Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing ...

Ghost pairing exploits WhatsApp's Linked Devices feature, which allows users to access their account on multiple devices.

A malicious npm package with more than 56,000 downloads masquerades as a working WhatsApp Web API library, and then it steals ...

A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal ...

Over the past six months, the fake package has reportedly been downloaded more than 56,000 times., Technology & Science, ...

A malicious npm package posing as a WhatsApp API intercepts messages, steals credentials, and links attacker devices after 56 ...

Threat actors are abusing the legitimate device-linking feature to hijack WhatsApp accounts via pairing codes in a campaign ...

In, reveals a dangerous flaw in WhatsApp dubbed GhostPairing. This vulnerability enables hackers to take over user accounts ...

A new attack abusing a legitimate device pairing feature of the app could be used to penetrate employee WhatsApp Groups.

The scam usually starts with a short, casual message that appears to come from someone the victim already knows and trusts.

The 'GhostPairing' vulnerability in WhatsApp enables attackers to seize full control of an account, providing them with ...

A new scam dubbed GhostPairing is targeting WhatsApp users by abusing the app’s device-linking feature. The attack tricks ...