The internet didn’t break this week. It just got used exactly as designed. That’s the problem.
Let’s start with the browser extensions. Security researcher Jean-Marie R. uncovered a cluster of 23 deceptive Chrome extensions quietly overriding users’ default search engines and routing every query through shady monetization middleware. Each one masquerades as something useful — satellite imagery, productivity tools, news readers, maps. The real business is search affiliate revenue, and roughly 758,000 users have been affected. The concerning part: these operators control the web traffic, so they could swap regular search results for phishing links or malware downloads anytime without even updating the extension code.
Switching to macOS — a Russian-speaking threat actor has been targeting users across Asia, North America, and Oceania with a fileless ClickFix attack chain. Victims encounter fake download pages for a malware scanner, get tricked into pasting a terminal command, and end up running a gzip-compressed stager that pipes an AppleScript payload directly into memory. No files on disk. The payload, codenamed “Meow (DEBUG),” harvests credentials, browser data, cookies, and keychain contents. It also trojanizes legitimate crypto wallets and sets up persistent command-and-control access. All without writing a single file until the persistence mechanism kicks in.
Then there’s the Claude chat abuse. Trend Micro spotted attackers hijacking Google Ads searches for popular AI developer tools, funneling over 2,000 victims toward malicious download pages. When Google caught on, they simply moved the operation onto claude.ai’s shared chat feature, turning a trusted domain into a delivery mechanism for credential-stealing malware. The Asia-Pacific region took the hit hardest — 67.2% of confirmed victims, with Taiwan alone accounting for 30.5%. Anthropic has since banned the accounts and is rolling out additional abuse protections.
Microsoft announced that DNS-over-HTTPS for Windows Server is now generally available, which is a genuine privacy win. AWS launched an AI-powered vulnerability management agent that can discover, validate, and prioritize exploitable bugs at machine speed. And on the policy side, the U.S. government restricted Anthropic’s Claude Fable 5 and Mythos 5 models after the company revoked SK Telecom’s access over alleged China ties.
Finally, if you missed it: 23 Chrome extensions siphoning searches, a ClickFix campaign running entire attack chains in macOS memory, and an AI coding agent vulnerability in a VS Code extension with over 4 million installs. It’s been a busy week.
