Security Feed
  1. Archives

Dec 22 2025 Malicious npm package steals WhatsApp accounts and messages

Source

A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp messages, collect contacts, and gain access to the account. [...]

Posted by Bill Toulas on Mon 22 December 2025 in BleepingComputer.

Tags: Security.

Categories

  1. Ars Technica
  2. AWS Security
  3. BleepingComputer
  4. Brian Krebs
  5. Bruce Schneier
  6. GCP Security
  7. Google Project Zero
  8. The Daily Swig
  9. The Guardian
  10. The Register
  11. Threatpost

Tag cloud

  • Security
  • Uncategorized
  • Security, Identity, & Compliance
  • Security Blog
  • Biz & IT
  • Microsoft
  • Security & Identity
  • AI
  • google
  • CryptoCurrency
  • Announcements
  • Foundational (100)
  • A Little Sunshine
  • Legal
  • Artificial Intelligence
  • privacy
  • Mobile
  • Apple
  • squid
  • Intermediate (200)
  • Advanced (300)
  • Technical How-to
  • The Coming Storm
  • hacking
  • Best Practices

Security Feed. Powered by Pelican and m.css. Code is available on GitLab.