Imma spy on you

Based on this article by Timothy Beck Werth posted on Mashable.

A new wave of cyber espionage is here, as Microsoft warns that the OpenAI Assistants API is being abused as a sophisticated backdoor for long-term ops. Researchers discovered the malware, named SesameOp, which cleverly uses the API as a command-and-control (C2) channel to stealthily fetch commands and orchestrate malicious activities.

This novel approach allows threat actors to remain virtually undetectable, masking their illicit communication within the API's legitimate functions. Developers should immediately audit their perimeter firewalls, review Microsoft's mitigation steps, and consider migrating early, as the Assistants API is set to be deprecated.

Check out this article.

Related Stories