Worrying WhatsApp attack can steal messages and even accounts - here's how to stay safe from "poisoned" attack

The malicious fork, named ‘lotusbail’ has all the same functionality as the legitimate project, but it also steals WhatsApp authentication tokens and session keys. Furthermore, it intercepts and ...
InfoWorld

WhatsApp API worked exactly as promised, and stole everything

Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing ...
Axios on MSN

Here's how the DOJ releases the Epstein files and how others are making them easier to read

The Epstein files, which look into Epstein's crimes, have caused headaches for President Trump all year, stoking the flames ...
InfoQ

Nuxt Introduces Native Request Cancellation and Async Handler Extraction for Performance Gains

Nuxt 4.2 elevates the developer experience with native abort control for data fetching, improved error handling, and ...
Futurism on MSN

Activists Downloaded Pretty Much All of Spotify

Volunteer hacktivists working for Anna's Archive have managed to scrape all the metadata of the Spotify library.
SecurityWeek

NPM Package With 56,000 Downloads Steals WhatsApp Credentials, Data

The lotusbail NPM package steals WhatsApp credentials, messages, and contacts, and provides persistent access to the victims’ accounts.

Featured Chrome extension could be copying your AI chats

A “Featured” browser add-on marketed as privacy protection may have been copying AI chats. Koi Security says Urban VPN Proxy ...