Bleeping Computer

Malicious npm package steals WhatsApp accounts and messages

A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp messages, collect contacts, and gain access to the account. A fork of ...
BusinessDen

Steel builder says CEO’s sister stole trade secrets and clients

A longtime steel building manufacturer in Denver is asking a judge to stop its CEO’s sister from continuing to use allegedly ...
Hosted on MSN

Poisoned WhatsApp API package steals messages and accounts

A malicious npm package with more than 56,000 downloads masquerades as a working WhatsApp Web API library, and then it steals messages, harvests credentials and contacts, and hijacks users' WhatsApp ...