TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

By rooter

Cybersecurity researchers have disclosed details of a new malicious package on the npm repository that works as a fully functional WhatsApp API, but also contains the ability to intercept every message and link the attacker’s device to a victim’s WhatsApp account.
The package, named “lotusbail,” has been downloaded over 56,000 times since it was first uploaded to the registry by a user named “

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

How to Choose the Best Security Companies in Fort Worth for Your Business

rooter
Cyber Security

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

rooter
Cyber Security

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

rooter

Leave a Reply

You Missed

News

United’s President Predicted in 1976 the Airline Would Fly Supersonic Jets in 2026

News

Lol, Paramount Turned Down Max Landis’ ‘GI Joe’ Pitch

News

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 88

News

AI Czar David Sacks wants Trump to ‘get out’ of Iran