Microsoft: SesameOp malware abuses OpenAI Assistants API in attacks

Microsoft security researchers have discovered a new backdoor malware that uses the OpenAI Assistants API as a covert command-and-control channel.

Chinese hackers target European diplomats with Windows zero-day flaw

Mustang Panda used CVE-2025-9491 to target European diplomats via phishing and malicious .LNK files Exploited Windows Shell ...

OAuth Device Code Phishing: Azure vs. Google Compared

Azure can yield very powerful tokens while Google limits scopes, reducing the blast radius. Register for Huntress Labs' Live ...