Malicious npm package steals WhatsApp accounts and messages

A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal ...
The Hacker News

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

A malicious npm package posing as a WhatsApp API intercepts messages, steals credentials, and links attacker devices after 56 ...
PCMag

A Pirate Group Says It Copied Nearly All of Spotify’s Music Catalog

The pirate activist group Anna’s Archive said it gained access to 86 million audio files and it plans to begin releasing them soon.