ThreatsDay Bulletin: AI Chat Abuse, NastyC2 Packages, and macOS Memory Attacks

The latest ThreatsDay bulletin from The Hacker News catalogs more than two dozen active threats, with several standing out for their sophistication and reach. Among the most concerning are the abuse of AI chat platforms like Claude for malware delivery, the discovery of NastyC2 backdoors hidden in npm packages, and novel device-code phishing campaigns that bypass traditional multifactor authentication protections.

Attackers have begun weaponizing AI-generated chat links, embedding malware into responses shared via platforms like Claude. The bulletin notes that these links appear legitimate but redirect users to malicious download sites. Meanwhile, the NastyC2 framework has been found embedded in at least three npm packages, allowing attackers to remotely control compromised systems through a command-and-control infrastructure that evades detection by mimicking legitimate JavaScript libraries.

Device-code phishing represents a particularly insidious vector, exploiting the OAuth device authorization flow. Victims are tricked into entering a code on a legitimate login page, granting attackers persistent access tokens without requiring passwords or MFA bypass. The macOS attacks described run entirely in memory, leaving minimal forensic evidence and complicating incident response efforts for enterprise security teams.

Suspicious browser extensions have been observed exfiltrating search queries and browsing data from thousands of users. Cloud-native agents, designed for remote monitoring, are being repurposed as backdoors by threat actors who leverage open console access to deploy ransomware and data stealers. Exposed edge networking gear remains a favorite target for initial access, with unpatched devices being scanned and exploited within hours of disclosure.

While the bulletin aggregates threats from multiple sources, it does not provide specific CVEs or patch guidance for every item. Security teams should prioritize auditing browser extension permissions, monitoring for unusual npm package installations, and reviewing OAuth token grants. The breadth of attack vectors underscores that no single defensive layer is sufficient against the current threat landscape.