Weekly Cyber Briefing 10.07.2026

Weekly Cyber Update: 10 July 2026

A new agentic ransomware discovery; a maximum severity ColdFusion bug to patch; a government push for Cyber Essentials across the supply chain; and a new NCSC plan for cyber defence

The Cyber Threat Intelligence Briefing is a weekly round-up of the latest cybersecurity news, trends and indicators, curated by our CISO, Nick Harris. Here’s our pick of the top stories, and why you should care.


JadePuffer attack branded world’s first end-to-end agentic ransomware campaign

Security researchers have discovered what they claim to be the world’s first ransomware campaign carried out end to end by an “agentic threat actor” (ATA). “JadePuffer” autonomously exploited a vulnerability in Langflow, mapped the environment, harvested credentials, moved laterally, stole and encrypted data, and left a ransom note.

Why it matters

The ATA didn’t demonstrate any novel TTPs, but JadePuffer highlights that the barrier to entry for prospective ransomware actors has now fallen significantly. It also marks out AI infrastructure like Langflow as an increasingly popular target, because it provides a wealth of stored credentials and API keys. CISA has ordered federal agencies to patch the flaw exploited in the attack.

The encryption used in the attack was built to be unrecoverable because the agent, rather than its human master, decided so. That adds an extra element of unpredictability to ATA-powered ransomware.

Assured’s recommended action

Monitor for the IoCs released by Sysdig. And patch CVE-2025-3248 in Langflow, if using the framework. Beyond that, best practice rules apply to reduce the attack surface. That means network segmentation, phishing-resistant MFA and least privilege, and runtime threat detection. Focus on boosting resilience in the event of a compromise by practising incident response and ensuring recovery capabilities are regularly tested and fit for purpose.


Maximum severity ColdFusion bug exploited in attacks

Threat actors are exploiting a maximum severity vulnerability in Adobe ColdFusion, according to reports. CVE-2026-48282 is a remote code execution flaw in the popular web app development platform that can be exploited by attackers without privileges. It has a CVSS score of 10.0. The ShadowServer Foundation claims hundreds of instances may be exposed globally.

Why it matters

US and Canadian authorities have released guidance urging immediate patching. Exploitation could give threat actors a foothold in enterprise systems for broader compromise, including corporate data theft and even ransomware. The flaw was exploited just hours after Adobe released patches, proving once again the traditional exploitation window has virtually disappeared for some CVEs.

Assured’s recommended action

Audit for impacted and internet-facing ColdFusion instances and patch in line with vendor guidance. Review logs for signs of exploitation.


Government’s Cyber Resilience Pledge to put pressure on supply chain

The government has officially launched a new initiative whereby organisations voluntarily commit to demonstrate board-level cyber governance and supply chain security. Over 60 organisations and 20 government suppliers have signed up to the Cyber Resilience Pledge. It requires them to register for the NCSC’s free Early Warning service, audit Cyber Essentials coverage across the supply chain, implement the Cyber Governance Code of Practice, and ensure all board members complete NCSC Cyber Governance Training, among other things.

Why it matters

The most consequential impact could be across the supply chain. Founding signatories include organisations with significant supplier ecosystems. Even without a legal mandate, their Cyber Essentials audit requirements will generate downstream pressure on suppliers who haven’t engaged with Cyber Essentials.

Assured’s recommended action

Be prepared for a call re: Cyber Essentials compliance. There’s a 60-day deadline for resilience pledge signatories to audit their supply chains. If this is the direction of travel for larger organisations, it would make commercial sense to start the Cyber Essentials accreditation process now.


NCSC launches “Cyber Shield” plan for national-scale, AI-powered defence

The National Cyber Security Centre (NCSC) and Department for Science, Innovation and Technology (DSIT) have published plans for a sovereign cyber-defence capability using agentic AI to identify, reduce and resolve cyber risk across critical national infrastructure. The architecture involves interconnected “red” and “blue” AI agents. Red agents will autonomously scan critical UK IP ranges for exposed vulnerabilities at machine speed. Blue agents will defend against threats in real time.

Why it matters

The NCSC acknowledged in its blog post that AI is not necessarily creating novel challenges for network defenders but rather accelerating the speed and scale of threats. It is best practice corporate security failings that enable the technology to cause so much damage. And, the NCSC warns, once AI is able to operate across the full attack lifecycle, it will soon overwhelm defenders.

Assured’s recommended action

Follow the NCSC’s guidance. Get the basics right by patching high-risk vulnerabilities at speed, reducing reliance on unsupported systems, and adopting secure-by-design technologies. Incorporate AI into cyber defence by using agentic AI to spot and mitigate exposed vulnerabilities, and detect and contain incidents.

Latest articles

Be an insider. Sign up now!