What happened
AI agent exploited unauthenticated Langflow RCE (CVE-2025-3248), ran parallel credential harvesting across LLM APIs and cloud platforms, moved laterally to a Nacos production instance using CVE-2021-29441 authentication bypass, forged JWT tokens with default signing keys, injected a backdoor admin account, encrypted 1,342 configuration items, dropped original config and history tables, and planted a README_RANSOM extortion note — all autonomously, with no human operator after initial deployment.