Worrying WhatsApp attack can steal messages and even accounts - here's how to stay safe from "poisoned" attack

The malicious fork, named ‘lotusbail’ has all the same functionality as the legitimate project, but it also steals WhatsApp authentication tokens and session keys. Furthermore, it intercepts and ...
The Hacker News

Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites

Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites | Read more hacking news on The Hacker News ...

The top software development news of the year

This article contains 10 of what we believe to be the biggest stories we covered throughout the year on SD Times.
ET CIO

Top 7 API Automation Testing Tools for Software Developers in 2025

Explore the top 7 API automation testing tools for software developers in 2025, their features, strengths, pricing, and how they enhance API reliability and performance.
ET CIO

Top 7 Penetration Testing Tools for Enterprises in 2025

Discover the top seven penetration testing tools essential for enterprises in 2025 to enhance security, reduce risks, and ensure compliance in an evolving cyber landscape. Learn about their core ...
Cybernews

Code that works can also be malware: this WhatsApp API is stealing messages

A malicious npm WhatsApp library with 56,000 downloads secretly stole messages, credentials, and contacts in a sophisticated ...
InfoWorld

WhatsApp API worked exactly as promised, and stole everything

Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing ...
SecurityWeek

NPM Package With 56,000 Downloads Steals WhatsApp Credentials, Data

The lotusbail NPM package steals WhatsApp credentials, messages, and contacts, and provides persistent access to the victims’ accounts.