Forwarded from TgDB News (TelegramDB)
Nekogram appears to be using the TgDB Search Bot in an automated manner (without our knowledge; this is not a partnership), likely to search for usernames.
However, this is unrelated to their obfuscated scraping of phone numbers; we do not receive any data from Nekogram and are in no way affiliated with them.
However, this is unrelated to their obfuscated scraping of phone numbers; we do not receive any data from Nekogram and are in no way affiliated with them.
Forwarded from rvalue的生草日常
用 Nekogram 的有福了
https://thebadinteger.github.io/nekogram-phone-exfiltration/
https://thebadinteger.github.io/nekogram-phone-exfiltration/
😇1
Forwarded from Nicole ニコール
The telegram scene for the next week is gonna be like "yeah so our slopgram doesn't steal data like goygram, we are a secure fork of ligmagram and have been vetted 69 times by the devs of cringegram which is our biggest competitor, and one of them is also in the navy"
Forwarded from 我喜欢你 (baka)
为验证这一点,我们制作了一个PoC:一个LSPosed模块,将机器人ID和用户名替换为我们自己的信息,这样所有请求都会发送到我们的服务器上。通过这种方式,我们确认电话号码确实在被收集。每次登录都会如此。
该PoC可在此处获取: https://github.com/RomashkaTea/nekogram-proof-of-logging
https://t.me/mysticleaks/157
该PoC可在此处获取: https://github.com/RomashkaTea/nekogram-proof-of-logging
https://t.me/mysticleaks/157
Forwarded from 我喜欢你 (baka)
1. Cherrygram 开发者声称此段代码未被调用且编译后被移除
https://t.me/cherrygram/1134
2. Cherrygram 付费版被扒出存在此数据收集代码
https://t.me/MlgmXyysd_bibilailai/3105
3. Cherrygram 公开版未检出此代码
https://t.me/MlgmXyysd_bibilailai/3107
https://t.me/cherrygram/1134
2. Cherrygram 付费版被扒出存在此数据收集代码
https://t.me/MlgmXyysd_bibilailai/3105
3. Cherrygram 公开版未检出此代码
https://t.me/MlgmXyysd_bibilailai/3107
Telegram
Cherrygram 🍒
Cherrygram NEVER collects your data
Forwarded from Nekogram
Extra.java
7.6 KB
If your question is, “Is it true?”, the answer is yes, numbers were sent to the bot.
Some people are asking for an “explanation,” but what kind of explanation do you need? It is exactly what it looks like; it is what it is. 🤷♂️
For those interested, here is the source code of Extra.java.
Fact: not a single number has been stored anywhere or shared with anyone, though people may find that hard to believe.
Some people are asking for an “explanation,” but what kind of explanation do you need? It is exactly what it looks like; it is what it is. 🤷♂️
For those interested, here is the source code of Extra.java.
Fact: not a single number has been stored anywhere or shared with anyone, though people may find that hard to believe.
tg生态观察 ٭✡️⚝✹✸✶✷✴️✧⊛🔯❂⍣≛✨🇻🇳
The telegram scene for the next week is gonna be like "yeah so our slopgram doesn't steal data like goygram, we are a secure fork of ligmagram and have been vetted 69 times by the devs of cringegram which is our biggest competitor, and one of them is also…
Telegram
MonoGram
Speaking of backdoors, here is what was found in Cherrygram
The client uses Firebase to quietly leak user data. A specific function collects your Telegram ID, active username, and phone number, and then sends it all off under the guise of a standard analytics…
The client uses Firebase to quietly leak user data. A specific function collects your Telegram ID, active username, and phone number, and then sends it all off under the guise of a standard analytics…
Forwarded from &'a ::rynco::UntitledChannel (W)
日前杜叔叔似乎在 Telegram Desktop 上移除了发送大图的选项。看起来是官方客户端 6.7.0 移除的,未更新的 6.6.x 客户端仍可正常发送较高分辨率的图片。
目前看起来这似乎只是客户端限制,但并不知道单纯靠不更新还能苟多久。不论如何,如果在意的话建议暂时关闭自动更新。
目前看起来这似乎只是客户端限制,但并不知道单纯靠不更新还能苟多久。不论如何,如果在意的话建议暂时关闭自动更新。
Forwarded from q234rty 🍓
我现在没电脑但是看 https://github.com/telegramdesktop/tdesktop/commit/87ebd2720f0f0664b27f8ccebb874f71b8425432 似乎是改成了发送图片的时候可以选择?
GitHub
Send high quality as first-class option. · telegramdesktop/tdesktop@87ebd27
Telegram Desktop messaging app. Contribute to telegramdesktop/tdesktop development by creating an account on GitHub.
Forwarded from Laoself
BotNews
Starting today, in specific contexts, Bot-to-Bot communication is allowed – unlocking complex agentic flows and AI-powered use cases.
All in AI連祖宗之法都可以變了(
👍1
Forwarded from 我的电脑
为防范新型 spam bot,暂时解除组群关联。
此类 spam 的工作方式是,用户bot 发送一条 @ 数个垃圾广告 bot 的消息,即便用户消息被删除,垃圾广告 bot 依旧获取了对应的 context 从而在组群内回复垃圾信息。而 bot 和 bot 之间又互相看不见,导致自动化的清理 bot 对此束手无策
此类 spam 的工作方式是,用户bot 发送一条 @ 数个垃圾广告 bot 的消息,即便用户消息被删除,垃圾广告 bot 依旧获取了对应的 context 从而在组群内回复垃圾信息。而 bot 和 bot 之间又互相看不见,导致自动化的清理 bot 对此束手无策
Forwarded from r/devs/
未題名の四月と海
tg不久前出的guest bot这么快就被滥用了,什么中国速度
tg bot 新加的 guest mode 正在疯狂遭到广告哥滥用:大量的 userbot 在频道评论区 at 它们的广告 bot 然后立即删除消息,接着广告 bot 就可以直接在群里发广告消息。显而易见,目前的 anti spam bot 都还没来得及适配这种新的 spam。
如果想让 tg 增加群组可以限制 guest bot 的功能,请给这个 feedback 投票: https://bugs.telegram.org/c/61699
如果想让 tg 增加群组可以限制 guest bot 的功能,请给这个 feedback 投票: https://bugs.telegram.org/c/61699
Forwarded from 层叠 - The Cascading
🔴 APKPure 上的 Telegram/Telegram X 最新版本是恶意软件。
- 研究者分析称其会收集用户消息记录等信息,并发送至第三方服务器。
- 本台建议 Android 用户在 Telegram 官方网站 [1] 下载 app;信誉较有保证且限制较应用商店版更少。
https://t.me/xhqcankao/29564
1. https://telegram.org/android
#APKPure #Telegram
- 研究者分析称其会收集用户消息记录等信息,并发送至第三方服务器。
- 本台建议 Android 用户在 Telegram 官方网站 [1] 下载 app;信誉较有保证且限制较应用商店版更少。
https://t.me/xhqcankao/29564
1. https://telegram.org/android
#APKPure #Telegram
Telegram
风向旗参考快讯
虎牙旗下apkpure应用商店正在分发恶意软件
近日有多名开发者发现,虎牙旗下的知名第三方应用商店 APKPure 在分发 Telegram 相关应用时存在严重安全问题,强烈建议用户立即停止使用该平台下载任何 APK。开发者南宫雪珊在其电报频道发文警告 apkpure 不可信,其中 Telegram 商店版 apk 签名不正确;Telegram X 包名不正确;目前仅web版正常,但版本也不是最新的。除此之外,安全研究员、逆向工程师 Eric Parker 在社交媒体平台 X 上也发文警告,APKPure…
近日有多名开发者发现,虎牙旗下的知名第三方应用商店 APKPure 在分发 Telegram 相关应用时存在严重安全问题,强烈建议用户立即停止使用该平台下载任何 APK。开发者南宫雪珊在其电报频道发文警告 apkpure 不可信,其中 Telegram 商店版 apk 签名不正确;Telegram X 包名不正确;目前仅web版正常,但版本也不是最新的。除此之外,安全研究员、逆向工程师 Eric Parker 在社交媒体平台 X 上也发文警告,APKPure…
💩1