Weekly Threat Bulletin: Claude Abuse, npm C2 & Phishing
🟠 High | Source: The Hacker News This weekly bulletin covers a broad range of active threats including abuse of Claude AI chat links for malware delivery, malicious npm packages acting as C2 infrastructure, device-code phishing campaigns, and fileless macOS attacks. Attackers are increasingly exploiting legitimate platforms and trusted tooling — AI assistants, package registries, and cloud agent frameworks — as delivery and persistence mechanisms. The breadth of this bulletin reflects a threat landscape where well-understood, intentional system behaviours are being weaponised rather than bypassed. ...