Microsoft warns of AutoJack RCE attacks on AI agents

Microsoft's Defender Security Research Team disclosed AutoJack, a vulnerability chain in AutoGen Studio that lets a malicious website achieve remote code execution on a device running an AI agent. The chain exploits localhost trust, skipped login checks, and arbitrary code execution. The issue existed only in early GitHub builds and was fixed before release.