#Droidify #Fdroid client
Added SHA256 for signature verification (Long press on Sync icon to refresh index)
https://github.com/Droid-ify/client/releases
Many more android app stores at
https://t.me/Libreware/1132 and #apk@LibreWare
Tell us your favorite or any missing ones
Added SHA256 for signature verification (Long press on Sync icon to refresh index)
https://github.com/Droid-ify/client/releases
Many more android app stores at
https://t.me/Libreware/1132 and #apk@LibreWare
Tell us your favorite or any missing ones
GitHub
Releases ยท Droid-ify/client
Clutterfree F-Droid client. Contribute to Droid-ify/client development by creating an account on GitHub.
โก7๐3
โ #Fdroid security problems
โจhttps://privsec.dev/posts/android/f-droid-security-issuesโฉโฉ
โจโจhttps://xcancel.com/GrapheneOS/status/1883895255142932816
https://xcancel.com/GrapheneOS/status/1497272529223917575
โจโจhttps://gitlab.com/ironfox-oss/IronFox/-/issues/7โฉโฉ
โจโจhttps://github.com/obfusk/fdroid-fakesigner-pocโฉโฉ
โจโจhttps://github.com/CatimaLoyalty/Android/issues/2608โฉโฉ
โจโจhttps://gitlab.com/fdroid/admin/-/issues/593โฉโฉ
โจโจhttps://discuss.grapheneos.org/d/15490-f-droid-or-obtainiumโฉโฉ
โจโจhttps://m.youtube.com/watch?v=IzpVI4zaso0โฉโฉ
โจโจhttps://m.youtube.com/watch?v=lAbgeJau3eEโฉโฉ
โจโจhttps://m.youtube.com/watch?v=FFz57zNR_M0โฉโฉ
โจโจhttps://m.youtube.com/watch?v=IAoCfrqxโฉโฉ
#fd
โจhttps://privsec.dev/posts/android/f-droid-security-issuesโฉโฉ
โจโจhttps://xcancel.com/GrapheneOS/status/1883895255142932816
https://xcancel.com/GrapheneOS/status/1497272529223917575
โจโจhttps://gitlab.com/ironfox-oss/IronFox/-/issues/7โฉโฉ
โจโจhttps://github.com/obfusk/fdroid-fakesigner-pocโฉโฉ
โจโจhttps://github.com/CatimaLoyalty/Android/issues/2608โฉโฉ
โจโจhttps://gitlab.com/fdroid/admin/-/issues/593โฉโฉ
โจโจhttps://discuss.grapheneos.org/d/15490-f-droid-or-obtainiumโฉโฉ
โจโจhttps://m.youtube.com/watch?v=IzpVI4zaso0โฉโฉ
โจโจhttps://m.youtube.com/watch?v=lAbgeJau3eEโฉโฉ
โจโจhttps://m.youtube.com/watch?v=FFz57zNR_M0โฉโฉ
โจโจhttps://m.youtube.com/watch?v=IAoCfrqxโฉโฉ
#fd
privsec.dev
F-Droid Security Issues
F-Droid is a popular alternative app repository for Android, especially known for its main repository dedicated to free and open-source software. F-Droid is often recommended among security and privacy enthusiasts, but how does it stack up against Play Storeโฆ
๐คก13๐7๐ฅ3๐2โค1
#Motorola's new partnership with #GrapheneOS
https://motorolanews.com/motorola-three-new-b2b-solutions-at-mwc-2026/
https://motorolanews.com/motorola-three-new-b2b-solutions-at-mwc-2026/
Global Blog
Motorola News | Motorola's new partnership with GrapheneOS
Motorola announces three new B2B solutions at MWC 2026, including GrapheneOS partnership, Moto Analytics and more.
๐ฅ40โค14๐8๐3๐คก2๐1
Media is too big
VIEW IN TELEGRAM
#Systemd Adds #Age #Verification & #Reddit #Linux Censors Age Verification Posts
Plus: Which Open Source Operating Systems plan to include Age Verification? The Lunduke Journal compiles a list.
Does It Age Verify?:
https://github.com/BryanLunduke/DoesItAgeVerify
https://lunduke.com
https://www.youtube.com/watch?v=M3erhbwqIAM
Lennart Poettering
#microsoft #stalking #surveillance #backdoor #trojan
Plus: Which Open Source Operating Systems plan to include Age Verification? The Lunduke Journal compiles a list.
Does It Age Verify?:
https://github.com/BryanLunduke/DoesItAgeVerify
https://lunduke.com
https://www.youtube.com/watch?v=M3erhbwqIAM
Lennart Poettering
#microsoft #stalking #surveillance #backdoor #trojan
๐คฌ33๐3๐ฉ2โค1
Media is too big
VIEW IN TELEGRAM
SystemD Root Access Exploit Found, Devuan Team Calls SystemD "Unicorn Sh*t"
"Found yet another high severity #systemd bug in #Ubuntu: local root privilege escalation (CVE-2026-3888) https://cybersecurity88.com/news/ubuntu-cve-2026-3888-timing-flaw-in-systemd-cleanup-enables-root-privilege-escalation/ Let us wish all #Devuan users a wonderful day out with their family for a merry father's day, instead of showeling unicorn shit."
https://xcancel.com/DevuanOrg/status/2034560405968712179
https://www.youtube.com/watch?v=_yukEnElXUg
Lennart Poettering
#microsoft #Linux #stalking #surveillance #backdoor #trojan
"Found yet another high severity #systemd bug in #Ubuntu: local root privilege escalation (CVE-2026-3888) https://cybersecurity88.com/news/ubuntu-cve-2026-3888-timing-flaw-in-systemd-cleanup-enables-root-privilege-escalation/ Let us wish all #Devuan users a wonderful day out with their family for a merry father's day, instead of showeling unicorn shit."
https://xcancel.com/DevuanOrg/status/2034560405968712179
https://www.youtube.com/watch?v=_yukEnElXUg
Lennart Poettering
#microsoft #Linux #stalking #surveillance #backdoor #trojan
๐คฃ10๐9๐5
A systemd fork has set out as a fu*k you to age verification.
Liberated systemd is a fork of mainline systemd started by Jeffrey Seathrรบn Sardina, a machine learning/AI researcher who apparently had enough of where things were heading. The project is straightforward about its purpose; strip out what it considers surveillance-enabling code, keep everything else intact, and stay in sync with upstream as it develops.
https://itsfoss.com/news/systemd-fork-strips-out-age-verification/
@itsfoss_official
#AgeVerification #SystemD
Liberated systemd is a fork of mainline systemd started by Jeffrey Seathrรบn Sardina, a machine learning/AI researcher who apparently had enough of where things were heading. The project is straightforward about its purpose; strip out what it considers surveillance-enabling code, keep everything else intact, and stay in sync with upstream as it develops.
https://itsfoss.com/news/systemd-fork-strips-out-age-verification/
@itsfoss_official
#AgeVerification #SystemD
It's FOSS
Someone Forked Systemd to Strip Out Its Age Verification Support
The project removes the birthDate field systemd added last week in response to age verification laws.
๐ฅ41๐15โค4๐คก2๐ฅด2โคโ๐ฅ1โก1๐ค1
Gomphotherium โ the most minimalistic and fast Mastodon client for the terminal.
For fans of decentralized networks and console minimalism.
It allows you to read the feed, reply to posts, and manage your account without leaving the command line. A true retro vibe for a modern social network.
@github via @dcntr
#Mastodon #Fediverse #CLI
For fans of decentralized networks and console minimalism.
It allows you to read the feed, reply to posts, and manage your account without leaving the command line. A true retro vibe for a modern social network.
@github via @dcntr
#Mastodon #Fediverse #CLI
๐ฅด5๐คก4๐2๐ค1๐1
https://securityonline.info/telegram-critical-zero-click-vulnerability-zdi-can-30207/
its real apparently, just thankfully not in the wild https://www.zerodayinitiative.com/advisories/upcoming/
In the search result of "
https://old.reddit.com/r/Android/comments/1s5xyi1/critical_alert_telegram_vulnerability_zdican30207/
https://news.ycombinator.com/item?id=47546545
#telegram #tg #0click #exploit #vulnerability
its real apparently, just thankfully not in the wild https://www.zerodayinitiative.com/advisories/upcoming/
In the search result of "
ZDI-CAN-30207":https://old.reddit.com/r/Android/comments/1s5xyi1/critical_alert_telegram_vulnerability_zdican30207/
https://news.ycombinator.com/item?id=47546545
#telegram #tg #0click #exploit #vulnerability
๐ค10๐8๐คก5๐ค2๐ฑ1๐1
Nekogram APKs Accused of Hidden Spying Code | One Jail Break
A new investigation by security researcher Repinek is raising alarm over Nekogram, a widely used third-party Telegram client, with claims the appโs Android builds may include covert spying functionality. The report alleges that released APKs contain hidden code capable of collecting and silently transmitting sensitive user data.
The core concern isnโt just privacy, itโs trust. According to the findings, the behavior identified in compiled APKs does not exist in the projectโs public source code, suggesting users may be installing something materially different from what developers publish on the Nekogram GitHub.
[Spyware, Malicious code] Malicious Code Injection and User Data Leaking in Release Binaries ยท Issue #336 ยท Nekogram/Nekogram
https://github.com/Nekogram/Nekogram/issues/336
#Nekogram #TelegramClient #Privacy #Telegram
A new investigation by security researcher Repinek is raising alarm over Nekogram, a widely used third-party Telegram client, with claims the appโs Android builds may include covert spying functionality. The report alleges that released APKs contain hidden code capable of collecting and silently transmitting sensitive user data.
The core concern isnโt just privacy, itโs trust. According to the findings, the behavior identified in compiled APKs does not exist in the projectโs public source code, suggesting users may be installing something materially different from what developers publish on the Nekogram GitHub.
[Spyware, Malicious code] Malicious Code Injection and User Data Leaking in Release Binaries ยท Issue #336 ยท Nekogram/Nekogram
https://github.com/Nekogram/Nekogram/issues/336
#Nekogram #TelegramClient #Privacy #Telegram
๐ข17๐ญ9๐คฌ4๐3๐คฎ2๐ฑ1๐1
Forwarded from Mystic Leaks
This isn't a leak, but...
BREAKING: Nekogram is secretly sending your phone numbers to the developer
The backdoor is hidden in the http://Extra.java
file, which differs from the template uploaded to the repository. The obfuscated code sends data as an inline request to the @nekonotificationbot, leaving no trace.
More info about the backdoor: https://github.com/Nekogram/Nekogram/issues/336 (locked by Nekogram devs)
To validate this, we made a PoC: an LSPosed module that replaces the bot ID and username to ours so all requests are going to it. That way, we confirmed that the phone numbers are being collected. Every. Login.
The PoC is available here: https://github.com/RomashkaTea/nekogram-proof-of-logging
What should you do?
1. Report the app on Play Store: https://play.google.com/store/apps/details?id=tw.nekomimi.nekogram
2. Report the repository on GitHub: https://github.com/Nekogram/Nekogram
3. Delete the app and stop using unofficial Telegram clients
BREAKING: Nekogram is secretly sending your phone numbers to the developer
The backdoor is hidden in the http://Extra.java
file, which differs from the template uploaded to the repository. The obfuscated code sends data as an inline request to the @nekonotificationbot, leaving no trace.
More info about the backdoor: https://github.com/Nekogram/Nekogram/issues/336 (locked by Nekogram devs)
To validate this, we made a PoC: an LSPosed module that replaces the bot ID and username to ours so all requests are going to it. That way, we confirmed that the phone numbers are being collected. Every. Login.
The PoC is available here: https://github.com/RomashkaTea/nekogram-proof-of-logging
What should you do?
1. Report the app on Play Store: https://play.google.com/store/apps/details?id=tw.nekomimi.nekogram
2. Report the repository on GitHub: https://github.com/Nekogram/Nekogram
3. Delete the app and stop using unofficial Telegram clients
๐12๐ฑ6๐คฎ2๐2
systemd birthDate Merge: Corporate Filings & Governance Failure
Investigation pulled Amutable's founding documents from the German Handelsregister
The corporate filings show three equal shareholders, no outside investors, and self-dealing exemptions that let any founder sign contracts between the company and their own personal entities All three founders were employed at Microsoft when they signed the founding deed. A hidden shareholders' agreement referenced three times in the Articles of Association but never filed publicly governs economic rights, IP assignment, and vesting terms the public cannot see.
Three decisions put the birthDate field into #systemd. Each was made by someone with a direct financial interest in the outcome No one disclosed those interests. systemd has no conflict-of-interest policy, no steering committee, no community veto, and no disclosure requirements. The project that boots every major Linux distribution has less formal governance than a typical mid-size open source project.
Investigation pulled Amutable's founding documents from the German Handelsregister
The corporate filings show three equal shareholders, no outside investors, and self-dealing exemptions that let any founder sign contracts between the company and their own personal entities All three founders were employed at Microsoft when they signed the founding deed. A hidden shareholders' agreement referenced three times in the Articles of Association but never filed publicly governs economic rights, IP assignment, and vesting terms the public cannot see.
Three decisions put the birthDate field into #systemd. Each was made by someone with a direct financial interest in the outcome No one disclosed those interests. systemd has no conflict-of-interest policy, no steering committee, no community veto, and no disclosure requirements. The project that boots every major Linux distribution has less formal governance than a typical mid-size open source project.
๐จ17๐4๐ฏ3๐2โค1๐1
Media is too big
VIEW IN TELEGRAM
Age Verification Isnโt What You Think (New Investigation) | Tech, Privacy, News Explained
A new OSINT-based investigation is raising serious questions about how age verification systems actually work.
These systems are often presented as simple checks โ โare you over 18?โ โ but this report suggests something much broader may already be in place.
Surveillance Findings: Age Verification as Mass Surveillance Infrastructure - TBOTE Project
Age verification laws in Brazil, the United Kingdom, and the United States are creating mandatory markets for #BiometricIdentity verification infrastructure that doubles as #surveillance. The same investor, Peter Thiel, simultaneously controls the surveillance analytics company (#Palantir) and funds the identity verification company (Persona via Founders Fund). A coordinated legislative pipeline creates the legal demand for these services across borders. The identity verification ecosystem is now converging with the AI agent infrastructure..
#BigBrother
A new OSINT-based investigation is raising serious questions about how age verification systems actually work.
These systems are often presented as simple checks โ โare you over 18?โ โ but this report suggests something much broader may already be in place.
Surveillance Findings: Age Verification as Mass Surveillance Infrastructure - TBOTE Project
Age verification laws in Brazil, the United Kingdom, and the United States are creating mandatory markets for #BiometricIdentity verification infrastructure that doubles as #surveillance. The same investor, Peter Thiel, simultaneously controls the surveillance analytics company (#Palantir) and funds the identity verification company (Persona via Founders Fund). A coordinated legislative pipeline creates the legal demand for these services across borders. The identity verification ecosystem is now converging with the AI agent infrastructure..
#BigBrother
๐11๐6๐คฌ4๐คก3โค1๐1
SharedTrace
#Python tool for getting additional info by shared link (usernames, avatars, IDs etc).
Support TikTok, Instagram, Discord, ChatGPT, Perplexity and other platforms.
https://github.com/hondling/sharetrace
@cybdetective
#socmint #tracking #trackers #stalking #surveillance #why
#Python tool for getting additional info by shared link (usernames, avatars, IDs etc).
Support TikTok, Instagram, Discord, ChatGPT, Perplexity and other platforms.
https://github.com/hondling/sharetrace
@cybdetective
#socmint #tracking #trackers #stalking #surveillance #why
๐4๐ฑ3๐1