Enterprise security teams racing to enable generative AI tools may be overlooking a new risk: attackers can abuse web-based AI assistants such as Grok and Microsoft Copilot to quietly relay malware communications through domains that are often exempt from deeper inspection. The technique, outlined by Check Point Research (CPR), exploits the web-browsing and URL-fetch capabilities of these platforms to create a bidirectional command-and-control channel that blends into routine AI traffic and requires neither an API key nor an authenticated account. “Our proposed attack scenario is quite simple: an attacker infects a machine and installs a piece of malware,” CPR said. The malware then communic...