Microsoft Warns a Key OpenAI API Is Being Exploited to Launch Cyberattacks

Summary

Microsoft’s incident‑response team has identified a new malware family, SesameOp, that abuses OpenAI’s Assistants API as a covert command‑and‑control channel. The backdoor stores and retrieves encrypted commands and exfiltrated data via the API, enabling long‑term persistence for espionage‑type operations. Microsoft stresses the abuse leverages a legitimate feature of the API, not a vulnerability, and notes the Assistants API is slated for deprecation in August 2026. Researchers advise organizations to audit firewall logs, enable tamper protection, and monitor for unauthorized external‑service connections.