Telegram zero-day allowed sending malicious Android APKs as videos
A zero-day vulnerability in Telegram for Android, named 'EvilVideo,' allowed attackers to send malicious APK payloads disguised as videos. The flaw was patched in version 10.14.5 after responsible disclosure. Users should update their app.
Read original article
A zero-day vulnerability in Telegram for Android, named 'EvilVideo,' allowed attackers to send malicious Android APK payloads disguised as video files. The flaw was first sold by a threat actor named 'Ancryno' on a hacking forum and was confirmed by ESET researchers. The exploit worked in older versions of Telegram and was patched in version 10.14.5 after being responsibly disclosed to Telegram. The exploit required recipients to download and execute the malicious APK files disguised as videos, potentially leading to device compromise. Despite the exploit being labeled as "one-click," it actually required multiple steps and specific settings for successful execution. ESET's testing revealed that the exploit did not work on Telegram's web client or Desktop versions. Users are advised to update their Telegram app to version 10.14.5 and scan their devices for any potentially malicious payloads received through the app.
Related
I found a 1-click exploit in South Korea's biggest mobile chat app
A critical exploit in KakaoTalk allows attackers to run JavaScript in a WebView, potentially compromising user accounts by stealing access tokens. The exploit highlights the need to address security vulnerabilities in messaging apps.
Twilio Confirms Data Breach After Hackers Leak 33M Authy User Phone Numbers
Twilio confirms data breach leaking 33 million phone numbers linked to Authy app. No evidence of system access or sensitive data compromise. Users advised to update security settings as precaution against phishing.
Universal Code Execution by Chaining Messages in Browser Extensions
Researchers demonstrate universal code execution in browser extensions by exploiting messaging APIs, bypassing security measures. Vulnerabilities in extensions can compromise millions of users, allowing access to sensitive data and enabling arbitrary command execution.
Houthi rebels are operating their own GuardZoo spyware
Houthi rebels operate GuardZoo spyware, a surveillance tool similar to Pegasus. Active since 2019, it targets Yemeni military with social engineering tactics. Despite lower sophistication, GuardZoo highlights rising surveillance malware threats.
Exim vulnerability affecting 1.5M servers lets attackers attach malicious files
A critical vulnerability in Exim mail transfer agent (CVE-2024-39929) exposes 1.5 million email servers to attacks delivering malicious attachments. No active exploits reported, but admins urged to update Exim to version 4.98 RC3 for protection.
3 commentsYa it is not an "exploit". It is more a bug.
Looks interesting although not particularly dangerous.
Related
I found a 1-click exploit in South Korea's biggest mobile chat app
A critical exploit in KakaoTalk allows attackers to run JavaScript in a WebView, potentially compromising user accounts by stealing access tokens. The exploit highlights the need to address security vulnerabilities in messaging apps.
Twilio Confirms Data Breach After Hackers Leak 33M Authy User Phone Numbers
Twilio confirms data breach leaking 33 million phone numbers linked to Authy app. No evidence of system access or sensitive data compromise. Users advised to update security settings as precaution against phishing.
Universal Code Execution by Chaining Messages in Browser Extensions
Researchers demonstrate universal code execution in browser extensions by exploiting messaging APIs, bypassing security measures. Vulnerabilities in extensions can compromise millions of users, allowing access to sensitive data and enabling arbitrary command execution.
Houthi rebels are operating their own GuardZoo spyware
Houthi rebels operate GuardZoo spyware, a surveillance tool similar to Pegasus. Active since 2019, it targets Yemeni military with social engineering tactics. Despite lower sophistication, GuardZoo highlights rising surveillance malware threats.
Exim vulnerability affecting 1.5M servers lets attackers attach malicious files
A critical vulnerability in Exim mail transfer agent (CVE-2024-39929) exposes 1.5 million email servers to attacks delivering malicious attachments. No active exploits reported, but admins urged to update Exim to version 4.98 RC3 for protection.