Bleeping Computer

Malicious RubyGems pose as Fastlane to steal Telegram API data

Two malicious RubyGems packages posing as popular Fastlane CI/CD plugins redirect Telegram API requests to attacker-controlled servers to intercept and steal data. RubyGems is the official package ...
CoinTelegraph

Scammers are using Telegram verification bots to inject crypto-stealing malware

Scam Sniffer told Cointelegraph it was the first time it’s seen a scam use a “specific combination of fake X accounts, fake Telegram channels and malicious Telegram bots.” Scammers are combining ...
CSOonline

Supply chain attack hits RubyGems to steal Telegram API data

Threat actor exploits Fastlane plugin trust to redirect Telegram traffic via C2 server after Vietnam’s ban, targeting mobile app CI/CD pipelines. An ongoing supply chain attack is targeting the ...