Microsoft security researchers have discovered a new backdoor malware that uses the OpenAI Assistants API as a covert command-and-control channel.

The company’s Detection and Response Team (DART) discovered the new malware, named SesameOp, during an investigation into a July 2025 cyberattack, which revealed that the malware allowed attackers to gain persistent access to the compromised environment.

Deploying this malware also enabled the threat actors to remotely manage backdoored devices for several months by leveraging legitimate cloud services, rather than relying on dedicated malicious infrastructure that could alert victims to an attack and be taken down during subsequent incident response.