Socket’s Threat Research Team has uncovered a sophisticated supply chain attack targeting developers integrating with the WhatsApp Business API. Two malicious npm packages, naya-flore and nvlore-hsc, published by the npm user nayflore using the email idzzcch@gmail.com, disguise themselves as legitimate WhatsApp socket libraries. These packages exploit the growing ecosystem of third-party tools for WhatsApp automation, […] The post Weaponized npm Packages Target WhatsApp Developers with Remote Kill Switch appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/weaponized-npm-packages-target-whatsapp-developers/
