ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories Ravie LakshmananJun 18, 2026Hacking News / Cybersecurity News The internet did not break this week. It got used exactly as designed, which is worse. Searches were siphoned through shady browser add-ons. AI chat links turned into malware delivery paths. macOS attacks ran in memory and left almost nothing behind. Cloud agents looked like helpers until attackers treated them like open shells. Add exposed edge gear, poisoned packages, cash courier scams, stealers, loaders, and phishing that barely bothers pretending anymore. Here’s the full mess. DoH lands in Windows Server 2025 Microsoft Makes DoH Generally Available on Windows DNS Server Microsoft has announced that DNS-over-HTTPS (DoH) for Windows…
CVEs: CVE-2026-20127, CVE-2026-49975
Original source: thehackernews.com