Malicious npm package steals WhatsApp accounts and messages

A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal ...
The Hacker News

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

A malicious npm package posing as a WhatsApp API intercepts messages, steals credentials, and links attacker devices after 56 ...