Researchers Demonstrate AI Assistants Can Be Used for C2 Attacks

Cybersecurity researchers have shown that AI assistants with web browsing or URL retrieval capabilities, such as Microsoft Copilot and xAI Grok, can be exploited as stealthy command-and-control (C2) relays. This technique allows attackers to hide their malicious communications within legitimate corporate traffic, thereby bypassing detection mechanisms. No specific dates or additional technical details (such as specific vulnerabilities or indicators of compromise) are mentioned. The main impact lies in the exploitation of these tools as proxies for C2 infrastructures. Source: https://thehackernews.com/2026/02/researchers-show-copilot-and-grok-can.html