Brace yourself for a glimpse into the wild world of AI-driven malware—Google has unmasked PROMPTFLUX, a cunning piece of VBScript malware that’s shaking up the cybersecurity landscape. This villain isn’t your ordinary threat; it uses the cutting-edge Gemini AI to routinely morph its own code, making it a slippery target for traditional antivirus measures. By tapping into the Gemini API, PROMPTFLUX crafts code alterations tailored for evasion, with updates conveniently stashed in Windows Startup folders and spreading attempts via networks and drives.
And it’s not just lone operators using AI for mischief. Google has thrown light on state-sponsored cyber actors from China, Iran, and North Korea, who are misusing Gemini to turbocharge everything from phishing to malware development. These digital adversaries have figured out crafty ways to bypass AI safety features, convincingly posing as participants in “capture-the-flag” exercises to glean useful exploitation data.