The Register
Hackers have found a new use for OpenAI's Assistants API – not to write poems or code, but to secretly control malware.
Microsoft this week detailed a previously unseen backdoor dubbed "SesameOp," which abuses OpenAI's Assistants API as a command-and-control channel to relay instructions between infected systems and the attackers pulling the strings. First spotted in July during a months-long intrusion, the campaign hid in plain sight by blending its network chatter with legitimate AI traffic – an ingenious way to stay invisible to anyone assuming "api.openai.com" meant business as usual.
AI browsers face a security flaw as inevitable as death and taxes
According to Microsoft's Incident Response team, the attack chain starts with a loader that uses a trick known as ".NET AppDomainManage
Crooks and Liars
WVTM 13 Entertainment
5 On Your Side Sports