CSOonline

Supply chain attack hits RubyGems to steal Telegram API data

Threat actor exploits Fastlane plugin trust to redirect Telegram traffic via C2 server after Vietnam’s ban, targeting mobile app CI/CD pipelines. An ongoing supply chain attack is targeting the ...
ZATAZ

Telegram hijacked without hacking through authentication

A sophisticated phishing campaign on Telegram is raising the bar. It doesn’t break anything and doesn’t spoof the app, it manipulates Telegram’s official authentication until the victim “approves” the ...