Cyber Weekly: BlueHammer, JadePuffer, and the AI threat surge

AI ran a ransomware attack start to finish with no human help. A CVSS 10.0 in remote support software used by every MSP. A 55% spike in European ransomware. And that was just one week. Here's what you need to know from June 29 through July 5.

I've been doing this long enough to know that most weeks, the biggest story is a variation on something we've seen before. A new ransomware variant. Another vulnerability in something you probably have running. A breach notification that arrives six weeks after the fact.

This week wasn't that.

This week, someone deployed an AI agent that autonomously broke into a network, stole credentials, moved laterally, encrypted databases, and dropped a ransom note. No human was directing it. It fixed its own mistakes in 31 seconds. That's a line we just crossed, and we're not going back.

684 European ransomware attacks in four months. 31 seconds for an AI agent to fix its own failed login. 2 million compromised smart TVs used as proxy exit nodes. 10.0 CVSS score in MSP-ubiquitous remote support software. 0 days between disclosure and exploitation for a ColdFusion flaw. That was one week.

Here's what happened, what it means for your business, and what to do about it.


1. JadePuffer: The AI Ransomware That Ran Itself

Source: Sysdig research | July 2, 2026

Let's start with the story that kept me up this week. Sysdig documented what they assess is the first confirmed case of an LLM-driven AI agent executing a complete ransomware attack chain with zero human intervention. They named it JadePuffer.

The agent exploited an old Langflow vulnerability (CVE-2025-3248, patched April 2025 and on the CISA KEV since May 2025) to gain initial access. From there, it performed reconnaissance, stole credentials, moved laterally, escalated privileges, encrypted a database, and delivered a ransom note. When a login attempt failed, the agent diagnosed the issue and retried successfully in 31 seconds.

Thirty-one seconds.

The skill floor for running ransomware just dropped to zero. There's no human operator to negotiate with, no pattern to profile, no sleep schedule to exploit.

Why it matters for SMBs: If you have any internet-exposed Langflow instances, patch them now. This CVE is from 2025. Beyond that specific fix, this is a signal event. When AI agents can autonomously run ransomware, the attack volume doesn't just increase. It compounds. Every exposed AI/ML tool becomes a potential entry point. Make sure your production databases are segmented away from anything internet-facing. If an attacker compromises an app server, they shouldn't be able to reach your customer database from it.


2. SimpleHelp CVE-2026-48558: CVSS 10.0, MSPs in the Crosshairs

Source: CISA KEV | June 29, 2026

CISA added a maximum-severity authentication bypass in SimpleHelp remote support software to its Known Exploited Vulnerabilities catalog. The CVSS score is 10.0. That's as bad as it gets.

The flaw affects SimpleHelp versions 5.5.15 and earlier plus 6.0 pre-release versions. When OIDC authentication is enabled, the software fails to verify cryptographic signatures on identity tokens. An unauthenticated attacker can forge a token and gain a fully authenticated technician session. In some configurations, it bypasses MFA entirely.

Why it matters for SMBs: SimpleHelp is everywhere in the MSP world. It's the tool your IT support team uses to remote into your systems. If an attacker compromises the SimpleHelp server, they get the same level of access your IT team has. Full administrative control over every machine the MSP manages. CISA gave a remediation deadline of July 2. If you use SimpleHelp or your MSP does, verify the patch was applied. Ask them directly.


3. BlueHammer: Ransomware Gangs Weaponize Microsoft Defender Flaw

Source: BleepingComputer | June 30, 2026

CISA confirmed that ransomware gangs are actively exploiting CVE-2026-33825, nicknamed BlueHammer. This is a Microsoft Defender privilege escalation flaw that was originally leaked as a zero-day in April by a disgruntled researcher. Microsoft patched it in the April 2026 Patch Tuesday. Now, months later, attackers are using it to escalate to SYSTEM privileges and take complete control of Windows machines.

Why it matters for SMBs: The patch has been available for three months. If you haven't deployed the April 2026 Patch Tuesday update across every workstation and server, that's your window of exposure. Ransomware operators are actively scanning for unpatched systems. This isn't a theoretical risk. Immutable backups are the copy ransomware can't delete, but only if you have them in place before the attack hits. Verify the update is installed everywhere.


4. SharePoint Server RCE (CVE-2026-45659) Added to CISA KEV

Source: CISA / SOCRadar | July 1, 2026

CISA added a deserialization RCE in Microsoft SharePoint Server (CVSS 8.8) to its KEV catalog with a remediation deadline of July 4. An authenticated attacker with Site Member permissions, the standard contributor role that many employees and external partners hold, can execute arbitrary code on the SharePoint server. Microsoft shipped the patch in May but delayed the security bulletin until May 21.

Why it matters for SMBs: SharePoint is a staple in SMB and mid-market environments for document management, intranets, and client collaboration. The Site Member permission threshold is low. Many employees, contractors, and external vendors hold it. If you run on-premises SharePoint, confirm the May 2026 security update is installed. If you share SharePoint sites with external partners, treat this as urgent.


5. Fake IT Support Calls on Microsoft Teams Deploy EtherRAT

Source: Unit 42 / Palo Alto Networks | June 28, 2026

Palo Alto Networks' Unit 42 documented a campaign that combines phishing emails with Microsoft Teams voice calls. Attackers send an Employee Survey lure with a malicious PDF, then follow up with a Teams voice call impersonating IT support. They use Teams' screen-sharing feature to install legitimate remote access tools like AnyDesk and HopToDesk, then deploy EtherRAT, a Node.js RAT that uses Ethereum smart contracts for resilient command-and-control infrastructure. Unit 42 found nine versions of the malware loader, suggesting active development.

Why it matters for SMBs: Microsoft Teams is ubiquitous in SMBs. This attack exploits trust in internal communication tools and bypasses email security because the malicious payload arrives via voice call and screen sharing, not email links. Train employees to verify unexpected IT support calls through a secondary channel. If someone calls saying they're from IT and needs to remote into your machine, hang up and call your IT team directly on a number you know is theirs.


6. Adobe ColdFusion CVE-2026-48282: CVSS 10.0, Exploited Within Hours

Source: BleepingComputer | Adobe patched June 30, exploitation detected July 2

Adobe patched multiple maximum-severity ColdFusion vulnerabilities on June 30. Within two hours of technical details going public on July 2, attackers began exploiting CVE-2026-48282, a path traversal vulnerability enabling unauthenticated remote code execution. KEVIntel's honeypot network captured active exploitation almost immediately after the PoC was published. The Canadian Centre for Cyber Security issued an alert.

Why it matters for SMBs: ColdFusion has a long tail in SMB environments. Many legacy internal apps, old websites, and MSP-hosted solutions still run it. Shadowserver tracks nearly 800 exposed instances. The two-hour window between disclosure and exploitation means there's zero safe time to evaluate before patching. If ColdFusion exists anywhere in your stack, apply the July 1 patches now.


7. Ransomware in Europe Up 55% Year-over-Year

Source: Black Kite research | July 3, 2026

Black Kite's first Europe-focused ransomware report found 684 attacks in the first four months of 2026, compared with 441 in the same period of 2025. That's a 55% increase. The figure already exceeds the 643 attacks recorded across all of H1 2025. France saw the highest growth at 119%, followed by Italy at 92% and Spain at 77%. The five largest economies accounted for 69% of attacks.

Why it matters for SMBs: If you're in Europe or do business with European firms, the ransomware pressure is accelerating dramatically. The report notes that after successful law enforcement disruptions, the ransomware ecosystem has fragmented into more, smaller opportunistic groups. That means any SMB, regardless of size, is now a viable target. Reassess your threat model and test your recovery processes. Not just your backups, your actual recovery. The first hour after things go wrong sets the tone for everything that follows.


8. Kubota North America Breach: Five Weeks Dwell Time

Source: BleepingComputer | July 1, 2026

Kubota North America disclosed that hackers had unauthorized access to its network systems from March 16 to April 20, 2026, over five weeks. The breach exposed HR files containing employee names, SSNs, dates of birth, bank account details for direct deposit, corporate payment card info, and health insurance data. Nearly 5,900 individuals were affected. No ransomware group has claimed responsibility.

Why it matters for SMBs: This breach shows that attackers can dwell in networks for weeks without triggering alarms, and that HR data is a prime target even without ransomware extortion. For SMBs, this underscores the need for continuous monitoring, not just perimeter defense. The data types exposed, SSNs plus bank accounts, are a goldmine for identity theft and fraud targeting both employees and their dependents.


9. DHS Confirms HSIN Breach

Source: BleepingComputer | July 1, 2026

The Department of Homeland Security confirmed a cyberattack compromising the Homeland Security Information Network (HSIN), a sensitive platform used by federal, state, local, and private-sector partners to share threat intelligence and emergency response data. The investigation is ongoing.

Why it matters for SMBs: If your business participates in information-sharing programs with DHS or local emergency management agencies, your data may have been exposed. More broadly, a breach of this system signals that even the most sensitive government platforms are not immune. Threat actors may use the intelligence gained to target critical infrastructure partners and smaller organizations in the supply chain.


10. FBI Seizes NetNut, Disrupts 2 Million Device Botnet

Source: KrebsOnSecurity | July 2, 2026

The FBI, working with Google's Threat Intelligence Group, Lumen, and Shadowserver, seized hundreds of domains tied to NetNut, a residential proxy service operated by publicly traded Israeli firm Alarum Technologies. NetNut was found to be synonymous with the Popa botnet. A network of at least 2 million compromised smart TVs and Android streaming boxes had been turned into residential proxy exit nodes used for data scraping, ad fraud, account takeovers, and hiding cybercriminal traffic. Google observed 316 distinct threat actor clusters using NetNut exit nodes in a single week.

Why it matters for SMBs: This takedown is good news, but the underlying issue is not going away. Those cheap Android streaming boxes your employees buy for home use can be part of botnets that route malicious traffic through residential IPs, including traffic targeting your business. The same residential proxy infrastructure is used for password spraying, reconnaissance, and credential stuffing against SMB networks. Secure your network from non-corporate devices.


11. ChocoPoC: Fake GitHub Exploits Target Security Researchers

Source: BleepingComputer / Sekoia | July 1, 2026

Researchers discovered a campaign using weaponized proof-of-concept exploit repositories on GitHub that deliver a Python-based RAT called ChocoPoC. Attackers added malicious PyPI packages, 'frint' and 'skytext', as dependencies. When developers clone and run the PoC, the packages automatically fetch and execute the RAT, which can steal browser credentials, cookies, autofill data, shell history, and files. At least seven PoC repos targeting vulnerabilities in FortiWeb, React2Shell, PAN-OS, and other platforms were found.

Why it matters for SMBs: If you have anyone on your team, internal IT, MSP, or consultant, who downloads PoC exploits from GitHub for testing, this campaign targets them directly. The RAT captures credentials that could be used against your network. Ensure that anyone doing security testing works in isolated, disposable environments and never on production-adjacent systems.


12. OpenAI Poisoned Tenant Attack

Source: Push Security | June 26, 2026

Push Security uncovered a campaign where attackers create fake OpenAI organizational tenants impersonating legitimate companies and invite employees to join them. The invitations come from OpenAI's legitimate noreply@tm.openai.com address, pass all email authentication checks, and look identical to genuine invites. Invited employees are granted Owner-level admin privileges, and a payment card is attached to the billing account to add legitimacy. The goal is to trick employees into treating the fake workspace as their corporate ChatGPT environment and exposing sensitive data through prompts.

Why it matters for SMBs: AI tool adoption is accelerating in SMBs, and employees are increasingly using ChatGPT for work tasks. This attack exploits trust in the platform itself, not a spoofed email or fake login page. Train employees to verify unexpected organization invitations, especially when the inviter's email domain does not match your company domain. This is a growing attack vector that every SMB using AI tools needs to understand.


That was a lot. I know.

But here's the thing about weeks like this. The signals are all pointing in the same direction. Attackers are getting faster, more automated, and more creative. AI agents are moving from theoretical threat to operational reality. The tools your business relies on, remote support software, SharePoint, ColdFusion, Microsoft Defender, are being actively targeted.

The good news is that the defense is still the same. Patch what you can. Segment what you cannot patch. Train your people. Test your recovery. The fundamentals haven't changed, but the margin for error just got thinner.

If you're reading this and realizing you're not sure when your patches were last verified, or whether your recovery process actually works, that's exactly the feeling you should be having. It's also the feeling that leads to action.


Book a 15-minute security review
No sales pitch, just a clear picture of where you stand and what needs attention first.