Pen Test Partners

Eurostar AI vulnerability: when a chatbot goes off the rails

TL;DR Introduction I first encountered the chatbot as a normal Eurostar customer while planning a trip. When it opened, it ...
InfoWorld

WhatsApp API worked exactly as promised, and stole everything

Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing ...
The Hacker News

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

A malicious npm package posing as a WhatsApp API intercepts messages, steals credentials, and links attacker devices after 56 ...