all InfoSec news
Typo Trouble: Exploring the Telegram Python RCE Vulnerability
Malware Analysis, News and Indicators - Latest topics malware.news
Telegram’s Windows application was recently updated to address a critical zero-day flaw that permitted the execution of Python scripts without triggering security alerts, due to a typo in processing certain file extensions.
This vulnerability first surfaced on online forums later proof of concept shared on the XSS forum. The issue centered around Python “.pyzw” files which, due to a typo let attackers to evaded Telegram’s security protocols and ran immediately upon user interaction, provided Python was present on the device. …
address alerts application concept critical extensions file flaw forum forums issue malware analysis proof python python scripts rce scripts security security alerts telegram typo vulnerability windows xss zero-day zero-day flaw