Whatsapp web | Breaking Cybersecurity News | The Hacker News

Meta Platforms' WhatsApp and Cloudflare have banded together for a new initiative called Code Verify to validate the authenticity of the messaging service's web app on desktop computers. Available in the form of a Chrome and Edge  browser extension , the  open-source add-on  is designed to "automatically verif[y] the authenticity of the WhatsApp Web code being served to your browser," Facebook  said  in a statement. The goal with Code Verify is to confirm the integrity of the web application and ensure that it hasn't been tampered with to inject malicious code. The social media company is also planning to release Firefox and Safari plugins to achieve the same level of security across browsers. The system works with Cloudflare acting as a third-party audit to compare the cryptographic hash of WhatsApp Web's JavaScript code that's shared by Meta with that of a locally computed hash of the code running on the browser client. Code Verify is also meant t...

A cybersecurity researcher today disclosed technical details of multiple high severity vulnerabilities he discovered in WhatsApp, which, if exploited, could have allowed remote attackers to compromise the security of billions of users in different ways. When combined together, the reported issues could have even enabled hackers to remotely steal files from the Windows or Mac computer of a victim using the WhatsApp desktop app by merely sending a specially crafted message. Discovered by PerimeterX researcher Gal Weizman and tracked as CVE-2019-18426 , the flaws specifically resided in WhatsApp Web, a browser version of the world's most popular messaging application that also powers its Electron-based cross-platform apps for desktop operating systems. In a blog post published today, Weizman revealed that WhatsApp Web was vulnerable to a potentially dangerous open-redirect flaw that led to persistent cross-site scripting attacks, which could have been triggered by sending a s...

CrowdStrike is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive time, positioned highest on Ability to Execute and furthest to the right on Completeness of Vision.

Finally, for the very first time, an encrypted messaging service provider is taking legal action against a private entity that has carried out malicious attacks against its users. Facebook filed a lawsuit against Israeli mobile surveillance firm NSO Group on Tuesday, alleging that the company was actively involved in hacking users of its end-to-end encrypted WhatsApp messaging service. Earlier this year, it was discovered that WhatsApp had a critical vulnerability that attackers were found exploiting in the wild to remotely install Pegasus spyware on targeted Android and iOS devices. The flaw (CVE-2019-3568) successfully allowed attackers to silently install the spyware app on targeted phones by merely placing a WhatsApp video call with specially crafted requests, even when the call was not answered. Developed by NSO Group, Pegasus allows access to an incredible amount of data from victims' smartphones remotely, including their text messages, emails, WhatsApp chats, ...

What if just receiving a video call on WhatsApp could hack your smartphone? This sounds filmy, but Google Project Zero security researcher Natalie Silvanovich found a critical vulnerability in WhatsApp messenger that could have allowed hackers to remotely take full control of your WhatsApp just by video calling you over the messaging app. The vulnerability is a memory heap overflow issue which is triggered when a user receives a specially crafted malformed RTP packet via a video call request, which results in the corruption error and crashing the WhatsApp mobile app. Since the vulnerability affect RTP (Real-time Transport Protocol) implementation of Whatsapp, the flaw affects Android and iOS apps, but not WhatsApp Web that relies on WebRTC for video calls. Silvanovich also published a proof-of-concept exploit, along with the instructions for reproducing the WhatsApp attack. Although the proof-of-concept published by Silvanovich only triggers memory corruption, another Go...

WhatsApp, the most popular messaging application in the world, has been found vulnerable to multiple security vulnerabilities that could allow malicious users to intercept and modify the content of messages sent in both private as well as group conversations. Discovered by security researchers at Israeli security firm Check Point, the flaws take advantage of a loophole in WhatsApp's security protocols to change the content of the messages, allowing malicious users to create and spread misinformation or fake news from "what appear to be trusted sources." The flaws reside in the way WhatsApp mobile application connects with the WhatsApp Web and decrypts end-to-end encrypted messages using the protobuf2 protocol . The vulnerabilities could allow hackers to misuse the 'quote' feature in a WhatsApp group conversation to change the identity of the sender, or alter the content of someone else's reply to a group chat, or even send private messages to one of ...

Have you ever felt like wishing of sending any type of file immediately to your friends and office colleagues on WhatsApp directly, instead of just contacts, images or documents? Well, now you can… The latest version of WhatsApp for Android and iOS now allows users to send and receive any type of files, whether it's .mp3, .avi, .php, zip files, or even APKs. The company last month rolled out this feature to its beta users for Android, and now after being tested successfully, the feature is being released to all WhatsApp users in the latest public update for iOS and Android. The ability to send any file types also works on the WhatsApp-Web client . And of course, there's a file-size limit: Android users can send files up to 100MB iOS users can send files up to 128MB While WhatsApp-web users can only send up to 64MB To send any file format you just need to select 'Document' from 'Attach.' Additionally, the latest update of the app will allow you to select photos ...

Next time when someone sends you a photo of a cute cat or a hot chick on WhatsApp or Telegram then be careful before you click on the image to view — it might hack your account within seconds. A new security vulnerability has recently been patched by two popular end-to-end encrypted messaging services — WhatsApp and Telegram — that could have allowed hackers to completely take over user account just by having a user simply click on a picture. The hack only affected the browser-based versions of WhatsApp and Telegram, so users relying on the mobile apps are not vulnerable to the attack. According to Checkpoint security researchers, the vulnerability resided in the way both messaging services process images and multimedia files without verifying that they might have hidden malicious code inside. For exploiting the flaw, all an attacker needed to do was sending the malicious code hidden within an innocent-looking image. Once the victim clicked on the picture, the attacker coul...

The most popular messaging app WhatsApp now has a fully functional desktop app – both for Mac as well as Windows platform. Facebook-owned WhatsApp messaging software has been a mobile-only messaging platform forever, but from Tuesday, the company is offering you its desktop application for both Windows and OS X. Few months back, WhatsApp launched a Web client that can be run through your browser to use WhatsApp on your desktop, but now users running Windows 8 or Mac OS 10.9 and above can use the new desktop app that mirrors WhatsApp messages from a user's mobile device. According to the company's blog post , the WhatsApp desktop app is similar to WhatsApp Web with synchronized conversations and messages Since WhatsApp desktop app is native for both Windows and OS X platform, it can support desktop notifications and keyboard shortcuts. WhatsApp has been rising at an extraordinary pace recently. The service has over 1 Billion monthly active users. At the beginning...

What would require crashing the wildly popular WhatsApp messaging application? Nearly 4000 Smileys . Yes, you can crash your friends'  WhatsApp , both WhatsApp Web and mobile application, by sending them not any specially crafted messages, but just Smileys. Indrajeet Bhuyan , an independent researcher, has reported The Hacker News a new bug in WhatsApp that could allow anyone to remotely crash most popular messaging app just by sending nearly 4000 emojis to the target user, thereby affecting up to 1 Billion users. Bhuyan is the same researcher who reported a very popular WhatsApp crash bug last year that required 2000 words ( 2kb in size ) message in the special character set to remotely crash Whatsapp messenger app. After this discovery, the company patched the bug by setting up the limits of characters in WhatsApp text messages, but unfortunately, it failed to set up limits for smileys send via WhatsApp. "In WhatsApp Web, Whatsapp allows 65500-660...

WhatsApp Web client support is now available for iOS users. That's right, now iOS users can access their instant messaging facility on the web; without taking the other route (via jailbreaking). Eight months ago, on January 21, 2015, WhatsApp was made available on web browsers , and let Android, Windows Phone 8.0 and 8.1, Nokia S60, Nokia S40 Single SIM EVO, BlackBerry and BB10 smartphones enjoy the service. However, there was no web solution for iOS users at that time because of limitations of the platform and high-security standards adopted by Apple, so they were forced to wait for the service. However, iOS users' wait for WhatsApp Web is over now, and they can also enjoy WhatsApp Web – Same WhatsApp account on iPhone and desktops. Yesterday, WhatsApp enabled its web client interface for iPhone users. How to Use WhatsApp on iPhone and iOS Devices? Interested WhatsApp users simply need to open Safari browser and navigate to https://web.whatsa...

Are you looking for methods on how to run two WhatsApp accounts in one phone, or how to use 2 WhatsApp in 1 phone? In this tutorial, we have shared various techniques that allow mobile users to run multiple or dual WhatsApp accounts in one single phone. WhatsApp is one of the most popular and commonly used Instant messaging apps these days, and due to its simplicity and easy-to-use interface, users are able to use it without any hassle. WhatsApp lets its users send and receive messages that are end-to-end encrypted so that only you and the person you're communicating with can read the content of the message, and nobody in between, not even WhatsApp. Each and everything on WhatsApp comes quite handy, but what is the most disturbing part that you come across? For me it is... How to install 2 WhatsApp accounts in 1 Android smartphone? If you have a dual SIM smartphone, you might be willing to enjoy two separate WhatsApp accounts for your two different phone number. Is...

Cybercriminals are known to take advantage of everything that captures public attention in order to spread malware, and the recently launched web client of the most popular WhatsApp messaging application seems to be their next target. Last month, the messaging giant WhatsApp, with 700 million users worldwide, finally launched its web client to the public. The feature is called " WhatsApp Web ," which gives its users the ability to read and send messages directly from their web browsers. FAKE WHATSAPP WEB SPREADING BANKING TROJANS However, malicious hackers have taken the advantage of the latest WhatsApp Web and have started fooling users all over the world with fake downloads masquerading as a desktop variant of the WhatsApp mobile application. Security researchers at Kaspersky Labs have spotted a seemingly genuine WhatsApp Web for Windows in spam campaign available for fake download that actually spreads financial malware Trojans to the systems worldwide. ...

WhatsApp is again in news but this time not for any security holes, but for its all new and, of course, much-awaited Free Voice Calling feature — similar to other instant messaging apps like Skype and Viber allow users to make voice calls using Internet. After launching its much-awaited Web client (dubbed WhatsApp Web ) to Android users, the most popular mobile messaging application WhatsApp has started rolling out the promised free voice calling feature, and this time again to Android users first. Late last night, some screenshots of WhatsApp's new voice calling feature appeared on Reddit. Reportedly, this new feature will allow WhatsApp users to make free voice calls to their online pals by simply tapping your phone icon to call their WhatsApp friends. The report broke when a Reddit user ( pradnesh07 ) received a WhatsApp call from a friend, and this is how the feature get activated. The free voice calling feature, for now, seems to be invite-only. So, if you still have to ...

Last week, the most popular mobile messaging application WhatsApp finally arrived on the web — dubbed WhatsApp Web , but unfortunately it needs some improvements in its web version. An independent 17-year-old security researcher Indrajeet Bhuyan reported two security holes in the WhatsApp web client that in some way exposes its users' privacy. Bhuyan called the first hole, WhatsApp photo privacy bug and the other WhatsApp Web Photo Sync Bug. Bhuyan is the same security researcher who reported us the vulnerability in the widely popular mobile messaging app which allowed anyone to remotely crash WhatsApp by sending a specially crafted message of just 2kb in size, resulting in the loss of conversations. Whatsapp Photo Privacy Bug According to him, the new version of WhatsApp Web allows us to view a user's profile image even if we are not on the contact list of that user. Even if the user has set the profile image privacy setting to " Contacts Only ," the pro...

The most popular smartphone messaging service WhatsApp is now able to communicate with friends from their PC. No Rumours at all !! Enjoy WhatsApp from your desktop from now on. Last month, it was leaked that Whatsapp was working on a web client and finally from today they are introducing it to the public. The feature is called " WhatsApp Web ," which gives its users the ability to read and send messages directly from their web browsers. HOW TO USE WHATSAPP ON PC/DESKTOP Interested WhatsApp users simply need to open Chrome and navigate to https://web.whatsapp.com A QR code will appear on the web page, which must be scanned using WhatsApp mobile application to activate the service. By scanning the  QR code  that appears, users will automatically have paired their mobile WhatsApp with the WhatsApp web client, as shown.  WhatsApp Web requires that you install and run the latest Whatsapp version of the Android app on your phone. The feature currently work...