18 matches found
MAL-2026-4369 Malicious code in @blckrose/baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17e53bba6dc765b6c0f5d1a1a33a1ebcc7827e35af3688f86555bf1c067f5d0d This package is a fork of the Baileys WhatsApp Web library that ships three undisclosed behaviors which benefit the publisher at the installer's...
Astaroth Banking Trojan Targets Brazilians via WhatsApp Messages
Researchers at Acronis have discovered a new campaign called Boto Cor-de-Rosa, where the Astaroth banking malware spreads like a worm through WhatsApp Web to steal contact lists and banking credentials...
Brazil Hit by Banking Trojan Spread via WhatsApp Worm and RelayNFC NFC Relay Fraud
The threat actor known as Water Saci is actively evolving its tactics, switching to a sophisticated, highly layered infection chain that uses HTML Application HTA files and PDFs to propagate via WhatsApp a worm that deploys a banking trojan in attacks targeting users in Brazil. The latest wave is...
Over 100 Chrome extensions break WhatsApp’s anti-spam rules
Recent research by Socket’s Threat Research Team uncovered a massive, coordinated campaign flooding the Chrome Web Store with 131 spamware extensions. These add-ons hijack WhatsApp Web—the browser version of WhatsApp—to automate bulk messages and skirt anti-spam controls. Spamware is software tha...
131 Chrome Extensions Caught Hijacking WhatsApp Web for Massive Spam Campaign
Cybersecurity researchers have uncovered a coordinated campaign that leveraged 131 rebranded clones of a WhatsApp Web automation extension for Google Chrome to spam Brazilian users at scale. The 131 spamware extensions share the same codebase, design patterns, and infrastructure, according to...
Fedora 39 : webkitgtk (2024-e1357fc22f)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e1357fc22f advisory. Fix login QR code not shown in WhatsApp web. Disable PSON by default again in GTK 3 API versions. Disable DMABuf video sink by default to prevent fi...
Fedora 40 : webkitgtk (2024-4c6304b6fa)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-4c6304b6fa advisory. Fix login QR code not shown in WhatsApp web. Disable PSON by default again in GTK 3 API versions. Disable DMABuf video sink by default to prevent fi...
Attackers Exploit Brazil’s PIX System with GoPIX Malware Campaign
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The popularity of Brazils PIX payment system has attracted cybercriminals using GoPIX malware, targeting users searching for "WhatsApp web" with malicious ads. This poses a threat to users financial and...
WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting Exploit
Exploit for multiple platform in category web applications Title: WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting Exploit Author: Gal Weizman Vendor Homepage: https://www.whatsapp.com Software Link: https://web.whatsapp.com/desktop/windows/release/x64/WhatsAppSetup.exe Software Link:...
This WhatsApp Bug Could Have Let Attackers Access Files On Your PCs
A cybersecurity researcher today disclosed technical details of multiple high severity vulnerabilities he discovered in WhatsApp, which, if exploited, could have allowed remote attackers to compromise the security of billions of users in different ways. When combined together, the reported issues...
WhatsApp Flaw Lets Users Modify Group Chats to Spread Fake News
WhatsApp, the most popular messaging application in the world, has been found vulnerable to multiple security vulnerabilities that could allow malicious users to intercept and modify the content of messages sent in both private as well as group conversations. Discovered by security researchers at...
Awesome! WhatsApp Now Lets You Send Files of Any Format
Have you ever felt like wishing of sending any type of file immediately to your friends and office colleagues on WhatsApp directly, instead of just contacts, images or documents? Well, now you can… The latest version of WhatsApp for Android and iOS now allows users to send and receive any type of...
WhatsApp Web Username Bypass Vulnerability
Exploit for tricks platform in category remote exploits Title: Web WhatsApp Username Bypass Date: 31.10.2016 Author: Glumi Software Link: https://web.whatsapp.com/ Why this works: Web WhatsApp is filtering null bytes for all username inputs but this can be bypassed by using the"NOP"-character 0x9...
WhatsApp launches Desktop Software for Windows and Mac Users
The most popular messaging app WhatsApp now has a fully functional desktop app – both for Mac as well as Windows platform. Facebook-owned WhatsApp messaging software has been a mobile-only messaging platform forever, but from Tuesday, the company is offering you its desktop application for both...
WhatsApp Web 'vCard' Format Remote Code Execution Vulnerability
WhatsApp is a suite of cross-platform mobile applications that utilize the web to deliver text messages, and WhatsApp Web is the web version. A remote code execution vulnerability exists in WhatsApp Web, which allows remote attackers to conduct denial-of-service attacks or execute arbitrary code ...
How To Use WhatsApp Web Client on iPhone and Other iOS Devices
WhatsApp Web client support is now available for iOS users. That's right, now iOS users can access their instant messaging facility on the web; without taking the other route via jailbreaking. Eight months ago, on January 21, 2015, WhatsApp was made available on web browsers, and let Android,...
Beware of Fake 'WhatsApp Web' Spreading Banking Trojan
Cybercriminals are known to take advantage of everything that captures public attention in order to spread malware, and the recently launched web client of the most popular WhatsApp messaging application seems to be their next target. Last month, the messaging giant WhatsApp, with 700 million use...
WhatsApp Web — New WhatsApp Feature Allows You to Chat From Your Browser
The most popular smartphone messaging service WhatsApp is now able to communicate with friends from their PC. No Rumours at all !! Enjoy WhatsApp from your desktop from now on. Last month, it was leaked that Whatsapp was working on a web client and finally from today they are introducing it to th...