Microsoft SQL Server 2025’s newly introduced AI capabilities, designed to power Retrieval-Augmented Generation (RAG) pipelines, have been demonstrated to be a practical attack surface for data exfiltration and covert command-and-control (C2) communication. SQL Server 2025, released in November 2025, introduced AI-oriented features that researchers have now weaponized for offensive operations. One of the most critical […]
The post SQL Server 2025 AI Features Can Be Abused to Exfiltrate Sensitive Data appeared first on Cyber Security News.