Security researchers discovered a fake WhatsApp API package on npm that steals developer credentials, raising fresh alarms about the growing risks facing the open source software supply chain. The ...

Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing messages and maintaining persistence. Security researchers have uncovered a ...

A popular WhatsApp library trusted by tens of thousands of developers was quietly spying on messages, contacts, and credentials, maintaining access even after being uninstalled. For more than six ...

A malicious npm package with more than 56,000 downloads masquerades as a working WhatsApp Web API library, and then it steals messages, harvests credentials and contacts, and hijacks users' WhatsApp ...

A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp messages, collect contacts, and gain access to the account. A fork of ...

Cybersecurity researchers have disclosed details of a new malicious package on the npm repository that works as a fully functional WhatsApp API, but also contains the ability to intercept every ...

Most major platforms have dealt with large-scale data leaks tied to weak or unprotected APIs. You've seen this play out with Facebook, X and even Dell. The pattern is always the same. A feature meant ...

The Meta messaging app’s new terms prohibit rival AI chatbots. The Meta messaging app’s new terms prohibit rival AI chatbots. is a news editor with over a decade’s experience in journalism. He ...

Meta's AI service integration into WhatsApp under scrutiny Interim measures may include suspending new WhatsApp terms for business Meta accused of blocking rival AI chatbots, affecting competition ...