Forwarded from vx-underground
Awhile back we heard rumors of a Telegram RCE 0day. We brushed it off as silly memes. Turns out the 0day was 100% real and you're all probably pwned.
It was unveiled on XSS. Nerds celebrated
(joking about pwned part... kind of)
More information: https://www.bleepingcomputer.com/news/security/telegram-fixes-windows-app-zero-day-used-to-launch-python-noscripts/
It was unveiled on XSS. Nerds celebrated
(joking about pwned part... kind of)
More information: https://www.bleepingcomputer.com/news/security/telegram-fixes-windows-app-zero-day-used-to-launch-python-noscripts/
BleepingComputer
Telegram fixes Windows app zero-day used to launch Python noscripts
Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python noscripts.
🍌2