{"data":{"id":"daa132b8-2e8f-47a1-b553-a380b455879d","title":"Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies","summary":"Researchers discovered that AI assistants like Microsoft Copilot and Grok, which can browse the web and fetch URLs, can be abused as command-and-control (C2) proxies, a stealthy communication channel that lets attackers send commands to malware and receive data back while blending in with normal business communications. This technique, which requires the attacker to have already compromised a machine, works without needing API keys or accounts, making traditional security measures like key revocation ineffective. The attack demonstrates how AI tools can be weaponized beyond just generating malware, but also as intelligent intermediaries that help attackers adapt their strategies in real time based on information from the compromised system.","solution":"N/A -- no mitigation discussed in source.","labels":["security","safety"],"sourceUrl":"https://thehackernews.com/2026/02/researchers-show-copilot-and-grok-can.html","publishedAt":"2026-02-17T18:08:00.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["jailbreak","prompt_injection"],"issueType":"news","affectedPackages":null,"affectedVendors":["Microsoft","xAI"],"affectedVendorsRaw":["Microsoft Copilot","xAI Grok","Palo Alto Networks Unit 42"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}