Tag: malware
-
5 AI-developed malware families analyzed by Google fail to work and are easily detected
You wouldn’t know it from the hype, but the results fail to impress. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/11/ai-generated-malware-poses-little-real-world-threat-contrary-to-hype/
-
AI-generated malware poses little real-world threat, contrary to hype
You wouldn’t know it from the hype, but the results fail to impress. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/11/ai-generated-malware-poses-little-real-world-threat-contrary-to-hype/
-
Gootloader malware is back with new tricks after 7-month break
Tags: malwareThe Gootloader malware loader operation has returned after a 7-month absence and is once again performing SEO poisoning to promote fake websites that distribute the malware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/gootloader-malware-is-back-with-new-tricks-after-7-month-break/
-
Generative AI Supercharges Reverse Engineering
Check Point shows how generative AI accelerates XLoader analysis, uncovering real C2s and enabling faster, smarter malware defense. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/generative-ai-reverse-engineering/
-
Google uncovers malware using LLMs to operate and evade detection
PromptLock, the AI-powered proof-of-concept ransomware developed by researchers at NYU Tandon and initially mistaken for an active threat by ESET, is no longer an isolated … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/05/malware-using-llms/
-
AI-based malware makes attacks stealthier and more adaptive
Google says it has discovered at least five malware families that use AI to reinvent themselves and hide from defenders. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-powered-malware-google/804760/
-
Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly
Google on Wednesday said it discovered an unknown threat actor using an experimental Visual Basic Script (VB Script) malware dubbed PROMPTFLUX that interacts with its Gemini artificial intelligence (AI) model API to write its own source code for improved obfuscation and evasion.”PROMPTFLUX is written in VBScript and interacts with Gemini’s API to request specific VBScript…
-
UNK_SmudgedSerpent Targets Academics With Political Lures
A previously unknown cyber actor UNK_SmudgedSerpent has been observed targeting academics with phishing and malware, merging techniques from Iranian groups First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/unksmudgedserpent-targets-academics/
-
Malware Developers Test AI for Adaptive Code Generation
Google Details How Attackers Could Use LLMs to Mutate Scripts. Malware authors are experimenting with a new breed of artificial intelligence-driven attacks, with code that could potentially rewrite itself as it runs. Large language models are allowing hackers to generate, modify and execute commands on demand, instead of relying on static payloads First seen on…
-
Malware Developers Test AI for Adaptive Code Generation
Google Details How Attackers Could Use LLMs to Mutate Scripts. Malware authors are experimenting with a new breed of artificial intelligence-driven attacks, with code that could potentially rewrite itself as it runs. Large language models are allowing hackers to generate, modify and execute commands on demand, instead of relying on static payloads First seen on…
-
Malware Developers Test AI for Adaptive Code Generation
Google Details How Attackers Could Use LLMs to Mutate Scripts. Malware authors are experimenting with a new breed of artificial intelligence-driven attacks, with code that could potentially rewrite itself as it runs. Large language models are allowing hackers to generate, modify and execute commands on demand, instead of relying on static payloads First seen on…
-
Google warns of new AI-powered malware families deployed in the wild
Google’s Threat Intelligence Group (GTIG) has identified a major shift this year, with adversaries leveraging artificial intelligence to deploy new malware families that integrate large language models (LLMs) during execution. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-warns-of-new-ai-powered-malware-families-deployed-in-the-wild/
-
Google warns of new AI-powered malware families deployed in the wild
Google’s Threat Intelligence Group (GTIG) has identified a major shift this year, with adversaries leveraging artificial intelligence to deploy new malware families that integrate large language models (LLMs) during execution. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-warns-of-new-ai-powered-malware-families-deployed-in-the-wild/
-
Google warns of new AI-powered malware families deployed in the wild
Google’s Threat Intelligence Group (GTIG) has identified a major shift this year, with adversaries leveraging artificial intelligence to deploy new malware families that integrate large language models (LLMs) during execution. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-warns-of-new-ai-powered-malware-families-deployed-in-the-wild/
-
Attackers abuse Gemini AI to develop ‘Thinking Robot’ malware and data processing agent for spying purposes
Meanwhile, others tried to social-engineer the chatbot itself First seen on theregister.com Jump to article: www.theregister.com/2025/11/05/attackers_experiment_with_gemini_ai/
-
Attackers abuse Gemini AI to develop ‘Thinking Robot’ malware and data processing agent for spying purposes
Meanwhile, others tried to social-engineer the chatbot itself First seen on theregister.com Jump to article: www.theregister.com/2025/11/05/attackers_experiment_with_gemini_ai/
-
Risk ‘Comparable’ to SolarWinds Incident Lurks in Popular Software Update Tool
Some of the world’s biggest technology companies use a program liable to introduce malware into their software. The potential consequences are staggering, but there’s an easy fix. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/risk-solarwinds-popular-software-tool-update
-
Risk ‘Comparable’ to SolarWinds Incident Lurks in Popular Software Update Tool
Some of the world’s biggest technology companies use a program liable to introduce malware into their software. The potential consequences are staggering, but there’s an easy fix. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/risk-solarwinds-popular-software-tool-update
-
Risk ‘Comparable’ to SolarWinds Incident Lurks in Popular Software Update Tool
Some of the world’s biggest technology companies use a program liable to introduce malware into their software. The potential consequences are staggering, but there’s an easy fix. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/risk-solarwinds-popular-software-tool-update
-
New malware uses AI to adapt during attacks, report finds
Researchers at Google said Wednesday that they recently observed malware “that employed AI capabilities mid-execution to dynamically alter the malware’s behavior.” First seen on therecord.media Jump to article: therecord.media/new-malware-uses-ai-to-adapt
-
New malware uses AI to adapt during attacks, report finds
Researchers at Google said Wednesday that they recently observed malware “that employed AI capabilities mid-execution to dynamically alter the malware’s behavior.” First seen on therecord.media Jump to article: therecord.media/new-malware-uses-ai-to-adapt
-
Attackers abuse Gemini AI to develop ‘Thinking Robot’ malware and data processing agent for spying purposes
Meanwhile, others tried to social-engineer the chatbot itself First seen on theregister.com Jump to article: www.theregister.com/2025/11/05/attackers_experiment_with_gemini_ai/
-
Attackers abuse Gemini AI to develop ‘Thinking Robot’ malware and data processing agent for spying purposes
Meanwhile, others tried to social-engineer the chatbot itself First seen on theregister.com Jump to article: www.theregister.com/2025/11/05/attackers_experiment_with_gemini_ai/
-
Hundreds of Malware-Laden Apps Downloaded 42 Million Times From Google Play
Zscaler estimates 239 malicious Android apps made it onto the official Play store over the past year First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/apps-download-41-million-times/
-
DragonForce Cartel Surfaces from Leaked Conti v3 Ransomware Source Code
Tags: cyber, data-breach, encryption, flaw, group, malware, ransomware, software, threat, vulnerabilityAcronis Threat Research Unit has analyzed recent activity linked to the DragonForce ransomware group and identified a new malware variant in the wild. The latest sample uses vulnerable drivers such as truesight.sys and rentdrv2.sys to disable security software, terminate protected processes and correct encryption flaws previously associated with Akira ransomware. The updated encryption scheme addresses…
-
NDSS 2025 The Philosopher’s Stone: Trojaning Plugins Of Large Language Models
Tags: attack, conference, control, data, defense, exploit, LLM, malicious, malware, network, open-source, phishing, spear-phishingSESSION Session 2A: LLM Security Authors, Creators & Presenters: Tian Dong (Shanghai Jiao Tong University), Minhui Xue (CSIRO’s Data61), Guoxing Chen (Shanghai Jiao Tong University), Rayne Holland (CSIRO’s Data61), Yan Meng (Shanghai Jiao Tong University), Shaofeng Li (Southeast University), Zhen Liu (Shanghai Jiao Tong University), Haojin Zhu (Shanghai Jiao Tong University) PAPER The Philosopher’s Stone:…
-
Russian spies pack custom malware into hidden VMs on Windows machines
Curly COMrades strike again First seen on theregister.com Jump to article: www.theregister.com/2025/11/04/russian_spies_pack_custom_malware/
-
SesameOp Backdoor Uses OpenAI API for Covert C2
Malware used in a months-long attack demonstrates how bad actors are misusing generative AI services in unique and stealthy ways. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/sesameop-backdoor-openai-api-covert-c2

