Google found a new malware called PROMPTFLUX that uses Visual Basic Script to modify itself by interacting with its Gemini AI model. This malware seeks to evade detection by generating obfuscated code and is still in the development phase, lacking the ability to compromise networks. Security experts debate its effectiveness and significance.

Google reported that the North Korean group UNC2970 used its AI model, Gemini, for reconnaissance on high-value targets, including cybersecurity firms. This trend of hacking groups leveraging generative AI for malicious purposes raises concerns about the evolving methods of cyber attacks. Google is enhancing its safety measures to counteract these threats.

Researchers from Tel Aviv University have demonstrated a new type of cyber attack they call "promptware" by using calendar events to manipulate Google's AI, Gemini, into controlling smart home devices. By embedding malicious instructions in calendar appointments, they successfully executed indirect prompt injection attacks, allowing unauthorized control over devices like lights and thermostats. This incident marks a significant shift in how AI vulnerabilities can impact the physical world.