Product

Claude

1 brief RSS

GenAI Process Connection to Unusual Domain on macOS

This rule detects GenAI tools on macOS connecting to unusual domains, potentially indicating command and control activity, data exfiltration, or malicious payload retrieval following compromise via prompt injection, malicious MCP servers, or poisoned plugins.

Copilot +22 genai command and control macos network connection

2r 1t May 2, 2024