Bleeping Computer

Telegram zero-day allowed sending malicious Android APKs as videos

A Telegram for Android zero-day vulnerability dubbed 'EvilVideo' allowed attackers to send malicious Android APK payloads disguised as video files. A threat actor named 'Ancryno' first began selling ...
PC Magazine

Telegram Zero-Day for Android Let Attackers Hide Files in Fake Videos

While it's unclear whether anyone actually fell for the scam, Telegram pushed a fix in Android update 10.14.5 on July 11. It's possible the exploit may have been due to an upload issue on the Android ...