TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

By rooter

Cybersecurity researchers have disclosed details of a new malicious package on the npm repository that works as a fully functional WhatsApp API, but also contains the ability to intercept every message and link the attacker’s device to a victim’s WhatsApp account.
The package, named “lotusbail,” has been downloaded over 56,000 times since it was first uploaded to the registry by a user named “

Oh hi there đź‘‹
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there đź‘‹
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

How to Choose the Best Security Companies in Fort Worth for Your Business

rooter
Cyber Security

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

rooter
Cyber Security

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

rooter

Leave a Reply

You Missed

News

AI companies want to harvest improv actors’ skills to train AI on human emotion

News

Security Affairs newsletter Round 567 by Pierluigi Paganini – INTERNATIONAL EDITION

News

An engineering thesis disguised as a coupe: A history of the Honda Prelude

News

Live-service games are a mess