AI Agents Deployed in Real-World Cybersecurity Offense and Defense
AI 안전 | Tue Jul 07 2026 00:00:00 GMT+0000 (Coordinated Universal Time) | 2 sources
The Government of Alberta used Claude to scan for vulnerabilities while the first agentic ransomware attack case was documented.
Analysis
[Government of Alberta] conducted large-scale security vulnerability inspection of government systems using Claude Code [1]
- Scanned 466 million lines of code in 20 hours
- Utilized Claude Opus and Sonnet models
- Approximately 50 agents worked autonomously in parallel
- Targeted 1
- 280 applications and 3
- 400 repositories
[Alberta Ministry of Technology and Innovation] automatically remediated discovered vulnerabilities and published a technical white paper [1]
- Protected sensitive information including tax records
- procurement data
- and social services files
- Addressed billions of dollars worth of technical debt
- Released a white paper for other government agencies
[Sysdig] disclosed JadePuffer as the first agentic ransomware attack case [2]
- AI agent autonomously performed everything from intrusion to file encryption
- Server infiltration via Langflow vulnerability
- Seized MySQL server administrator privileges and encrypted over 1
- 300 configuration records
- Left self-authored ransom notes and Bitcoin addresses
[Michael Clark] corrected reports characterizing the attack as fully unmanned [2]
- Humans performed infrastructure provisioning and victim selection
- People handled command-and-control server and staging server setup
- Credentials used for intrusion were separately obtained through prior compromise
[JadePuffer Attack Analysis] could not identify the driving model but confirmed API key theft [2]
- Stole OpenAI
- Anthropic
- DeepSeek
- and Gemini API keys
- Stolen keys were loot rather than the models driving the attack
- The model actually powering the agent could not be identified