Forwarded from Tech & Leaks Zone
EXPOSED: Source Code Evidence of Nekogram Phone Number Harvesting
1. Exfiltration Logic: The function uo5.g() (reconstructed as logNumberPhones) silently collects the UserID and Phone Number of every account logged into the app (up to 8 accounts).
2. Transmission: Data is sent via Inline Queries to the bot @nekonotificationbot. This is done programmatically, so no message appears in your "Sent" history.
3. Target Bots: Three bots embedded in the client's obfuscated code:
@nekonotificationbot: Receives the automated phone number uploads.
@tgdb_search_bot and @usinfobot: : An OSINT bot mentioned in the obfuscated classes.
4. Security Token: The app uses a hardcoded secret key 741ad28818eab17668bc2c70bd419fc25ff56481758a4ac87e7ca164fb6ae1b1 as a prefix for the stolen data, likely to authenticate with the bot's backend.
5. The image shows that Nekogram always wants to get the "reg date".
Unfortunately the Google Play Store version is also affected!!!
Follow @TechLeaksZone
1. Exfiltration Logic: The function uo5.g() (reconstructed as logNumberPhones) silently collects the UserID and Phone Number of every account logged into the app (up to 8 accounts).
2. Transmission: Data is sent via Inline Queries to the bot @nekonotificationbot. This is done programmatically, so no message appears in your "Sent" history.
3. Target Bots: Three bots embedded in the client's obfuscated code:
@nekonotificationbot: Receives the automated phone number uploads.
@tgdb_search_bot and @usinfobot: : An OSINT bot mentioned in the obfuscated classes.
4. Security Token: The app uses a hardcoded secret key 741ad28818eab17668bc2c70bd419fc25ff56481758a4ac87e7ca164fb6ae1b1 as a prefix for the stolen data, likely to authenticate with the bot's backend.
5. The image shows that Nekogram always wants to get the "reg date".
Unfortunately the Google Play Store version is also affected!!!
Follow @TechLeaksZone
❤8🤡3
GitHub Copilot inserted advertisements in pull requests
GitHub Copilot inserted ads promoting Raycast, Slack, Teams and itself in more than 11000 pull requests.
Technically, these were not ads but just "tips" by Copilot, as the raw data included a hidden HTML comment, "START COPILOT CODING AGENT TIPS."
This "bug" was introduced on March 24, when Copilot's abilities were expanded. Martin Woodward blamed it on a "programming logic issue" and tips have now been turned off permanently.
🧑💻 @agamtechtricks
GitHub Copilot inserted ads promoting Raycast, Slack, Teams and itself in more than 11000 pull requests.
Technically, these were not ads but just "tips" by Copilot, as the raw data included a hidden HTML comment, "START COPILOT CODING AGENT TIPS."
This "bug" was introduced on March 24, when Copilot's abilities were expanded. Martin Woodward blamed it on a "programming logic issue" and tips have now been turned off permanently.
🧑💻 @agamtechtricks
🤡13❤2🥱2👍1
78 Microsoft Products have "Copilot" in their name
As of now, there are 78 Microsoft Products with Copilot in their name. There are Copilots inside Copilots, Copilots for other Copilots, and even a physical key on all Windows laptops!
This website shows how each Copilot product is linked with the other Copilot products.
🧑💻 @agamtechtricks
As of now, there are 78 Microsoft Products with Copilot in their name. There are Copilots inside Copilots, Copilots for other Copilots, and even a physical key on all Windows laptops!
This website shows how each Copilot product is linked with the other Copilot products.
🧑💻 @agamtechtricks
🤯18🤡9👍2❤1
Google REALLY wants our data, don't they?
or they want people to get their accounts locked once the plan ends so people would either have to delete everything to return to 15GB or continue paying
Either way, quite interesting
🧑💻 @agamtechtricks
or they want people to get their accounts locked once the plan ends so people would either have to delete everything to return to 15GB or continue paying
Either way, quite interesting
🧑💻 @agamtechtricks
🔥19😁8👍2❤1
LinkedIn is secretly injecting code and scanning 6,000+ browser extensions without consent
Everytime a user visits LinkedIn, malicious JavaScript is injected which scans the browser for installed extensions, without any notice and consent. This information is then stored at their servers and also sent to HUMAN Security, an American-Israeli cybersecurity firm.
The code downloads list of 6,222 extensions and detects each one of them. This has affected approx. 405 million people. Every extension is then matched to the (logged in) user. This is not mentioned anywhere in their privacy policy or any public document.
LinkedIn scans for:
• 762 LinkedIn-specific tools
• 209 sales & prospecting competitors
• 509 job search extensions
• VPNs, ad blockers, security tools
• Religious & Political extensions
• Disability & neurodivergence tools
LinkedIn knows which organization is using what tools by detecting what tools are installed by employees of that organization.
🔗 BrowserGate | Response
🧑💻 @agamtechtricks
Everytime a user visits LinkedIn, malicious JavaScript is injected which scans the browser for installed extensions, without any notice and consent. This information is then stored at their servers and also sent to HUMAN Security, an American-Israeli cybersecurity firm.
The code downloads list of 6,222 extensions and detects each one of them. This has affected approx. 405 million people. Every extension is then matched to the (logged in) user. This is not mentioned anywhere in their privacy policy or any public document.
LinkedIn scans for:
• 762 LinkedIn-specific tools
• 209 sales & prospecting competitors
• 509 job search extensions
• VPNs, ad blockers, security tools
• Religious & Political extensions
• Disability & neurodivergence tools
LinkedIn knows which organization is using what tools by detecting what tools are installed by employees of that organization.
🔗 BrowserGate | Response
🧑💻 @agamtechtricks
5🤯9🤡2
ATT • Tech News
LinkedIn is secretly injecting code and scanning 6,000+ browser extensions without consent Everytime a user visits LinkedIn, malicious JavaScript is injected which scans the browser for installed extensions, without any notice and consent. This information…
LinkedIn has responded by saying that the claims are "plain wrong," and that:
So, this means they are scanning extensions, doesn't it? Quite interesting, considering the list of these extensions is not published anywhere by LinkedIn.
🔗 YCombinator
🧑💻 @agamtechtricks
To protect the privacy of our members, their data, and to ensure site stability, we do look for extensions that scrape data without members’ consent or otherwise violate LinkedIn’s Terms of Service
So, this means they are scanning extensions, doesn't it? Quite interesting, considering the list of these extensions is not published anywhere by LinkedIn.
🔗 YCombinator
🧑💻 @agamtechtricks
3👎6🤡3❤1
This media is not supported in your browser
VIEW IN TELEGRAM
The all new Copilot app is simply Microsoft Edge
According to @TheBobPony, if "
This happens even if Microsoft Edge Browser and WebView2 is completely uninstalled.
🧑💻 @agamtechtricks
According to @TheBobPony, if "
mscopilot.exe" is renamed to "msedge.exe" and the folder is renamed from "Copilot" to "Edge", it will simply open Microsoft Edge.This happens even if Microsoft Edge Browser and WebView2 is completely uninstalled.
🧑💻 @agamtechtricks
🤣25🤡6😁5😭2💋1
This media is not supported in your browser
VIEW IN TELEGRAM
Chrome is finally rolling out vertical tabs
To enable vertical tabs in Chrome, right click on the window and select "Show Tabs Vertically." This was previously available only as a flag on the stable version of Chrome, but now can be turned on easily.
Along with this, the new reader mode now offers a full-page interface. This can be enabled by right clicking on the page and selecting "Open in reading mode."
🔗 Google
🧑💻 @agamtechtricks
To enable vertical tabs in Chrome, right click on the window and select "Show Tabs Vertically." This was previously available only as a flag on the stable version of Chrome, but now can be turned on easily.
Along with this, the new reader mode now offers a full-page interface. This can be enabled by right clicking on the page and selecting "Open in reading mode."
🧑💻 @agamtechtricks
🤮15❤4🔥3💋1
ATT • Tech News
WhatsApp Developing Username Feature for Web Client WhatsApp is advancing its plans to introduce a username feature, enhancing user privacy by allowing connections without sharing phone numbers. The new feature, still in development, will enable users to…
WhatsApp's username feature is now rolling out gradually on Android and iOS
Restrictions:
The username cannot match an existing username on Facebook/Instagram, and you can link your own username from these platforms.
WhatsApp will also offer an optional “username key,” which is a 4-digit code needed to send messages to a new username. Check WhatsApp > Settings > Profile if the update is available for you.
🔗 WABetaInfo
🧑💻 @agamtechtricks
Restrictions:
• Cannot start with a "www."
• Cannot end with a domain (.com, etc.) or a period
• At least 1 letter
• Only lowercase letters, numbers, periods and underscores.
• 3-35 characters
The username cannot match an existing username on Facebook/Instagram, and you can link your own username from these platforms.
WhatsApp will also offer an optional “username key,” which is a 4-digit code needed to send messages to a new username. Check WhatsApp > Settings > Profile if the update is available for you.
🔗 WABetaInfo
🧑💻 @agamtechtricks
❤8👍4
Microsoft has started removing Copilot from Windows 11
After their "Our commitment to Windows quality" announcement, Microsoft has started by cleaning up Notepad and Snipping tool.
In Notepad v11.2512.28.0, AI tools still exist, but now they are just called "Writing tools" instead of Copilot. The Copilot logo has been replaced with a pen icon. In settings, Writing Tools is now placed under "Advanced Features" instead of "AI Features". So, it's just a simple rebranding.
However, AI has now been completely removed from Snipping tool
🔗 Windows Latest
🧑💻 @agamtechtricks
After their "Our commitment to Windows quality" announcement, Microsoft has started by cleaning up Notepad and Snipping tool.
In Notepad v11.2512.28.0, AI tools still exist, but now they are just called "Writing tools" instead of Copilot. The Copilot logo has been replaced with a pen icon. In settings, Writing Tools is now placed under "Advanced Features" instead of "AI Features". So, it's just a simple rebranding.
However, AI has now been completely removed from Snipping tool
🔗 Windows Latest
🧑💻 @agamtechtricks
❤29😁4🤩2👍1
Mexico's government has been compromised using Claude and ChatGPT
Some person "vibe hacked" the Mexico government, and the data stolen includes:
🔗 Research Paper
🧑💻 @agamtechtricks
Some person "vibe hacked" the Mexico government, and the data stolen includes:
1. SAT - Federal tax authority:
- 195 million taxpayer records
- 52 million directory records
2. Estado de Mexico - State government:
- 15.5M vehicle registries
- 3.6M property owners
3. Registro Civil de CDMX - Mexico City civil registry:
- 220M civil records
4. Jalisco state gov:
- 50K patients
- 17K domestic violence victims
- 36K healthcare employee records
- 180K digital gov records
5. INE - National electoral institute:
- 13.8K voter card records
6. Michoacan state government:
- 2.28M property records
- 2K user accounts, plaintext passwords
7. SADM Monterrey Municipal water utility:
- 3.5K procurement & vendor records
- 5K procurement bid records
8. Tamaulipas state government
- Active Directory
9. Salud CDMX - Mexico City health department
- Zimbra email server
🔗 Research Paper
🧑💻 @agamtechtricks
😁12🤣7🔥1