A malicious Python package masquerading as a legitimate Telegram development tool has been identified as a vehicle for remote code execution attacks, raising concerns about supply chain security ...

Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts. Over the past few days, rumors have ...

Threat actor exploits Fastlane plugin trust to redirect Telegram traffic via C2 server after Vietnam’s ban, targeting mobile app CI/CD pipelines. An ongoing supply chain attack is targeting the ...