The Hacker News

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

A malicious npm package posing as a WhatsApp API intercepts messages, steals credentials, and links attacker devices after 56 ...

New ‘GhostPairing’ Technique Enables Undetected WhatsApp Access

Researchers warn of a new WhatsApp “GhostPairing” attack that silently links attacker devices to accounts, enabling message ...
SecurityWeek

NPM Package With 56,000 Downloads Steals WhatsApp Credentials, Data

The lotusbail NPM package steals WhatsApp credentials, messages, and contacts, and provides persistent access to the victims’ accounts.
ABP News on MSN

This WhatsApp scam lets hackers read your chats without OTP or password

A new and dangerous scam is targeting WhatsApp users by misusing the app’s device-linking feature. Cybersecurity experts have ...

New cyber threat: This new message can hijack your WhatsApp account without OTPs, SIM swap; know about 'GhostPairing' attack, tips to protect yourself

The scam usually starts with a short, casual message that appears to come from someone the victim already knows and trusts.

New Year 2026 Scam Alert: This WhatsApp Greeting Could Wipe Your Bank Account

Cybercriminals can leverage this scam to steal your personal and banking data, compromise user privacy, and install malware ...