Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

Updated on December 22, 2025

Cybersecurity researchers have disclosed details of a new malicious package on the npm repository that works as a fully functional WhatsApp API, but also contains the ability to intercept every message and link the attacker’s device to a victim’s WhatsApp account.
The package, named “lotusbail,” has been downloaded over 56,000 times since it was first uploaded to the registry by a user named “…

Read the rest of the story at Read More

Source: The Hacker News

December 17, 2023 Uncategorized

MongoDB Suffers Security Breach, Exposin...

January 9, 2026 Uncategorized

Russian APT28 Runs Credential-Stealing C...

December 29, 2025 Uncategorized

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

Related posts

MongoDB Suffers Security Breach, Exposin...

Russian APT28 Runs Credential-Stealing C...

MongoDB Vulnerability CVE-2025-14847 Und...

Leave a Comment Cancel reply

Recent News

MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors

Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations

Cybersecurity Predictions 2026: The Hype We Can Ignore (And the Risks We Can’t)

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024

FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing

WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging

China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes