Telegram EvilVideo Vulnerability Exploited to Execute Malicious Code on Victim Device

A critical evolution of the CVE-2024-7014 vulnerability, originally patched in July 2024, has resurfaced with updated tactics to bypass security measures.  Dubbed Evilloader, this new exploit leverages Telegram’s multimedia handling mechanisms to execute malicious JavaScript code by disguising .htm files as video content.  The attack chain, observed in active campaigns, demonstrates how threat actors continue […]

The post Telegram EvilVideo Vulnerability Exploited to Execute Malicious Code on Victim Device appeared first on Cyber Security News.