An updated version of the Prometei malware is actively targeting Windows and Linux systems, mainly for Monero mining and credential theft, according to Palo Alto Networks. The new variant includes a backdoor, self-updating features, and uses a domain generation algorithm for C&C communication. It shows signs of active development, evasion techniques, and financial motivation, with no known links to nation-state actors.