Electron is a cool platform that lets you create “native” applications using standard web features. These types of applications are written using Electron. He was then able to get that malicious code to read files from either a Windows PC or a Mac. The actual exploit is pretty involved, but the bottom line is that it’s possible for an innocent-looking link in a WhatsApp message to invisibly redirect people to a malicious website and then run some Javascript code to execute code. If you can mess with text, why not do the same with a link? There’s no fix available for that, which is what got Weizman thinking. It built on an earlier issue in which replies could fake the original text…Ī threat actor may use the “quote” feature in a group conversation to change the identity of the sender, even if that person is not a member of the group, as well as the text of someone else’s reply, essentially putting words in their mouth. The vulnerability was discovered by security researcher Gal Weizman. If you use WhatsApp on Mac, you’ll want to make sure the desktop app has been updated to the current version, 0.4.316.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |