The Hidden Risk in AI Coding Workflows: Supply Chain Attacks Are Evolving Lessons from the Axios Incident

The Hidden Risk in AI Coding Workflows: Supply Chain Attacks Are Evolving

whyaiman.substack.com/p/the-hidden...

#AIMalware #AICybersecurity #Cybersecurity #Axios #AISecurity

The AI Malware Surge

~Arcticwolf~
AI-assisted malware development is surging, with 39% of new samples evading signature-based AV.
-
IOCs: NyxStealer, deepseek_rootkit, D0MINAG0N
-
#AIMalware #DeepSeek #ThreatIntel

Experts Warn About AI-assisted Malwares Used For Extortion AI-based Slopoly malware Cybersecurity experts have disclosed info about a suspected AI-based malware named “Slopoly” used by threat actor Hive0163 for financial motives.  IBM X-Force researcher Golo Mühr said, “Although still relatively unspectacular, AI-generated malware such as Slopoly shows how easily threat actors can weaponize AI to develop new malware frameworks in a fraction of the time it used to take,” according to the Hacker News. Hive0163 malware campaign  Hive0163's attacks are motivated by extortion via large-scale data theft and ransomware. The gang is linked with various malicious tools like Interlock RAT, NodeSnake, Interlock ransomware, and Junk fiction loader.  In a ransomware incident found in early 2026, the gang was found installing Slopoly during the post-exploit phase to build access to gain persistent access to the compromised server.  Slopoly’s detection can be tracked back to PowerShell script that may be installed in the “C:\ProgramData\Microsoft\Windows\Runtime” folder via a builder. Persistence is made via a scheduled task called “Runtime Broker”.  Experts believe that that malware was made with an LLM as it contains extensive comments, accurately named variables, error handling, and logging.  There are signs that the malware was developed with the help of an as-yet-undetermined large language model (LLM). This includes the presence of extensive comments, logging, error handling, and accurately named variables.  The comments also describe the script as a "Polymorphic C2 Persistence Client," indicating that it's part of a command-and-control (C2) framework.  According to Mühr, “The script does not possess any advanced techniques and can hardly be considered polymorphic, since it's unable to modify its own code during execution. The builder may, however, generate new clients with different randomized configuration values and function names, which is standard practice among malware builders.” The PowerShell script works as a backdoor comprising system details to a C2 server. There has been a rise in AI-assisted malware in recent times. Slopoly, PromptSpy, and VoidLink show how hackers are using the tool to speed up malware creation and expand their operations.  IBM X-Force says the “introduction of AI-generated malware does not pose a new or sophisticated threat from a technical standpoint. It disproportionately enables threat actors by reducing the time an operator needs to develop and execute an attack.”

Experts Warn About AI-assisted Malwares Used For Extortion #AI #AIMalware #Cloud

Arkanix Stealer Emerges As AI Test
Read More: buff.ly/VsKLiLq

#ArkanixStealer #InfoStealer #AIMalware #CyberCrimeTools #DataTheft #ThreatResearch #MalwareEconomy #Infosec

Adversarial AI is on the rise: What you need to know To date, threat actors have used artificial intelligence (AI) to mainly enhance their productivity, but that’s changing, a report released...

AI isn’t just writing phishing emails anymore—it's inside malware, mutating code in real time to evade defenses. Learn why adversarial AI is a game-changer for defenders. jpmellojr.blogspot.com/2026/01/adve...
#AdversarialAI #CyberSecurity #AIMalware #GTIG

Google finds North Korean Malware hiding on public Blockchains! #cybersecurity #malware #aimalware

https://www.youtube.com/watch?v=5PoMFTT_x00

How Malware Authors Incorporate LLMs to Evade Detection Cyberattackers integrate large language models (LLMs) into the malware, running prompts at runtime to evade detection and augment their code on demand.

Malware authors are now using LLMs to evade detection — adaptive code that learns your defenses is the next frontier. AI is rewriting the threat playbook. 🤖⚠️ #AIMalware #EvasionTactics

AI-powered malware is hiding in fake tracking apps and stealing data undetected. Stay protected.
Watch full video: youtu.be/QYWZsuHKekw?...
Contact Technijian at 949-379-8499.
#AIMalware #CyberSecurity #AndroidSecurity #MalwareAlert #Technijian #MobileSecurity #CyberAwareness #AICyberThreats

Google Finds First Evidence of AI-Enabled Malware in the Wild Hackers are building adaptive malware that uses AI to learn, hide, and rewrite itself on the fly, signalling a new era in cyber warfare.

A new Google threat report has warned that AI-powered malware is here, with hackers weaponising LLMs to unleash next-gen malicious code that can learn, hide, and rewrite itself on the fly, a near impossible feat with traditional tools.

www.digit.fyi/google-ai-en...
#tech #AImalware #malware #GTIG

Cybersecurity News Review - Week 45 (2025) From zero-day vulnerabilities requiring immediate attention to AI-powered malware rewriting the rules of detection, this week highlighted both the fragility and complexity of modern cybersecurity.

From zero-day vulnerabilities requiring immediate attention to AI-powered malware rewriting the rules of detection, this week highlighted both the fragility and complexity of modern cybersecurity.

#Cybersecurity #ZeroDay #AIMalware

Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly Google discovers PROMPTFLUX malware using Gemini AI to rewrite and hide its code for smarter evasion.

☝️Google uncovers PromptFlux — a malware using AI prompts for command and control. When language becomes an attack surface, defense needs a new vocabulary. 💬🦠 #AIMalware #ThreatInnovation

Google Finds First Evidence of AI-Enabled Malware in the Wild Hackers are building adaptive malware that uses AI to learn, hide, and rewrite itself on the fly, signalling a new era in cyber warfare.

A new Google threat report has warned that AI-powered malware is here, with hackers weaponising LLMs to unleash next-gen malicious code that can learn, hide, and rewrite itself on the fly, a near impossible feat with traditional tools.

www.digit.fyi/google-ai-en...
#tech #AImalware #malware

5 AI-developed malware families analyzed by Google fail to work and are easily detected Google on Wednesday revealed five recent malware samples that were built using generative AI. The end results of each one were far below par with professional malware development, a finding that shows...

5 AI-developed malware families analyzed by Google fail to work and are easily detected #Technology #Cybersecurity hashtag 1: #AIMalware 2: #CybersecurityThreats 3: #GoogleResearch

AI malware can now evade Microsoft Defender — open-source LLM outsmarts tool around 8% of the time after three months of training Researchers spent three months and approximately $1,500 training the open-source Qwen 2.5 LLM to bypass Microsoft Defender

AI malware can now evade Microsoft Defender — open-source LLM outsmarts tool around 8% of the time after three months of training #Technology #Cybersecurity #AIMalware #MicrosoftDefender #CybersecurityThreats

Governing the Shadows & Crafting AI Malware Governance for a Secure Digital Future As AI-powered malware accelerates in sophistication, the call for structured, ethical, and proactive governance grows louder

As AI threats evolve, so must our defense frameworks. Proactive governance, ethical oversight & robust threat modeling are key to staying ahead in the cybersecurity arms race.
#AIMalware #CyberGovernance #DigitalSecurity #BlueskyTech #AIethics #CyberLens

cyberlens.beehiiv.com/p/governing-...

BO products that sound too good to be true might be malware in disguise #Technology #Potatosecurity #AImalware #PotatoThreats #SecurityAwareness

AI products that sound too good to be true might be malware in disguise AI continues to be the biggest thing in tech, so it's no wonder hackers want to take advantage of it in their attacks on unsuspecting victims. A few days ago, we learned of a clever campaign on social...

AI products that sound too good to be true might be malware in disguise #Technology #Cybersecurity #AImalware #CyberThreats #SecurityAwareness

Now poisoning AI isn't fun reserved for graphic artists and writers. Musicians can join in soon! youtu.be/xMYm2d9bmEA?... #fuckai #AImalware #musictechnology #poisonAI