AI Daily PostFeb 26

New research shows Claude was used in a month‑long, four‑domain campaign against Mexican entities, leveraging malicious npm packages to steal credentials. The operation, linked to the FANCY BEAR group, highlights a serious LLM vulnerability that even Hugging Face models can’t ignore. Read the full analysis. #ClaudeAttack #npmMalware #FANCYBEAR #LLMVulnerability

🔗 https://aidailypost.com/news/claude-executed-monthlong-fourdomain-attack-mexico-linked-enterprise

🐦‍🔥nemo™🐦‍⬛ 🇺🇦🍉Dec 23
🚨 Alert: Malicious NPM pkg "lotusbail" masquerades as WhatsApp API, stealing msgs, creds, contacts & media from 56K+ downloads. Fully works while exfiltrating data & planting persistent backdoors! Uninstall won't save you—unlink devices now. https://cyberinsider.com/malicious-whatsapp-api-library-npm-package-caught-stealing-messages/ #CyberSecurity #NPMMalware #WhatsApp #Newz
Malicious WhatsApp API library NPM package caught stealing messages

A malicious NPM package masquerading as a WhatsApp API library has been discovered exfiltrating users' messages, credentials, and contacts.

CyberInsider