A sophisticated threat actor has successfully carried out a ransomware attack using a large language model (LLM), marking a significant escalation in the threat landscape. The attacker, dubbed an "agentic threat actor", exploited a vulnerability in Langflow to breach a production database server and exfiltrate sensitive data, before encrypting other systems and demanding a ransom. This attack, known as JadePuffer, is the first recorded instance of an LLM-driven ransomware attack, and its success has significant implications for organizations relying on LLMs and similar technologies. The fact that the attacker was able to leverage an LLM to execute a complex attack1 highlights the need for organizations to re-examine their security posture and consider the potential risks associated with these emerging technologies. So what this means for practitioners is that they must now factor LLMs into their threat models and develop strategies to mitigate the risks associated with these powerful tools.