Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control (C2) relays, a technique that could allow attackers to blend into legitimate enterprise communications and evade detection. The attack method, which has been demonstrated against Microsoft Copilot and xAI Grok
![]()
source https://thehackernews.com/2026/02/researchers-show-copilot-and-grok-can.html
source https://thehackernews.com/2026/02/researchers-show-copilot-and-grok-can.html