Npm

🟠 High | Source: The Hacker News This weekly bulletin covers a broad range of active threats including abuse of Claude AI chat links for malware delivery, malicious npm packages acting as C2 infrastructure, device-code phishing campaigns, and fileless macOS attacks. Attackers are increasingly exploiting legitimate platforms and trusted tooling — AI assistants, package registries, and cloud agent frameworks — as delivery and persistence mechanisms. The breadth of this bulletin reflects a threat landscape where well-understood, intentional system behaviours are being weaponised rather than bypassed. ...

🟠 High | Source: The Hacker News 144 npm packages in the Mastra AI framework namespace were compromised after an attacker hijacked a contributor’s npm account, in an attack dubbed ’easy-day-js’. The malicious packages could have been pulled into AI application builds by developers unaware of the compromise. This is a classic software supply chain attack, where trust in a legitimate open-source project is exploited to distribute malicious code at scale. ...