Dark Reading

Attackers Exploit 'EvilVideo' Telegram Zero-Day to Hide Malware

Telegram has patched a zero-day flaw found in older versions of its chat and media-sharing application for Android that allows attackers to hide malicious payloads in video files. "Using the exploit … ...
The Hacker News

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

Researchers uncover wormable XMRig campaign using BYOVD exploit and LLM-built React2Shell attacks hitting 90+ hosts.
Bleeping Computer

Telegram zero-day allowed sending malicious Android APKs as videos

A Telegram for Android zero-day vulnerability dubbed 'EvilVideo' allowed attackers to send malicious Android APK payloads disguised as video files. A threat actor named 'Ancryno' first began selling ...

Android Telegram users targeted by a new EvilVideo exploit

A new 'EvilLoader' payload exploit on Telegram uses disguised video files to trick users into downloading malware or ...
SiliconANGLE

Google reports watering-hole attacks on Mongolian sites leveraged iOS and Android exploits

Google LLC’s Threat Analysis Group today shared details on multiple observed in-the-wild exploit campaigns that used watering-hole attacks on Mongolian government websites between November 2023 and ...