. The attack found model API keys, but they were not fingerprints of the model driving it. This wasn't a sentient super-hacker. It was an ordinary crew that pointed an AI tool at the boring, technical part of the job.
The doors it walked through were old
Strip away the AI and look at how JadePuffer actually got in. Two doors — the same ones attackers have always used:
- A known, unpatched vulnerability. The break-in used a flaw in an internet-facing piece of software that already had a fix available. The door was unlocked only because nobody had installed the update. For an online store, that door is rarely exotic: it's the checkout or catalog plugin with a known flaw you've been meaning to update or an admin dashboard reachable from any browser.
- Stolen credentials. Handed to the agent by its human operators, harvested from an earlier compromise.
That's it. The AI didn't discover a magical new way in. It ran through a missed update and a borrowed password: the two most common entry points in every breach we see, with or without a robot involved.
What's actually new: speed and price
So what should you take from this? Two things, and neither is "AI makes you defenseless."
Speed. When an attack finishes in under a minute, there is no time to react mid-incident. The whole game moves to prevention — closing doors before anyone tries them — because nobody, human or machine, is going to catch and stop a 31-second attack in progress.
Price. Sysdig put it bluntly: "the skill floor for running ransomware has dropped to whatever it costs to run an agent." Attacks that used to need skill now need a subscription. That means more of them, running on autopilot, probing more targets for the same old weaknesses. The unpatched plugin you've been meaning to update just moved up everyone's list, because now a machine is doing the looking, cheaply, around the clock.
What actually protects your store
Here's the reassuring part: because the doors are old, the locks are ones you already have. As the security team you don't have to hire, this is where we'd start.
- Keep your store platform and its plugins updated. This is the exact door JadePuffer used. Consider automatic updates wherever your platform offers them, and make "apply the update" a weekly habit, not a someday task. We'd rather nag you about a boring plugin update than help you clean up after the hole it left open.
- Put MFA on every admin and payment login. Stolen credentials were the other door. Multi-factor authentication makes a stolen password not enough, and giving each person only the access they need means one borrowed login can't reach your whole store.
- Let something watch while you run the store. At machine speed, prevention comes first. But the attempt you don't prevent has to be caught quickly. That's the part we handle: keeping an eye out so a 31-second break-in doesn't get 31 unnoticed hours.
The calm version is the true one
The frightening reading of JadePuffer is that AI has made attackers unstoppable. The accurate reading is the opposite: it rewarded the business that had closed its basic doors and punished the one that had left a known hole open with a password lying around.
AI is changing the economics of attacks — more of them, faster, cheaper. It hasn't changed what lets them in. The fundamentals didn't get less important this month. The cost of skipping them did.
For your IT team. Two of these locks live deeper than the storefront: patching internet-facing services on a real cadence (JadePuffer's way in was a known CVE with a fix out for months), and keeping admin panels, databases, and management tools off the public internet entirely. We keep the technical version of this playbook for whoever owns that side of your stack. See what we'd check →
Wondering which of your doors are standing open? Finding the exposed, unpatched, and misconfigured things an automated attacker would reach first is the first step of every Confidanti engagement — talk to us.