The Hacker News

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

A malicious npm package posing as a WhatsApp API intercepts messages, steals credentials, and links attacker devices after 56 ...
InfoWorld

WhatsApp API worked exactly as promised, and stole everything

Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing ...
SecurityWeek

NPM Package With 56,000 Downloads Steals WhatsApp Credentials, Data

The lotusbail NPM package steals WhatsApp credentials, messages, and contacts, and provides persistent access to the victims’ accounts.
Yogonet

ReferOn introduces Personal Access Tokens for faster API access

Personal Access Tokens make API integration faster, simpler, and safer, the company said. Tokens are generated within seconds ...
CoinDesk

The Protocol: Bug that can drain all your tokens impacting 'thousands' of sites

New React bug that can drain all your tokens is impacting 'thousands' of websites Ripple Expands $1.3B RLUSD Stablecoin to ...
Investopedia

NFT Investment: Pros and Cons of Non-Fungible Tokens Explained

Allie is a financial writer and editor with over five years of experience. An investment banker turned journalist, she has previously reported on cryptocurrency for MT Newswires and edited ...
Forbes

Top 10 Cryptocurrencies Of December 23, 2025

Farran Powell is the managing editor of investing at Forbes Advisor. She was previously the assistant managing editor of investing at U.S. News & World Report. Her work has appeared in numerous ...