Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing ...

A malicious npm package with more than 56,000 downloads masquerades as a working WhatsApp Web API library, and then it steals ...

Ghost pairing exploits WhatsApp's Linked Devices feature, which allows users to access their account on multiple devices.

A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal ...

Cybersecurity experts warn of a WhatsApp scam that silently hijacks accounts using device-linking features, letting attackers ...

A malicious npm package posing as a WhatsApp API intercepts messages, steals credentials, and links attacker devices after 56 ...

Threat actors are abusing the legitimate device-linking feature to hijack WhatsApp accounts via pairing codes in a campaign ...

In, reveals a dangerous flaw in WhatsApp dubbed GhostPairing. This vulnerability enables hackers to take over user accounts ...

A new attack abusing a legitimate device pairing feature of the app could be used to penetrate employee WhatsApp Groups.

What makes GhostPairing particularly concerning is that it does not exploit a software vulnerability or weaken encryption.

The 'GhostPairing' vulnerability in WhatsApp enables attackers to seize full control of an account, providing them with ...

Under the new rule, the DoT requires messaging apps, including WhatsApp, Telegram, and Signal, to implement "SIM binding", ...