Cyware Daily Threat Intelligence, November 06, 2025

Attackers are using stolen digital certificates to hunt North Korean HRDs. The new EndClient RAT is being delivered in a campaign that impersonates trusted contacts on platforms like KakaoTalk.

The next generation of malware is here, and it's using AI to hide. Google has identified PROMPTFLUX, a new malware that uses the Gemini AI model to autonomously rewrite its own code. This technique allows it to change its signature every hour.

Google is rushing out an emergency update for Chrome to patch five security flaws. The most severe vulnerability was discovered in the WebGPU component. This critical flaw poses a significant risk as it could allow for remote code execution.

Top Malware Reported in the Last 24 Hours

New EndClient RAT targets North Korean HRDs

The new EndClient RAT is actively targeting North Korean Human Rights Defenders (HRDs) by leveraging stolen code-signing certificates to evade antivirus detection. Delivered through a malicious Microsoft Installer package disguised as “StressClear.msi,” the malware exploits social engineering tactics, with attackers impersonating trusted contacts to distribute the infection. The campaign began when threat actors compromised a prominent activist’s Google account, subsequently hijacking their KakaoTalk account to spread the RAT to additional targets. This malware employs AutoIT scripting for persistence and anti-analysis features, demonstrating alarmingly low detection rates among antivirus engines. The EndClient RAT's C2 communication utilizes a custom JSON-based protocol, allowing it to execute remote commands and transfer files.

Google unveils PROMPTFLUX malware

Google has identified a new malware named PROMPTFLUX, which utilizes its Gemini AI model to autonomously rewrite its VB Script source code on an hourly basis, enhancing its obfuscation and evasion capabilities. This malware interacts with Gemini's API to request specific code modifications aimed at evading antivirus detection. Although currently in the development phase, PROMPTFLUX establishes persistence by saving its obfuscated versions in the Windows Startup folder and attempts to spread via removable drives. Additionally, other AI-driven malware variants, including FRUITSHELL and PROMPTLOCK, have emerged, demonstrating the growing trend of threat actors leveraging AI for malicious purposes. 

Phishing campaign targets Booking[.]com

A sophisticated phishing campaign has emerged, targeting Booking[.]com hotels and customers by exploiting compromised accounts and customer data. Threat actors deploy infostealing malware to gather credentials from hotel systems, which are then sold on cybercrime forums or used for fraudulent activities. The ClickFix infection chain is employed, utilizing spearphishing emails that mimic Booking[.]com to redirect victims to malicious websites. This chain involves redirection tactics and PowerShell commands to deliver PureRAT that enables remote control and data exfiltration. 

Top Vulnerabilities Reported in the Last 24 Hours

Google issues emergency Chrome update

Google has released an emergency update for Chrome to address five vulnerabilities, including critical and medium-severity flaws. The most severe issue is CVE-2025-12725, an out-of-bounds write vulnerability in the WebGPU implementation, which poses a significant risk of remote code execution. Other critical vulnerabilities include CVE-2025-12726 and CVE-2025-12727, both related to inappropriate implementations in the Views component and the V8 JavaScript engine, respectively. Additionally, two medium-severity vulnerabilities, CVE-2025-12728 and CVE-2025-12729, were identified in the Omnibox search and navigation bar. The update is being rolled out across all platforms, including Windows, Mac, Linux, Android, and iOS.

Critical vulnerabilities found in ChatGPT models

Tenable uncovered critical vulnerabilities in OpenAI's ChatGPT models, including GPT-4 and GPT-5, which could enable attackers to steal private user data and launch zero-click attacks. These vulnerabilities exploit weaknesses in ChatGPT’s processing of external data and its memory feature, allowing malicious actors to inject harmful prompts through trusted websites and URL parameters. One alarming technique, known as “Conversation Injection,” can manipulate ChatGPT’s responses, while another vulnerability bypasses safety mechanisms, exfiltrating user data via tracking links. Attackers can achieve persistence by altering ChatGPT’s memory, leading to ongoing data leaks across multiple sessions. Additionally, a markdown rendering bug allows hidden malicious content to be processed undetected.