Socket’s Threat Research Team has uncovered a sophisticated supply chain attack targeting developers integrating with the WhatsApp Business API. Two malicious npm packages, naya-flore and nvlore-hsc, published by the npm user nayflore using the email [email protected], disguise themselves as legitimate WhatsApp socket libraries. These packages exploit the growing ecosystem of third-party tools for WhatsApp automation, […]

The post Weaponized npm Packages Target WhatsApp Developers with Remote Kill Switch appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Source: gbHackers
Source Link: https://gbhackers.com/weaponized-npm-packages-target-whatsapp-developers/