AI Chat Links and Cloud Agents Exploited in Sophisticated Cyber Attacks

Threat actors abused AI chat links to distribute malware, turning legitimate interaction paths into infection vectors. Malicious browser add-ons were used to siphon user search data, while macOS attacks executed in memory with minimal forensic traces. Attackers exploited cloud agents by treating them as open command shells, bypassing intended functionality. The report also highlighted exposed edge network devices, poisoned npm packages under the 'NastyC2' campaign, and device-code phishing attacks. Additional threats included cash courier scams and 25 other undisclosed security incidents. No specific dates, CVE IDs, or technical indicators were provided in the summary.