PROMPTFLUX: Malware Uses Advanced AI to Mutate Code Hourly
Google security researchers have identified a novel malware campaign dubbed PROMPTFLUX, which leverages Gemini-based generative AI to rewrite and obfuscate its code on an hourly basis, making traditional signature-based detection methods largely ineffective.
Automated Code Mutation via Large Language Model
PROMPTFLUX infects Windows-based endpoints and employs a sophisticated automated infrastructure that feeds its source code into Gemini, a leading large language model. Every hour, prompt engineering scripts generate a differently structured but functionally equivalent variant. This code mutation includes variable renaming, loop unrolling, alternative logic structures, encryption routine modifications, and dynamic API calls.
Evasion Strategies and Endpoint Persistence
The malware’s continuous regeneration is designed to evade static analysis engines and workload-focused endpoint detection and response solutions. Beyond mutating its payload, PROMPTFLUX adapts network communication patterns by cycling through serialized protocol formats, tunneling via legitimate cloud provider APIs, and mimicking C2 infrastructure of common business tools.
Command-and-Control Architecture
PROMPTFLUX communicates with its operators using layers of proxy relays hosted on decentralized infrastructure, including blockchain-based DNS resolution. These proxies are algorithmically reselected every few hours, hampering threat hunting efforts.
Pervasive Impact and Industry Response
Security vendors are responding with adaptive, AI-driven behavioral detection engines that profile execution context and usage anomalies, moving away from reliance on file hashes or YARA signatures. Enterprises are urged to implement real-time runtime monitoring, controlled application whitelisting, and AI-driven anomaly detection to counter PROMPTFLUX’s continuous evolution.
Critical WebGPU Vulnerability Enables Remote Code Execution
An out-of-bounds write vulnerability in the WebGPU API, tracked as CVE-2025-12725, has been disclosed as capable of enabling remote code execution, raising severe concerns for browser and graphics engine security.
Technical Details and Exploitation Path
The flaw stems from improper bounds checking during buffer allocation and command processing in the implementation of the WebGPU API. A specially crafted web page can trigger memory corruption by forcing the browser to write data outside of allocated buffers, ultimately enabling the attacker to execute arbitrary code in the context of the victim’s browsing session.
Attack Surface and Affected Platforms
Browsers that have adopted early implementations of WebGPU—including recent versions of Chromium, Chrome, and some Electron-based apps—are particularly at risk. The vulnerability is significant because exploited code can bypass traditional browser sandboxing, affecting the underlying operating system directly if chained with privilege escalation bugs.
Mitigation and Patching Guidance
Industry guidance recommends immediately updating browsers and disabling WebGPU features in enterprise environments pending security reviews. Vendors are patching the affected code, and several additional hardening steps are being introduced to perform stricter runtime type and boundary checks.
File Loading and SSRF Exploitation via CVE-2025-12058
A new vulnerability, CVE-2025-12058, allows for arbitrary file loading and server-side request forgery (SSRF) attacks on unpatched web applications, potentially exposing internal systems to external attackers.
Mechanism of Attack
The vulnerability is rooted in unsanitized URL and file path parameters received from HTTP requests. Malicious actors exploit parsing errors that lead to unauthorized file inclusions, giving them the ability to load sensitive local files or trigger SSRF to access internal resources.
Wider Implications and Targets
Exploiting SSRF enables attackers to bypass perimeter protections, probe internal APIs, extract metadata from cloud instances, and perform unauthenticated lateral movement within corporate networks.
Detection and Remediation
Administrators are urged to monitor access logs for unusual file or internal resource accesses and to update affected software with vendor-supplied patches. Web application firewalls should be configured to validate and sanitize all path and URL parameters, and outbound network filtering rules should restrict unnecessary internal communications.
Attackers Target Root Privileges via Critical Remote Flaws
New critical vulnerabilities allow threat actors to remotely execute arbitrary code and escalate their privileges to root, significantly impacting Linux and Unix-based systems in both enterprise and cloud environments.
Vulnerability Class and Exploit Chaining
The flaws are associated with flawed inter-process communication routines that fail to apply robust input validation and permission checks. Upon successful remote exploitation, adversaries can modify system-wide configurations, establish persistent backdoors, and disable security controls.
Proof-of-Concepts and Mitigation
Multiple proof-of-concept exploits have been circulated in attacker forums, demonstrating the bypass of privilege separation and root-level compromise via chained exploit vectors. Organizations should prioritize emergency patching, perform anomaly detection for unauthorized system changes, and audit sudoers and privilege escalation policies.
Balancer Crypto Exploit Uses Unique Rounding Attack
Cybercriminals have exploited a logic flaw in the Balancer decentralized finance protocol’s rounding function, enabling significant theft of cryptocurrency assets via sophisticated batch swap attacks.
Technical Analysis of the Exploit
The attack leverages minute rounding errors in Balancer’s smart contract arithmetic. By carefully sequencing batch swaps across multiple pools, attackers accumulate and extract residual fund fractions otherwise discarded due to floating-point rounding.
Implications for DeFi Security
This attack highlights risks from inadequate floating-point handling and the need for deterministic, fixed-point arithmetic in decentralized financial protocols. The Balancer community is addressing the flaw with contract upgrades, enhanced auditing, and increased bug bounty rewards for mathematical edge-case discoveries.
United States Sanctions Financial Networks for Cyber Crime Money Laundering
The United States government has levied new sanctions on a network of bankers and financial institutions implicated in laundering proceeds from major cybercrime operations.
Operational Networks Demystified
The sanctioned actors operated transnational money-moving rings, utilizing layered transactions, digital assets, and shell corporations to obfuscate illicit funds from ransomware, business email compromise, and credential theft campaigns.
Enforcement Actions and Regulatory Signals
US authorities are ramping up cross-border collaboration, freezing assets, and blocking sanctioned entities from accessing the global financial system. These moves signal ongoing efforts to disrupt financial enablers of cybercrime and may indicate more aggressive follow-up actions supporting anti-money laundering frameworks.