NPM package with 56,000 downloads compromises WhatsApp accounts

The NPM package Lotusbail, downloaded over 56,000 times, has been revealed to steal WhatsApp credentials and data by acting as a malicious WhatsApp Web API library. This package, which supports sending and receiving messages, intercepts credentials, contacts, and media, and even hijacks the device pairing process, granting attackers persistent account access.