I've been watching xAI quietly build up to this. On July 8, they launched Grok 4.5 into developer access, then opened it to everyone on grok.com and the X app the next day. They called it their "flagship model for coding, agentic tool calling, and knowledge work." That framing is deliberate. This isn't a general-purpose model with coding bolted on as an afterthought. Most of the coverage led with the per-token price: $2 per million input tokens, $6 per million output. Competitive, but not shocking. The number that actually got my attention was 15,954. That's the average output token count Grok 4.5 uses to solve a task on SWE-Bench Pro. Claude Opus 4.8 uses roughly 67,020 tokens for comparable tasks on the same benchmark. A 4.2x difference. When you're running agent loops at any meaningful scale, that gap is where your bill comes from. Built for Agents, Tested Outside the Lab xAI didn't just run evals and ship. Grok 4.5 went through internal validation...
Earlier this month, Sysdig published research on JADEPUFFER, what they assess to be the first end-to-end agentic ransomware operation: a full attack chain from initial access to data destruction, driven by an LLM agent with no human operator at the keyboard. I've been tracking this story since it dropped July 2, and I want to walk through what actually happened before the hot takes bury the technical detail. What the Attack Actually Did The entry point was CVE-2025-3248, a missing-authentication vulnerability in Langflow's code validation endpoint. CVSS score of 9.8. Langflow is the drag-and-drop flow builder a lot of teams use to wire together LLM pipelines. The flaw lets an unauthenticated caller execute arbitrary Python on the host. Game over for initial access. Once in, the agent ran a methodical sweep: dumped Langflow's PostgreSQL database, harvested environment variables, scraped credentials from config files, inventoried a MinIO object store. The credential haul ...