New Telegram Android Vulnerability ⚠️
A critical vulnerability called "EvilLoader" has been discovered in Telegram for Android that remains unpatched in the latest version (11.7.4). This exploit allows attackers to disguise malicious APKs as video files, potentially installing malware on your device.
How the attack works:
1. You receive what appears to be a normal video file
2. When you try to play it, Telegram prompts you to open it in an external app
3. If you accept, a malicious APK gets installed instead
Technical details:
The vulnerability involves crafting an HTML file and saving it with an MP4 extension. Telegram incorrectly identifies this as a legitimate video file based solely on the file extension without properly validating the content. When opened, this specially crafted HTML file can redirect to malicious APK downloads or installations.
Protect yourself:
- Do not open video files that require external applications to play
- Disable auto-download of media in Telegram settings
- Be suspicious of any videos that don't play normally
- Never grant permission to install unknown apps when playing media files
- Keep your device's security software updated
This exploit has reportedly been for sale on underground forums since January 15, 2025. Telegram has been notified but has not yet released a patch.
Stay vigilant and share this information with other Telegram users to help keep everyone safe! 🛡️
Source
A critical vulnerability called "EvilLoader" has been discovered in Telegram for Android that remains unpatched in the latest version (11.7.4). This exploit allows attackers to disguise malicious APKs as video files, potentially installing malware on your device.
How the attack works:
1. You receive what appears to be a normal video file
2. When you try to play it, Telegram prompts you to open it in an external app
3. If you accept, a malicious APK gets installed instead
Technical details:
The vulnerability involves crafting an HTML file and saving it with an MP4 extension. Telegram incorrectly identifies this as a legitimate video file based solely on the file extension without properly validating the content. When opened, this specially crafted HTML file can redirect to malicious APK downloads or installations.
Protect yourself:
- Do not open video files that require external applications to play
- Disable auto-download of media in Telegram settings
- Be suspicious of any videos that don't play normally
- Never grant permission to install unknown apps when playing media files
- Keep your device's security software updated
This exploit has reportedly been for sale on underground forums since January 15, 2025. Telegram has been notified but has not yet released a patch.
Stay vigilant and share this information with other Telegram users to help keep everyone safe! 🛡️
Source
👏11🤯9👍4❤3
Stryker tech support bot partner was hacked. Do not click on any links. We will no longer use that provider. Sorry for the disturbance
👍17❤2🤔2🤯2👌2🐳2🕊1🤝1
😢32🔥14👍5❤3😱3💔3🤔2🤯1🐳1🦄1
What should the AI do in the stryker? Any feature requests?
🔥7❤1
Stryker + KernelHub = in-built kernel suggester for your device
🤯13❤1👍1🦄1
Stryker Premium is Free for all.
Just login into account 🙂
As software was developed a little long time ago, i unfortunately can't guarantee that everything will work properly, but here we are. If you want to support us, you know the drill. Enjoy, thanks for using our software, waiting for you in the comments 💕
Just login into account 🙂
As software was developed a little long time ago, i unfortunately can't guarantee that everything will work properly, but here we are. If you want to support us, you know the drill. Enjoy, thanks for using our software, waiting for you in the comments 💕
7🔥62❤25🥰5👏5👌3👍1
If you encounter problems with Metasploit. Here is some fix from our community
If you can't login. Please make sure that you removed the previous device(s) from the dashboard on our website
Enjoy the app🫡
If you can't login. Please make sure that you removed the previous device(s) from the dashboard on our website
Enjoy the app🫡
🔥13❤8
If you were an active tester, or have skills and believe you understand what this project is about. Request to join! Thanks, the new journey begins ⚡
https://news.1rj.ru/str/+ibnYi-WHfVBiNmMy
https://news.1rj.ru/str/+ibnYi-WHfVBiNmMy
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥13🤯5❤1👍1
Chroot
Anonymous Poll
19%
Alpine (less storage, less comfortable)
81%
Debian (more storage, more comfortable)
🔥8❤4👍1
Please open Telegram to view this post
VIEW IN TELEGRAM
4🔥40❤12👍2
🚨 URGENT: Google's New Android Requirement Violates EU Laws
Starting September 2026, Google will FORCE all Android developers to verify their identity - even for sideloaded apps. This affects EVERY EU citizen's digital rights.
📱 What's Happening:
ALL apps must be registered by verified developers
Includes sideloaded apps & alternative stores
Mandatory registration through Google's system
Starts in 4 countries Sept 2026, then globally
⚖️ EU Laws Violated:
1️⃣ Digital Markets Act (DMA)
→ Art. 6(4): Blocks free sideloading
→ Art. 5(7): Forces Google's ID system
→ Fine: €25-50 BILLION (10-20% turnover)
2️⃣ GDPR
→ No legal basis for forced data collection
→ Violates data minimization
→ Fine: €10 BILLION (4% turnover)
3️⃣ Antitrust (TFEU Art. 102)
→ Abuse of 70%+ market dominance
→ Same violation EU fined €4.34B in 2018
→ Fine: €25 BILLION
4️⃣ Digital Services Act
→ No transparency or risk assessment
→ Fine: €15 BILLION (6% turnover)
5️⃣ Charter of Fundamental Rights
→ Violates data protection (Art. 8)
→ Kills anonymous publishing (Art. 11)
→ Blocks entrepreneurship (Art. 16)
That is insane - this is what happens when corporations think they are the government
Starting September 2026, Google will FORCE all Android developers to verify their identity - even for sideloaded apps. This affects EVERY EU citizen's digital rights.
📱 What's Happening:
ALL apps must be registered by verified developers
Includes sideloaded apps & alternative stores
Mandatory registration through Google's system
Starts in 4 countries Sept 2026, then globally
⚖️ EU Laws Violated:
1️⃣ Digital Markets Act (DMA)
→ Art. 6(4): Blocks free sideloading
→ Art. 5(7): Forces Google's ID system
→ Fine: €25-50 BILLION (10-20% turnover)
2️⃣ GDPR
→ No legal basis for forced data collection
→ Violates data minimization
→ Fine: €10 BILLION (4% turnover)
3️⃣ Antitrust (TFEU Art. 102)
→ Abuse of 70%+ market dominance
→ Same violation EU fined €4.34B in 2018
→ Fine: €25 BILLION
4️⃣ Digital Services Act
→ No transparency or risk assessment
→ Fine: €15 BILLION (6% turnover)
5️⃣ Charter of Fundamental Rights
→ Violates data protection (Art. 8)
→ Kills anonymous publishing (Art. 11)
→ Blocks entrepreneurship (Art. 16)
That is insane - this is what happens when corporations think they are the government
👍25❤9🤯3🤔2
Channel name was changed to «ZalexDev Blog | Stryker | Developer»