The Register on MSN

Poisoned WhatsApp API package steals messages and accounts

And it's especially dangerous because the code works A malicious npm package with more than 56,000 downloads masquerades as a ...
CSO Online

WhatsApp API worked exactly as promised, and stole everything

Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing messages and maintaining persistence.

Malicious npm package steals WhatsApp accounts and messages

A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp messages, collect contacts, and gain access to the account.

WhatsApp Web Users At Security Risk! Hackers May Be Reading Your Messages Silently: All You Need To Know

Over the past six months, the fake package has reportedly been downloaded more than 56,000 times., Technology & Science, ...
Fox News

How 3.5B WhatsApp numbers were scraped and exposed

Most major platforms have dealt with large-scale data leaks tied to weak or unprotected APIs. You've seen this play out with Facebook, X and even Dell. The pattern is always the same. A feature meant ...
PCQuest on MSN

Why this WhatsApp integration quietly stole accounts

A fake WhatsApp API that worked flawlessly hid a trap. It stole messages, hijacked accounts, and stayed invisible. Sometimes, ...