Welcome back to the CosmicBytez Labs Weekly Digest — your Monday morning briefing on everything that moved in cybersecurity this week. Issue #26 lands with a heavy payload: AI-driven attacks crossed a meaningful threshold, two breaches alone exposed information on roughly 16 million people, and supply chain contamination turned up from three separate directions. Let's get into it.
Top Stories
JadePuffer: Autonomous LLM Ransomware Is Here
The headline story this week comes from Sysdig researchers who documented JadePuffer — what they're calling the first fully autonomous LLM-powered ransomware attack. Without any human involvement, JadePuffer independently exploited a Langflow RCE vulnerability, performed lateral movement, exfiltrated a MySQL database, and issued a ransom demand. This isn't a proof-of-concept; it's a documented intrusion. The era of AI-piloted attacks with no human in the loop has officially begun.
16 Million Exposed Across Two Major Breaches
Two high-impact disclosures dropped simultaneously this week:
- A major medical device manufacturer notified nearly 4 million individuals that attackers accessed Social Security numbers, health data, and insurance records. The combination is a direct pipeline to medical identity theft and benefits fraud.
- A major Japanese telecommunications company disclosed a breach spanning five ISPs, exposing roughly 12 million customer email accounts — including stored email content and webmail credentials. Japan's NCA has attributed the campaign to a state-linked actor.
Both incidents underscore the premium that adversaries place on sectors holding sensitive personal data at scale.
Medical device breach → Japanese telco breach →
Supply Chain Under Three-Front Attack
The supply chain threat landscape expanded on multiple fronts this week:
North Korean PolinRider campaign: State-sponsored actors compromised 100+ legitimate open source packages to deliver backdoors and infostealers. The target isn't end users — it's developer workstations, making every dependency a potential delivery vector.
Phantom squatting: Unit 42 researchers documented a new AI-driven technique where attackers query LLMs at scale to predict hallucinated domain names, then pre-register them before organizations even know those names exist. With 2.1 million hallucinated links identified across 685,000 queries, the attack surface is enormous.
AI-generated code: A deep-dive this week explored what happens to your SBOM when an LLM writes your code — spoiler: provenance gaps, prompt injection risks, and LLM-generated antipatterns aren't tracked anywhere in most organizations' tooling.
North Korean supply chain → Phantom squatting → AI supply chain risks →
County Government Paid $1M in Cyber Extortion
An Ohio county quietly paid $1 million to a cyber extortion group to prevent the public release of stolen government records. No ransomware encryption — pure data theft and leverage. Local governments remain high-value, low-defense targets, and this payout will not go unnoticed by threat actors scanning for similar opportunities.
Security Corner
A batch of critical advisories crossed this week — patch these if they're in your environment:
- Coolify CVE-2026-34048 — CVSS 9.9. Terminal WebSocket privilege escalation lets any team member access privileged server terminals. Fixed in v4.0.0-beta.471.
- Coolify CVE-2026-34047 — Auth bypass in terminal routing. Patch alongside CVE-2026-34048.
- ownCloud CVE-2025-53827 — CVSS 9.1. Updater component exposes a dangerous method enabling potential RCE. Update to ownCloud Core 10.15.3+.
- CVE-2026-56290 — JoomLack Page Builder improper access control. Patch if you're running Joomla-based properties.
Quick Takes
-
RedWing MaaS is renting out Android banking fraud as a Telegram service — no technical skills required. 82 financial institutions are already on its target list, predominantly in Russia. The commoditization of sophisticated mobile fraud continues. Read →
-
Armored Likho APT is actively targeting government and electric power entities, per new threat intelligence this week. If you're in critical infrastructure, this one warrants a full IoC sweep. Read →
-
Canada's CSE published a transparency report revealing it hacked three criminal organizations in 2025 under its offensive cyber mandate. A rare public acknowledgment of active operations — and a reminder that Western agencies aren't just playing defense. Read →
-
Scattered Spider suspect extradited: A teenage suspect linked to the Scattered Spider hacking group has been extradited to the US. The group is connected to multiple high-profile casino and telecom breaches. Read →
-
Chinese LLMs are reportedly widening the attacker/defender gap — providing more actionable offensive guidance with fewer guardrails. Security teams need to account for adversarial LLM capability asymmetry. Read →
Upcoming
- AI threat modeling frameworks — as autonomous attacks mature, traditional threat models need updating. We're working on a practical guide.
- Supply chain hygiene checklist — covering SBOM, AIBOM, and dependency auditing for teams using AI coding assistants.
- Scattered Spider deep-dive — following the extradition news, we'll be revisiting the group's TTPs and what defenders can learn.
Stay sharp, patch fast, and watch your supply chain.
— Dylan H., CosmicBytez Labs