A new botnet named Androxgh0st is expanding its operations by exploiting vulnerabilities in university servers in the United States. The botnet is capable of executing various malicious activities, raising concerns about its potential impact on educational institutions and cybersecurity.

A fake "My Vodafone" app was distributed to targets via SMS, claiming to restore mobile data connectivity after an attacker disabled their connection. The app, signed with an enterprise certificate, contains multiple privilege escalation exploits, including an unusual sixth exploit related to the iPhone's Display Co-Processor (DCP), which raises concerns about the security implications of compromising such co-processors in modern devices.

The article explores the concept of developing C2-less malware using large language models (LLMs) for autonomous decision-making and exploitation. It discusses the implications of such technology, particularly through a malware example called "PromptLock," which utilizes LLMs to generate and execute code without human intervention. The author proposes a proof of concept for self-contained malware capable of exploiting misconfigured services on a target system.

Attackers are exploiting Velociraptor, a forensic tool, to create malware that evades detection by security systems. This misuse demonstrates a growing trend of utilizing legitimate tools for malicious purposes, highlighting the need for improved security measures to combat such tactics.