Thanks for participating everyone. We will try to host some more giveaways in the future so don't be sad if you didn't win.
Congratulations to the winners ππ (check your DM if you won the giveaway)
Congratulations to the winners ππ (check your DM if you won the giveaway)
β€5π₯5π3
How often do you actually use Circle to Search?
Anonymous Poll
61%
All the time (Best feature ever!) π«Ά
20%
I tried it, but itβs not for me.
19%
Still waiting for the update on my phone :(
β€11
Does your device have native support for Circle to Search?
Anonymous Poll
70%
Yes, it's built-in! β
30%
No, I'm using miCTS (Or something similar). π οΈ
β€14
Share your homescreen setups. Here's mine-
β€63π±11π7π₯4π3π€―2
β€39
Forwarded from Mystic Leaks
This isn't a leak, but...
BREAKING: Nekogram is secretly sending your phone numbers to the developer
The backdoor is hidden in the http://Extra.java
file, which differs from the template uploaded to the repository. The obfuscated code sends data as an inline request to the @nekonotificationbot, leaving no trace.
More info about the backdoor: https://github.com/Nekogram/Nekogram/issues/336 (locked by Nekogram devs)
To validate this, we made a PoC: an LSPosed module that replaces the bot ID and username to ours so all requests are going to it. That way, we confirmed that the phone numbers are being collected. Every. Login.
The PoC is available here: https://github.com/RomashkaTea/nekogram-proof-of-logging
What should you do?
1. Report the app on Play Store: https://play.google.com/store/apps/details?id=tw.nekomimi.nekogram
2. Report the repository on GitHub: https://github.com/Nekogram/Nekogram
3. Delete the app and stop using unofficial Telegram clients
BREAKING: Nekogram is secretly sending your phone numbers to the developer
The backdoor is hidden in the http://Extra.java
file, which differs from the template uploaded to the repository. The obfuscated code sends data as an inline request to the @nekonotificationbot, leaving no trace.
More info about the backdoor: https://github.com/Nekogram/Nekogram/issues/336 (locked by Nekogram devs)
To validate this, we made a PoC: an LSPosed module that replaces the bot ID and username to ours so all requests are going to it. That way, we confirmed that the phone numbers are being collected. Every. Login.
The PoC is available here: https://github.com/RomashkaTea/nekogram-proof-of-logging
What should you do?
1. Report the app on Play Store: https://play.google.com/store/apps/details?id=tw.nekomimi.nekogram
2. Report the repository on GitHub: https://github.com/Nekogram/Nekogram
3. Delete the app and stop using unofficial Telegram clients
π₯17β€15
BTW new icon pack port dropping tomorrow (probablyπ
)
π₯16β€5π2