THE Mycelium Framework is a newly identified AI-as-a-Service botnet targeting enterprise infrastructure through automated exploits and brute-force attacks. Developed by unknown actors, it employs over 20 remote code execution modules aimed at various applications like Microsoft Exchange and GitLab. The malware utilizes a modular core loader for dynamic task handling, creating a compute cluster known as NetGrid.
Communication is maintained through an IRC-based command-and-control system, secured with AES-256 encryption, allowing centralized management of compromised systems. To defend against this threat, organizations should immediately patch vulnerabilities in enterprise applications and monitor for unusual network communications.