Cybersecurity researchers have disclosed details of a new malicious package on the npm repository that works as a fully functional WhatsApp API, but also contains the ability to intercept every message and link the attacker's device to a victim's WhatsApp account.
The package, named "lotusbail," has been downloaded over 56,000 times since it was first uploaded to the registry by a user named "



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/12/fake-whatsapp-api-package-on-npm-steals.html