-
Telegram will add a warning for proxy links after reports showed they can expose user IP addresses with a single click, bypassing VPN or privacy settings.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Telegram mods spread a powerful Android backdoor as banking trojans surge and Joker malware resurfaces on Google Play in Q4 2025, says Doctor Web.
·
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In December 2025, the Iran-linked hacking group known as Handala escalated its influence operations against Israel’s political establishment by publishing material it claimed was pulled from the fully “compromised” mobile devices of two high-profile of…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers have uncovered a sophisticated malware campaign where threat actors weaponize trojanized installers for popular productivity applications to deploy ValleyRat, a persistent remote access tool. The operation demonstrates advanced evasion tech…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers at Group-IB have uncovered a sophisticated phishing framework that demonstrates how cybercriminals are industrializing credential theft through automation, evasion techniques, and Telegram-based data exfiltration. The kit targets explicitly…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at Doctor Web have uncovered a sophisticated Android backdoor disguised as Telegram X that grants cybercriminals complete control over victims’ accounts and devices. The malware, identified as Android.Backdoor.Baohuo.1.origin…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Telegram has solidified its position as the primary coordination hub for modern hacktivist operations, according to comprehensive research analyzing over 11,000 posts from more than 120 politically motivated threat actor groups. Contrary to assumptions…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cavalry Werewolf, a Russian-focused advanced persistent threat (APT) cluster, has intensified its offensive operations by experimenting with new malware variants and leveraging Telegram-based command-and-control (C2). Security teams must prioritize rea…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered a new Ransomware-as-a-Service (RaaS) strain named BQTLOCK that is actively targeting Windows users through Telegram channels and dark web forums. Since mid-July, affiliates of the service have been distributing a ZIP…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Socket’s Threat Research Team has uncovered a deceptive Go module named golang-random-ip-ssh-bruteforce, which masquerades as an efficient SSH brute-forcing tool but secretly exfiltrates stolen credentials to its creator. Published on June 24, 2022, th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
