{"id":10732,"date":"2026-02-18T07:03:44","date_gmt":"2026-02-18T07:03:44","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/02\/18\/researchers-show-copilot-and-grok-can-html\/"},"modified":"2026-02-18T07:03:44","modified_gmt":"2026-02-18T07:03:44","slug":"researchers-show-copilot-and-grok-can-html","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/02\/18\/researchers-show-copilot-and-grok-can-html\/","title":{"rendered":"Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies"},"content":{"rendered":"<p>    Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control (C2) relays, a technique that could allow attackers to blend into legitimate enterprise communications and evade detection.<br \/>\nThe attack method, which has been demonstrated against Microsoft Copilot and xAI Grok<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><\/p>\n<p> \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/thehackernews.com\/2026\/02\/researchers-show-copilot-and-grok-can.html\">Go to TheHackersNews<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control (C2) relays, a technique that could allow attackers to blend into legitimate enterprise communications and evade detection. The attack method, [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[60],"tags":[76],"class_list":["post-10732","post","type-post","status-publish","format-standard","hentry","category-thehackersnews","tag-thehackersnews"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/10732"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=10732"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/10732\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=10732"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=10732"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=10732"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}