The Hacker News

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

A malicious npm package posing as a WhatsApp API intercepts messages, steals credentials, and links attacker devices after 56 ...
InfoWorld

WhatsApp API worked exactly as promised, and stole everything

Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing ...

WhatsApp Web users at security risk! Hackers may be reading your messages silently: All you need to know

According to a report by BleepingComputer, security researchers have found a 'malicious package on the Node Package Manager ...