Nanobot Unauthenticated WhatsApp Session Hijack via WebSocket Bridge

16/02/2026

Tenable Research has identified and responsibly disclosed a vulnerability to Nanobot.

The nanobot WhatsApp bridge server (`bridge/src/server.ts`) binds its WebSocket server to all network interfaces (`0.0.0.0`) and accepts connections without any form of authentication. An attacker with network access to the bridge port (default `3001`) can fully hijack the linked WhatsApp session: send messages on behalf of the user, intercept all incoming messages in real time, and capture QR codes during authentication.

Joshua Martinelle Mon, 02/16/2026 – 03:47
– Read more

Monday	08:00 - 17:00
Tuesday	08:00 - 17:00
Wednesday	08:00 - 17:00
Thursday	08:00 - 17:00
Friday	08:00 - 17:00

Nanobot Unauthenticated WhatsApp Session Hijack via WebSocket Bridge

Latest article

Building an AI-powered defense-in-depth security architecture for serverless microservices

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

16th February – Threat Intelligence Report

Vulnerabilities in Password Managers Allow Hackers to View and Change Passwords

EDITOR PICKS

Building an AI-powered defense-in-depth security architecture for serverless microservices

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

16th February – Threat Intelligence Report

POPULAR POSTS

Threats to users of adult websites in 2018

The World’s Most Popular Coding Language Happens to be Most Hackers’...

IT threat evolution Q2 2019

POPULAR CATEGORY

Building an AI-powered defense-in-depth security architecture for serverless microservices

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

16th February – Threat Intelligence Report