A malicious npm WhatsApp library with 56,000 downloads secretly stole messages, credentials, and contacts in a sophisticated ...

Hackers have found a way to quietly take over WhatsApp accounts without touching passwords, SMS codes, or the app’s ...

A malicious npm package with more than 56,000 downloads masquerades as a working WhatsApp Web API library, and then it steals ...

Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing ...

A new WhatsApp scam, called GhostPairing, has begun to quietly unsettle cybersecurity researchers as the attack somehow evades the app's most common security me ...

India’s cyber security agency CERT-In has issued a high-severity advisory about a WhatsApp account takeover campaign called ...

The so-called GhostPairing scam takes advantage of legitimate features in order to trick WhatsApp users into linking their ...

WhatsApp today is much more than just a messaging app—it’s used for money transfers, video calls, and sharing important ...

Cybersecurity experts warn of a WhatsApp scam that silently hijacks accounts using device-linking features, letting attackers ...

Threat actors are abusing the legitimate device-linking feature to hijack WhatsApp accounts via pairing codes in a campaign ...

In context: WhatsApp is one of the most popular communication platforms of all time with around three billion users worldwide. This means that even the slightest security flaw in the app could pose a ...

A malicious npm package posing as a WhatsApp API intercepts messages, steals credentials, and links attacker devices after 56 ...