Malicious npm package steals WhatsApp accounts and messages

Published on December 22, 2025

A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp messages, collect contacts, and gain access to the account. [...]

Continue reading on website
Other news

Romanian water authority hit by ransomware attack over weekend

December 22, 2025
Romanian Waters (Administrația Națională Apele Române), the country's water management authority, was hit by a ransomware attack over the weekend. [...]

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

December 22, 2025
Cybersecurity researchers have disclosed details of a new malicious package on the npm repository that works as a fully functional WhatsApp API, but also contains the ability to intercept every message and link the attacker's device to a victim's WhatsApp account.The package, named "lotusbail," has been downloaded over 56,000 times since it was first uploaded to the registry by a user named "