This weekly bulletin covers a broad range of active threats including abuse of Claude AI chat links for malware delivery, malicious npm packages acting as C2 infrastructure, device-code phishing campaigns, and fileless macOS attacks. Attackers are increasingly exploiting legitimate platforms and trusted tooling — AI assistants, package registries, and cloud agent frameworks — as delivery and persistence mechanisms. The breadth of this bulletin reflects a threat landscape where well-understood, intentional system behaviours are being weaponised rather than bypassed.

Security Architect’s Take: Audit any cloud agent or AI-integrated workflows for overly permissive execution contexts, and enforce npm package allowlisting or lockfile integrity checks in your CI/CD pipelines. Review browser extension policies for managed devices and ensure device-code authentication flows are restricted where not operationally required.

Original advisory: ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

144 npm packages in the Mastra AI framework namespace were compromised after an attacker hijacked a contributor’s npm account, in an attack dubbed ’easy-day-js’. The malicious packages could have been pulled into AI application builds by developers unaware of the compromise. This is a classic software supply chain attack, where trust in a legitimate open-source project is exploited to distribute malicious code at scale.

Security Architect’s Take: Audit your dependency trees immediately for any ‘@mastra/*’ packages and verify package integrity against known-good checksums or publish timestamps. Enforce npm account MFA requirements for all contributors in internally mirrored or approved package registries, and consider implementing a software composition analysis (SCA) tool with real-time supply chain monitoring to catch future account hijack incidents before they reach your builds.

Original advisory: 144 Mastra npm Packages Compromised via Hijacked Contributor Account