Cyber Security Headlines Google uncovers PROMPFLUX, CISA warns of CentOS Web Panel bug, Threat group targets academics
9 snips
Nov 6, 2025 Google reveals its discovery of PromptFlux, an AI-driven malware using Gemini to evade detection. CISA issues a crucial alert regarding a remote code execution flaw in CentOS WebPanel that is being actively exploited. A new threat group is targeting academics by impersonating think-tank figures to steal credentials. Meanwhile, recent incidents highlight ongoing OT security challenges in manufacturing. Additionally, AMD releases a microcode patch for a significant bug that threatens cryptography.
AI Snips
Chapters
Transcript
Episode notes
AI-Powered Malware That Rewrites Itself
- Google discovered PromptFlux, an experimental malware that uses Gemini to rewrite VBScript continuously to evade detection.
- The finding shows threat actors are using AI to dynamically adapt malware during execution.
Patch Or Stop Using CentOS WebPanel
- CISA warns of a critical remote code execution bug in CentOS WebPanel affecting versions before 0.9 and patched in 1205.
- Federal agencies must apply updates or stop using CWP by November 25th to avoid active exploitation.
New Group Targets Iran-Focused Academics
- Proofpoint found UNK Smudged Serpent targeting academics focused on Iran using benign email conversations then credential theft and malware delivery.
- The campaign borrows tactics from Iranian-linked clusters but lacks strong overlap for definitive attribution.