Lucene search
K

18 matches found

OSV
OSV
added 2026/05/23 1:14 a.m.5 views

MAL-2026-4369 Malicious code in @blckrose/baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17e53bba6dc765b6c0f5d1a1a33a1ebcc7827e35af3688f86555bf1c067f5d0d This package is a fork of the Baileys WhatsApp Web library that ships three undisclosed behaviors which benefit the publisher at the installer's...

5.9AI score
Exploits0References2
HackRead
HackRead
added 2026/01/08 9:4 p.m.10 views

Astaroth Banking Trojan Targets Brazilians via WhatsApp Messages

Researchers at Acronis have discovered a new campaign called Boto Cor-de-Rosa, where the Astaroth banking malware spreads like a worm through WhatsApp Web to steal contact lists and banking credentials...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/03 3:32 p.m.9 views

Brazil Hit by Banking Trojan Spread via WhatsApp Worm and RelayNFC NFC Relay Fraud

The threat actor known as Water Saci is actively evolving its tactics, switching to a sophisticated, highly layered infection chain that uses HTML Application HTA files and PDFs to propagate via WhatsApp a worm that deploys a banking trojan in attacks targeting users in Brazil. The latest wave is...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/10/22 3:49 p.m.9 views

Over 100 Chrome extensions break WhatsApp’s anti-spam rules

Recent research by Socket’s Threat Research Team uncovered a massive, coordinated campaign flooding the Chrome Web Store with 131 spamware extensions. These add-ons hijack WhatsApp Web—the browser version of WhatsApp—to automate bulk messages and skirt anti-spam controls. Spamware is software tha...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/10/20 10:47 a.m.12 views

131 Chrome Extensions Caught Hijacking WhatsApp Web for Massive Spam Campaign

Cybersecurity researchers have uncovered a coordinated campaign that leveraged 131 rebranded clones of a WhatsApp Web automation extension for Google Chrome to spam Brazilian users at scale. The 131 spamware extensions share the same codebase, design patterns, and infrastructure, according to...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/10/08 12:0 a.m.20 views

Fedora 39 : webkitgtk (2024-e1357fc22f)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e1357fc22f advisory. Fix login QR code not shown in WhatsApp web. Disable PSON by default again in GTK 3 API versions. Disable DMABuf video sink by default to prevent fi...

6.5CVSS7.5AI score0.00915EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/10/08 12:0 a.m.19 views

Fedora 40 : webkitgtk (2024-4c6304b6fa)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-4c6304b6fa advisory. Fix login QR code not shown in WhatsApp web. Disable PSON by default again in GTK 3 API versions. Disable DMABuf video sink by default to prevent fi...

6.5CVSS7.5AI score0.00915EPSS
Exploits0References3
hivepro
hivepro
added 2023/10/26 12:46 p.m.7 views

Attackers Exploit Brazil’s PIX System with GoPIX Malware Campaign

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The popularity of Brazils PIX payment system has attracted cybercriminals using GoPIX malware, targeting users searching for "WhatsApp web" with malicious ads. This poses a threat to users financial and...

6.8AI score
Exploits0
0day.today
0day.today
added 2020/04/06 12:0 a.m.56 views

WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting Exploit

Exploit for multiple platform in category web applications Title: WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting Exploit Author: Gal Weizman Vendor Homepage: https://www.whatsapp.com Software Link: https://web.whatsapp.com/desktop/windows/release/x64/WhatsAppSetup.exe Software Link:...

5.8CVSS8.3AI score0.67859EPSS
Exploits5
The Hacker News
The Hacker News
added 2020/02/04 8:22 p.m.4 views

This WhatsApp Bug Could Have Let Attackers Access Files On Your PCs

A cybersecurity researcher today disclosed technical details of multiple high severity vulnerabilities he discovered in WhatsApp, which, if exploited, could have allowed remote attackers to compromise the security of billions of users in different ways. When combined together, the reported issues...

8.2CVSS7.8AI score0.67859EPSS
Exploits5
The Hacker News
The Hacker News
added 2018/08/08 2:55 p.m.4 views

WhatsApp Flaw Lets Users Modify Group Chats to Spread Fake News

WhatsApp, the most popular messaging application in the world, has been found vulnerable to multiple security vulnerabilities that could allow malicious users to intercept and modify the content of messages sent in both private as well as group conversations. Discovered by security researchers at...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2017/07/14 7:6 a.m.21 views

Awesome! WhatsApp Now Lets You Send Files of Any Format

Have you ever felt like wishing of sending any type of file immediately to your friends and office colleagues on WhatsApp directly, instead of just contacts, images or documents? Well, now you can… The latest version of WhatsApp for Android and iOS now allows users to send and receive any type of...

6.6AI score
Exploits0
0day.today
0day.today
added 2016/11/04 12:0 a.m.151 views

WhatsApp Web Username Bypass Vulnerability

Exploit for tricks platform in category remote exploits Title: Web WhatsApp Username Bypass Date: 31.10.2016 Author: Glumi Software Link: https://web.whatsapp.com/ Why this works: Web WhatsApp is filtering null bytes for all username inputs but this can be bypassed by using the"NOP"-character 0x9...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2016/05/10 10:23 p.m.15 views

WhatsApp launches Desktop Software for Windows and Mac Users

The most popular messaging app WhatsApp now has a fully functional desktop app – both for Mac as well as Windows platform. Facebook-owned WhatsApp messaging software has been a mobile-only messaging platform forever, but from Tuesday, the company is offering you its desktop application for both...

6.9AI score
Exploits0
CNVD
CNVD
added 2015/09/27 12:0 a.m.3 views

WhatsApp Web 'vCard' Format Remote Code Execution Vulnerability

WhatsApp is a suite of cross-platform mobile applications that utilize the web to deliver text messages, and WhatsApp Web is the web version. A remote code execution vulnerability exists in WhatsApp Web, which allows remote attackers to conduct denial-of-service attacks or execute arbitrary code ...

8.5AI score
Exploits0References1
The Hacker News
The Hacker News
added 2015/08/20 1:20 a.m.11 views

How To Use WhatsApp Web Client on iPhone and Other iOS Devices

WhatsApp Web client support is now available for iOS users. That's right, now iOS users can access their instant messaging facility on the web; without taking the other route via jailbreaking. Eight months ago, on January 21, 2015, WhatsApp was made available on web browsers, and let Android,...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2015/02/07 12:26 a.m.14 views

Beware of Fake 'WhatsApp Web' Spreading Banking Trojan

Cybercriminals are known to take advantage of everything that captures public attention in order to spread malware, and the recently launched web client of the most popular WhatsApp messaging application seems to be their next target. Last month, the messaging giant WhatsApp, with 700 million use...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2015/01/21 9:39 a.m.16 views

WhatsApp Web — New WhatsApp Feature Allows You to Chat From Your Browser

The most popular smartphone messaging service WhatsApp is now able to communicate with friends from their PC. No Rumours at all !! Enjoy WhatsApp from your desktop from now on. Last month, it was leaked that Whatsapp was working on a web client and finally from today they are introducing it to th...

6.7AI score
Exploits0
Rows per page
Query Builder