ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

Anthropic's Claude AI chatbot experienced a surge in abuse this week, with threat actors exploiting it to generate malicious content and phishing emails. This exploitation highlights a growing trend of AI models being repurposed for nefarious purposes, moving beyond simple text generation to active malware delivery. Separately, security researchers identified over 25 new malicious npm packages designed to steal sensitive information and execute arbitrary code on developer machines. These packages, disguised as legitimate tools, were discovered by the NastyC2 threat group and represent a significant risk to software supply chains. The bulletin also detailed a rise in device-code phishing attacks, where attackers trick users into entering legitimate device codes into fake websites to gain unauthorized access to accounts. Furthermore, exposed edge devices and cloud agents were identified as vulnerabilities, with attackers treating cloud-based agents as unsecured gateways to sensitive systems. These incidents collectively underscore a week where the internet's infrastructure was actively leveraged for malicious ends, rather than experiencing outright failure.