Worrying WhatsApp attack can steal messages and even accounts - here's how to stay safe from "poisoned" attack

The malicious fork, named ‘lotusbail’ has all the same functionality as the legitimate project, but it also steals WhatsApp authentication tokens and session keys. Furthermore, it intercepts and ...
InfoWorld

WhatsApp API worked exactly as promised, and stole everything

Malicious npm package posing as a WhatsApp Web API library operated for months as a functional dependency while stealing ...
Axios on MSN

Here's how the DOJ releases the Epstein files and how others are making them easier to read

The Epstein files, which look into Epstein's crimes, have caused headaches for President Trump all year, stoking the flames ...

The internet just made a 300TB copy of Spotify! (Updated: New Spotify statement)

Anna’s Archive claims it has scraped nearly all of Spotify, acquiring 300TB of data, for a so-called "preservation" project.
SecurityWeek

NPM Package With 56,000 Downloads Steals WhatsApp Credentials, Data

The lotusbail NPM package steals WhatsApp credentials, messages, and contacts, and provides persistent access to the victims’ accounts.
InfoQ

Nuxt Introduces Native Request Cancellation and Async Handler Extraction for Performance Gains

Nuxt 4.2 elevates the developer experience with native abort control for data fetching, improved error handling, and ...

A 300TB pirate archive claims to contain nearly every song ever streamed on Spotify

Anna's Archive, a shadow library search engine, recently scraped Spotify to create a pirate archive containing 86 million songs and metadata for 256 million tracks.