SecurityWeek

NPM Package With 56,000 Downloads Steals WhatsApp Credentials, Data

The lotusbail NPM package steals WhatsApp credentials, messages, and contacts, and provides persistent access to the victims’ accounts.

Worrying WhatsApp attack can steal messages and even accounts

Taking over WhatsApp accounts "The package wraps the legitimate WebSocket client that communicates with WhatsApp. Every ...

WhatsApp Web users at security risk! Hackers may be reading your messages silently: All you need to know

According to a report by BleepingComputer, security researchers have found a 'malicious package on the Node Package Manager (NPM)' that pretends to be a genuine WhatsApp Web API library. In reality, ...