Dark Reading

Attackers Exploit 'EvilVideo' Telegram Zero-Day to Hide Malware

Telegram has patched a zero-day flaw found in older versions of its chat and media-sharing application for Android that allows attackers to hide malicious payloads in video files. "Using the exploit … ...
SecurityWeek

CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List

CISA has expanded the Known Exploited Vulnerabilities catalog with three bugs targeted by the nation-state-grade Coruna iOS exploit kit.
Bleeping Computer

Telegram zero-day allowed sending malicious Android APKs as videos

A Telegram for Android zero-day vulnerability dubbed 'EvilVideo' allowed attackers to send malicious Android APK payloads disguised as video files. A threat actor named 'Ancryno' first began selling ...

Android Telegram users targeted by a new EvilVideo exploit

A new 'EvilLoader' payload exploit on Telegram uses disguised video files to trick users into downloading malware or ...