Sysdig's Threat Research Team documented the first fully agentic ransomware operation: an LLM-driven attacker that exploited Langflow, pivoted to a production Nacos instance, and encrypted 1,342 database configurations without human direction at any step.