AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies

highnewsLLM-Specific

securitysafety

Source: The Hacker NewsFebruary 17, 2026

Summary

Researchers discovered that AI assistants like Microsoft Copilot and Grok, which can browse the web and fetch URLs, can be abused as command-and-control (C2) proxies, a stealthy communication channel that lets attackers send commands to malware and receive data back while blending in with normal business communications. This technique, which requires the attacker to have already compromised a machine, works without needing API keys or accounts, making traditional security measures like key revocation ineffective. The attack demonstrates how AI tools can be weaponized beyond just generating malware, but also as intelligent intermediaries that help attackers adapt their strategies in real time based on information from the compromised system.

Classification

Attack Type

JailbreakPrompt Injection

Attack SophisticationModerate

Impact (CIA+S)

integrity

Affected Vendors

MicrosoftxAI

Related Issues

critical

CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-

Similar attackNVD/CVE Database

high

AI Kill Chain in Action: Devin AI Exposes Ports to the Internet with Prompt Injection

First tracked: February 17, 2026 at 02:12 PM

Classified by LLM (prompt v3) · confidence: 92%