Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts.

Researchers at cloud forensics and incident response platform startup Cado Security Ltd. today announced details of a recently discovered Python-based credential harvester and hacking tool.

The packages contained an __init__.py file that harboured malicious code, designed to search for files with the .py, .php,.zip, .png, .jpg and .jpeg extensions in the root and DCIM folders, and ...

Threat actor exploits Fastlane plugin trust to redirect Telegram traffic via C2 server after Vietnam’s ban, targeting mobile app CI/CD pipelines.