ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories
Summary
This bulletin covers multiple cybersecurity threats including malicious browser extensions that hijack search results and route them through hidden monetization layers, a fileless macOS attack using fake system dialogs to steal credentials, and threat actors abusing Claude's legitimate chat-sharing feature to deliver malware. The common theme is attackers exploiting user trust in legitimate tools and services to conduct fraud, steal data, and distribute malware.
Solution / Mitigation
Microsoft has announced that DNS-over-HTTPS (DoH, encrypted DNS queries sent as HTTPS requests) is now generally available on Windows Server 2025, allowing organizations to 'deploy encrypted and authenticated client-to-resolver DNS traffic directly within their existing on-premises DNS infrastructure' to help improve privacy, reduce spoofing risk, and advance Zero Trust DNS (a security model that verifies every access request rather than trusting the network by default) without requiring a new resolver architecture.
Classification
Affected Vendors
Related Issues
Original source: https://thehackernews.com/2026/06/threatsday-bulletin-claude-chat-abuse.html
First tracked: June 18, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 85%