Cybersecurity experts have identified a groundbreaking malware, codenamed MalTerminal, which integrates Large Language Model (LLM) capabilities, marking a significant shift in cyber threats. Reported at LABScon 2025 by SentinelOne’s SentinelLABS, MalTerminal utilizes OpenAI GPT-4 to generate ransomware code and reverse shells dynamically. Although there is no evidence of its active deployment, it raises concerns as a potential proof-of-concept malware.
Additionally, threat actors are now embedding hidden prompts in phishing emails to bypass AI-driven security measures, elevating the sophistication of social engineering attacks. This includes cleverly crafted HTML attachments that exploit the Follina vulnerability, alongside LLM Poisoning techniques to outsmart cybersecurity tools. Reports indicate a rise in AI-assisted phishing scams, leveraging platforms like Lovable and Netlify to host deceptive sites. These developments underscore the urgent need for enhanced cybersecurity strategies to combat the innovative use of AI by cybercriminals.
Source link
