Microsoft Uncovers OpenAI Abuse in SesameOp Hack

Microsoft uncovered a new cyber threat dubbed “SesameOp,” a stealthy backdoor that exploits OpenAI’s Assistants API to conduct command-and-control operations. Unlike conventional malware that uses standard communication channels, SesameOp leverages the AI interface to evade detection, prompting concerns about novel abuse vectors. Microsoft uncovers OpenAI abuse in this context as part of a broader analysis of how attackers adapt to emerging technologies.

The threat actor behind SesameOp uses the API to discreetly issue instructions and coordinate actions within compromised systems. This method avoids traditional C2 infrastructure, making it harder for defenders to trace the source or block malicious traffic. Microsoft uncovers OpenAI abuse as evidence that attackers are increasingly blending advanced tools with unconventional tactics to bypass security measures.

The company has not disclosed the identity of the threat actor or the scale of the campaign. To learn more about SesameOp and its implications, read the full article at the following link:
https://thehackernews.com/2025/11/microsoft-detects-sesameop-backdoor.html