Forwarded from Pavel Durov (Pavel Durov)
Pedro Sánchez’s government is pushing dangerous new regulations that threaten your internet freedoms. Announced just yesterday, these measures could turn Spain into a surveillance state under the guise of “protection.” Here’s why they’re a red flag for free speech and privacy:
1. Ban on social media for under-16s with mandatory age verification: This isn’t just about kids—it requires platforms to use strict checks, like needing IDs or biometrics.
⚠️ Danger: It sets a precedent for tracking EVERY user’s identity, eroding anonymity and opening doors to mass data collection. What starts with minors could expand to all, stifling open discourse.
2. Personal and criminal liability for platform executives: If “illegal, hateful, or harmful” content isn’t removed fast enough, bosses face jail.
⚠️ Danger: This will force over-censorship—platforms will delete anything remotely controversial to avoid risks, silencing political dissent, journalism, and everyday opinions. Your voice could be next if it challenges the status quo.
3. Criminalizing algorithm amplification: Amplifying “harmful” content via algorithms becomes a crime.
⚠️ Danger: Governments will dictate what you see, burying opposing views and creating echo chambers controlled by the state. Free exploration of ideas? Gone—replaced by curated propaganda.
4. “Hate and polarization footprint” tracking: Platforms must monitor and report how they “fuel division.”
⚠️ Danger: Vague definitions of “hate” could label criticism of the government as divisive, leading to shutdowns or fines. This can be a tool for suppressing opposition.
These aren’t safeguards; they’re steps toward total control. We’ve seen this playbook before—governments weaponizing “safety” to censor critics. On Telegram, we prioritize your privacy and freedom: strong encryption, no backdoors, and resistance to overreach.
✊ Stay vigilant, Spain. Demand transparency and fight for your rights. Share this widely—before it’s too late.
Please open Telegram to view this post
VIEW IN TELEGRAM
👍8❤2
Forwarded from /g/'s Tech Memes (GM)
Windows 11's Notepad is a big improvement because it introduced tabs and Markdown suppo- oh fuck: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20841
🤣21😁2
Samsung Galaxy S26 Ultra also comes with a cool feature. If Green Lines ever appear on the Display in the future, You can simply enable the Privacy Display mode. Once activated, the Green Lines gradually fade away when you tilt the phone or view it from a side angle.
👨💻 @agamtechtricks × @attmemes
👨💻 @agamtechtricks × @attmemes
2🤣83❤4🤔4🤡3👍1😁1
Forwarded from MonoGram
A phone number-stealing backdoor was found in Nekogram
The malicious code is concealed within Extra.java (notably, the public repo version of this file is clean). It operates by using obfuscated code to send data through an inline query to @nekonotificationbot, leaving almost zero footprint.
Additionally, if several accounts are connected within the app, the developer can easily see that they belong to the same person.
В Nekogram нашли бэкдор, который сливает номера телефонов
Бэкдор спрятан в файле Extra.java (причем в публичном репозитории проекта этот файл выглядит иначе). Схема работает так: обфусцированный код передает данные через inline-запрос боту @nekonotificationbot, практически не оставляя следов.
А если в приложении подключено сразу несколько аккаунтов, разработчик легко узнает, что все они связаны между собой.
The Google Play version also has this malicious code
Версия из Google Play тоже имеет этот вредоносный код
Sources:
1. Nekogram 12.5.2
2. Backdoor investigation post
3. Screenshot by @andreyduhen (Thanks😏 )
The malicious code is concealed within Extra.java (notably, the public repo version of this file is clean). It operates by using obfuscated code to send data through an inline query to @nekonotificationbot, leaving almost zero footprint.
Additionally, if several accounts are connected within the app, the developer can easily see that they belong to the same person.
В Nekogram нашли бэкдор, который сливает номера телефонов
Бэкдор спрятан в файле Extra.java (причем в публичном репозитории проекта этот файл выглядит иначе). Схема работает так: обфусцированный код передает данные через inline-запрос боту @nekonotificationbot, практически не оставляя следов.
А если в приложении подключено сразу несколько аккаунтов, разработчик легко узнает, что все они связаны между собой.
The Google Play version also has this malicious code
Версия из Google Play тоже имеет этот вредоносный код
Sources:
1. Nekogram 12.5.2
2. Backdoor investigation post
3. Screenshot by @andreyduhen (Thanks
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
❤9
Forwarded from Tech & Leaks Zone
EXPOSED: Source Code Evidence of Nekogram Phone Number Harvesting
1. Exfiltration Logic: The function uo5.g() (reconstructed as logNumberPhones) silently collects the UserID and Phone Number of every account logged into the app (up to 8 accounts).
2. Transmission: Data is sent via Inline Queries to the bot @nekonotificationbot. This is done programmatically, so no message appears in your "Sent" history.
3. Target Bots: Three bots embedded in the client's obfuscated code:
@nekonotificationbot: Receives the automated phone number uploads.
@tgdb_search_bot and @usinfobot: : An OSINT bot mentioned in the obfuscated classes.
4. Security Token: The app uses a hardcoded secret key 741ad28818eab17668bc2c70bd419fc25ff56481758a4ac87e7ca164fb6ae1b1 as a prefix for the stolen data, likely to authenticate with the bot's backend.
5. The image shows that Nekogram always wants to get the "reg date".
Unfortunately the Google Play Store version is also affected!!!
Follow @TechLeaksZone
1. Exfiltration Logic: The function uo5.g() (reconstructed as logNumberPhones) silently collects the UserID and Phone Number of every account logged into the app (up to 8 accounts).
2. Transmission: Data is sent via Inline Queries to the bot @nekonotificationbot. This is done programmatically, so no message appears in your "Sent" history.
3. Target Bots: Three bots embedded in the client's obfuscated code:
@nekonotificationbot: Receives the automated phone number uploads.
@tgdb_search_bot and @usinfobot: : An OSINT bot mentioned in the obfuscated classes.
4. Security Token: The app uses a hardcoded secret key 741ad28818eab17668bc2c70bd419fc25ff56481758a4ac87e7ca164fb6ae1b1 as a prefix for the stolen data, likely to authenticate with the bot's backend.
5. The image shows that Nekogram always wants to get the "reg date".
Unfortunately the Google Play Store version is also affected!!!
Follow @TechLeaksZone
❤8🤡3
GitHub Copilot inserted advertisements in pull requests
GitHub Copilot inserted ads promoting Raycast, Slack, Teams and itself in more than 11000 pull requests.
Technically, these were not ads but just "tips" by Copilot, as the raw data included a hidden HTML comment, "START COPILOT CODING AGENT TIPS."
This "bug" was introduced on March 24, when Copilot's abilities were expanded. Martin Woodward blamed it on a "programming logic issue" and tips have now been turned off permanently.
🧑💻 @agamtechtricks
GitHub Copilot inserted ads promoting Raycast, Slack, Teams and itself in more than 11000 pull requests.
Technically, these were not ads but just "tips" by Copilot, as the raw data included a hidden HTML comment, "START COPILOT CODING AGENT TIPS."
This "bug" was introduced on March 24, when Copilot's abilities were expanded. Martin Woodward blamed it on a "programming logic issue" and tips have now been turned off permanently.
🧑💻 @agamtechtricks
🤡13❤2🥱2👍1
78 Microsoft Products have "Copilot" in their name
As of now, there are 78 Microsoft Products with Copilot in their name. There are Copilots inside Copilots, Copilots for other Copilots, and even a physical key on all Windows laptops!
This website shows how each Copilot product is linked with the other Copilot products.
🧑💻 @agamtechtricks
As of now, there are 78 Microsoft Products with Copilot in their name. There are Copilots inside Copilots, Copilots for other Copilots, and even a physical key on all Windows laptops!
This website shows how each Copilot product is linked with the other Copilot products.
🧑💻 @agamtechtricks
🤯18🤡9👍2❤1
Google REALLY wants our data, don't they?
or they want people to get their accounts locked once the plan ends so people would either have to delete everything to return to 15GB or continue paying
Either way, quite interesting
🧑💻 @agamtechtricks
or they want people to get their accounts locked once the plan ends so people would either have to delete everything to return to 15GB or continue paying
Either way, quite interesting
🧑💻 @agamtechtricks
🔥19😁8👍2❤1
LinkedIn is secretly injecting code and scanning 6,000+ browser extensions without consent
Everytime a user visits LinkedIn, malicious JavaScript is injected which scans the browser for installed extensions, without any notice and consent. This information is then stored at their servers and also sent to HUMAN Security, an American-Israeli cybersecurity firm.
The code downloads list of 6,222 extensions and detects each one of them. This has affected approx. 405 million people. Every extension is then matched to the (logged in) user. This is not mentioned anywhere in their privacy policy or any public document.
LinkedIn scans for:
• 762 LinkedIn-specific tools
• 209 sales & prospecting competitors
• 509 job search extensions
• VPNs, ad blockers, security tools
• Religious & Political extensions
• Disability & neurodivergence tools
LinkedIn knows which organization is using what tools by detecting what tools are installed by employees of that organization.
🔗 BrowserGate | Response
🧑💻 @agamtechtricks
Everytime a user visits LinkedIn, malicious JavaScript is injected which scans the browser for installed extensions, without any notice and consent. This information is then stored at their servers and also sent to HUMAN Security, an American-Israeli cybersecurity firm.
The code downloads list of 6,222 extensions and detects each one of them. This has affected approx. 405 million people. Every extension is then matched to the (logged in) user. This is not mentioned anywhere in their privacy policy or any public document.
LinkedIn scans for:
• 762 LinkedIn-specific tools
• 209 sales & prospecting competitors
• 509 job search extensions
• VPNs, ad blockers, security tools
• Religious & Political extensions
• Disability & neurodivergence tools
LinkedIn knows which organization is using what tools by detecting what tools are installed by employees of that organization.
🔗 BrowserGate | Response
🧑💻 @agamtechtricks
5🤯9🤡2
ATT • Tech News
LinkedIn is secretly injecting code and scanning 6,000+ browser extensions without consent Everytime a user visits LinkedIn, malicious JavaScript is injected which scans the browser for installed extensions, without any notice and consent. This information…
LinkedIn has responded by saying that the claims are "plain wrong," and that:
So, this means they are scanning extensions, doesn't it? Quite interesting, considering the list of these extensions is not published anywhere by LinkedIn.
🔗 YCombinator
🧑💻 @agamtechtricks
To protect the privacy of our members, their data, and to ensure site stability, we do look for extensions that scrape data without members’ consent or otherwise violate LinkedIn’s Terms of Service
So, this means they are scanning extensions, doesn't it? Quite interesting, considering the list of these extensions is not published anywhere by LinkedIn.
🔗 YCombinator
🧑💻 @agamtechtricks
3👎6🤡3❤1
This media is not supported in your browser
VIEW IN TELEGRAM
The all new Copilot app is simply Microsoft Edge
According to @TheBobPony, if "
This happens even if Microsoft Edge Browser and WebView2 is completely uninstalled.
🧑💻 @agamtechtricks
According to @TheBobPony, if "
mscopilot.exe" is renamed to "msedge.exe" and the folder is renamed from "Copilot" to "Edge", it will simply open Microsoft Edge.This happens even if Microsoft Edge Browser and WebView2 is completely uninstalled.
🧑💻 @agamtechtricks
🤣25🤡6😁5😭2💋1