Microsoft

SesameOp: Novel backdoor uses OpenAI Assistants API for command and control

Microsoft Incident Response – Detection and Response Team (DART) researchers uncovered a new backdoor that is notable for its novel use of the OpenAI Assistants Application Programming Interface (API) ...
Dark Reading

'Ransomvibing' Infests Visual Studio Extension Market

A published VS Code extension didn't hide the fact that it encrypts and exfiltrates data and also failed to remove obvious signs it was AI-generated.
CSO Online

How crooks use IT to enable cargo theft

In the old days, crooks followed transport trucks and hijacked them. Today they use phishing, vishing and identity theft to find and divert valuable cargo via logistics systems. It’s a challenge for ...
CSO Online

New backdoor ‘SesameOp’ abuses OpenAI Assistants API for stealthy C2 operations

Microsoft uncovers a months-long campaign where threat actors used OpenAI’s legitimate API as a covert command-and-control ...

Malicious AI-made extension with ransomware capabilities sneaks on to Microsoft's official VS Code marketplace - so devs beware

A malicious extension was published on Microsoft’s official VS Code marketplace, and was able to remain there for some time ...
XDA Developers on MSN

I've only kept these 6 VS Code extensions after deep-cleaning the code editor

Besides its lightweight design and compatibility with all major operating systems, a massive collection of extensions is one ...