The Hacker News

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

A malicious npm package posing as a WhatsApp API intercepts messages, steals credentials, and links attacker devices after 56 ...
Pen Test Partners

Eurostar AI vulnerability: when a chatbot goes off the rails

TL;DR Introduction I first encountered the chatbot as a normal Eurostar customer while planning a trip. When it opened, it ...
InfoWorld

WhatsApp API worked exactly as promised, and stole everything

Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing ...

Claude Chrome Plugin Launches, Bringing AI Assistance Directly to Your Browser

Anthropic launches a Claude Chrome plugin that adds AI help to your browser, letting Claude fill forms, manage tasks, and ...