Newsletter · · Ashutosh Agarwal

Ransomware Just Ran Itself, Start to Finish - Cybersecurity - Week of July 7, 2026

Cybersecurity for the week of July 7, 2026. Sysdig documented Jade Puffer, the first ransomware operation run end-to-end by an autonomous AI agent, and Okta shipped XAA, an Anthropic-backed open standard for governing agent identity.

Cybersecurity

Week of July 7, 2026: Ransomware Just Ran Itself, Start to Finish


TL;DR

  • The first ransomware attack run end-to-end by an autonomous AI agent got documented, recon to encryption, fixing its own failed login in 31 seconds. The demand catalyst the bulls kept describing in theory now has a name: Jade Puffer.
  • Okta put its new CPO on record behind the thing that turns "agentic identity TAM" from a slide into a product: XAA, an OAuth extension built with Anthropic so agents get scoped, short-lived access instead of long-lived master keys.
  • A mainstream money show made the platform-consolidation call out loud, "cybersecurity is going to be bigger than AI because of AI," and flagged that the PANW and CRWD CEOs bought their own stock near the March lows.

What's New

Ransomware learned to run itself. Sysdig documented what it believes is the first ransomware operation run entirely by an LLM agent, Jade Puffer, that autonomously executed the full kill chain (recon, credential theft, lateral movement, persistence, privilege escalation, encryption) and adapted in real time, in one sequence going "from a failed login to a working fix in 31 seconds." It got in via a 14-month-old unpatched RCE in Langflow, an open-source LLM-app framework. The operator read is the bull case in one line: "AI is going to shorten the distance between zero and compromise," and that window "eventually... will get to minutes." Source: Daily Cyber Threat Brief - Ep 1167 (pundit, citing Sysdig); corroborated same day alongside two exploited Oracle flaws in Cybersecurity Today - AI-Run Ransomware, New Oracle Critical Flaw, David Shipley (pundit).

Okta named the new perimeter, and shipped a standard for it. Okta CPO Eli Khan (ex-SentinelOne CPO) gave the cleanest operator articulation yet of why agent identity is a distinct, urgent problem: "People give agents long-lived, broadly scoped permissions to basically do anything that they may need to do in the future. And this is where companies can get into trouble." His fix is XAA (Cross-App Access), an OAuth extension built with Anthropic that brokers scoped, short-lived access between apps and agents instead of "a permanent master key like a static API key"; securing least-privileged agent identities, he says, is "the highest ROI security action that you can do." The double edge: XAA is an open standard "that can be used by anyone," so it's reach, not lock-in. Source: Cloud Security Podcast - Who Governs Your AI Agents?, Eli Khan, Chief Product Officer, Okta (operator).

"People give agents long-lived, broadly scoped permissions to basically do anything they may need to do in the future. And this is where companies can get into trouble." - Eli Khan, Okta

A money show made the consolidation call out loud. Hightower chief investment strategist Stephanie Link laid out the platform bull case in plain English: "cybersecurity is going to be bigger than AI because of AI. AI is not secure." She pegged roughly 4,000 public and private cyber vendors and predicted "massive consolidation... the big 5 get bigger," naming CrowdStrike, Palo Alto, Cisco, Zscaler and Fortinet, because her own firm runs 20 security vendors that "don't talk to each other, which is why we have cyberattacks all the time." Her tell on conviction: the Palo Alto CEO "bought $10 million worth of stock in March at almost the lows," and CrowdStrike's did the same. Source: Money Rehab with Nicole Lapin - Hightower's Chief Investment Strategist on the AI "Food Chain", Stephanie Link, Hightower (pundit).

Deepfake fraud crossed from headline to line item. Reynolds & Reynolds CISO Nikhil Kalani put numbers on the demand: the FBI's April report logged AI-based fraud at about $900 million for the first time (inside roughly $21B of total cyber fraud on Americans), and open-source tools now swap a face and voice in real time on a gaming PC in about 50 milliseconds. "That type of fraud is now a category, not a headline." Source: ConnectedPodcast - Cybersecurity in the Age of AI, Nikhil Kalani, CISO, Reynolds & Reynolds (operator).

And the AI tooling itself is now the target. Cato researchers detailed "DuneSlide," a prompt-injection flaw (CVE-2026-50548/50549, 9.8/9.3) that escapes the Cursor AI code editor's sandbox to run arbitrary commands on developer machines, Fortune 500 users exposed. Yes, every vendor now has an "AI SOC," the sharper point is the AI dev stack is becoming the soft underbelly. Source: The Cybersecurity Defenders Podcast - Intel Chat #336 (pundit).

The Debate

Bull frame: AI expands the security TAM (more attack surface, more agents, more data to inspect) and entrenches platform leaders because automation only pays off at scale with consolidated data. PANW, CRWD, ZS get larger wallets, not smaller.

Bear frame: AI-native upstarts and free/bundled hyperscaler tooling collapse per-seat economics. Why pay $X per endpoint when an agentic SOC and a Microsoft E5 bundle do 80% of the job? Budget consolidation cuts the legacy stack first, not the new one.

Where I land this week: Bull, the evidence pointed one direction. Jade Puffer is the bull thesis rendered as a live incident: if an agent runs the full kill chain and self-corrects in 31 seconds, the answer isn't fewer tools, it's consolidated data and automation at scale, the big-platform pitch. Okta turning "agentic identity" from a TAM slide into a shipped, Anthropic-backed standard is the supply side of the same trade. The honest caveat: none of the big four printed a number this week, so the tape is running on narrative, not net-new ARR, until August earnings.

Stocks In Play

  • PANW: Bull: named the top pick on a mainstream money show; CEO's ~$10M March buy cited as conviction. Bear: silent from operators, still a post-SaaSpocalypse laggard. Watch: platformization/XSIAM attach as a number next print.
  • CRWD: Bull: consolidation call plus CEO insider buy near the lows; autonomous-attack narrative feeds the "buy the crisis leader" thesis. Bear: no operator datapoint; still in the penalty box. Watch: net-new ARR, any Charlotte AI / Falcon Flex metric.
  • ZS: Bull: still the zero-trust name in every consolidation basket. Bear: no fresh catalyst after last week's Macquarie upgrade. Watch: net-new ARR re-acceleration.
  • OKTA: Bull: its own CPO put a shipped, open, Anthropic-partnered standard (XAA) behind the non-human-identity thesis, theory becoming product. Bear: "used by anyone" means Microsoft Entra can ride the same rails. Watch: XAA/IDJAG adoption and Auth0 cross-sell into next earnings.

Read-Throughs

  • SentinelOne (S): Indirect only: Okta's new CPO is ex-S CPO; no new S signal this week.
  • Fortinet (FTNT): FortiBleed still generating ransomware headlines, a running reputational tax on the appliance model, yet Link still tosses FTNT into the platform bundle.
  • Cloudflare (NET): No new signal this week.
  • CyberArk (CYBR): No direct mention, but agent identity, machine identity and post-quantum crypto-agility are squarely its turf, read-through positive.
  • Hyperscalers (MSFT/GOOGL/AMZN): Quiet on bundles; the only tell is XAA being open invites Microsoft Entra onto the same rails, co-opetition over displacement.

What Changed vs Last Week

Quieter on the tape, louder on the thesis. Last week the bulls got a sell-side number (Macquarie's $172 ZS) and two named-vendor execs; this week the operator bench narrowed to one clean voice, Okta's CPO, but the demand catalyst got far more concrete: FortiBleed was last week's billboard, Jade Puffer is this week's. The identity thread advanced from "90% of intrusions hit identity" to "govern the agent's identity before it's breached." PQC stayed alive but shifted from federal-deadline framing to a vendor crypto-agility pitch, only 22% of organizations say they fully understand quantum-readiness (Tech Talks Daily - DigiCert on Why PKI Has Become the Foundation of AI Trust). Net: the story is consolidating around one idea, the thing you now have to secure is the agent.