Recent developments have escalated concerns regarding the vulnerabilities of AI tools like Microsoft Copilot and xAI's Grok, as cybersecurity researchers have demonstrated a novel attack technique that allows these AI assistants to be exploited as command-and-control (C2) proxies. This method, termed 'AI as a C2 proxy,' enables attackers to establish a bidirectional communication channel with compromised hosts by leveraging the web-browsing capabilities of these AI tools. According to Check Point, this technique allows attackers to blend in with legitimate enterprise communications, evading detection and automating various phases of cyber attacks. The researchers noted, 'This approach is similar to “living-off-trusted-sites” (LOTS) tactics,' highlighting the sophisticated nature of current cyber threats.