Bleeping Computer

Malicious RubyGems pose as Fastlane to steal Telegram API data

Two malicious RubyGems packages posing as popular Fastlane CI/CD plugins redirect Telegram API requests to attacker-controlled servers to intercept and steal data. RubyGems is the official package ...
Wired

Be Careful Using Bots on Telegram

The secure messaging app Telegram is significant for two very different reasons. One is that the app is a go-to encrypted communication tool for hundreds of millions of users around the world, ...
CSOonline

Supply chain attack hits RubyGems to steal Telegram API data

Threat actor exploits Fastlane plugin trust to redirect Telegram traffic via C2 server after Vietnam’s ban, targeting mobile app CI/CD pipelines. An ongoing supply chain attack is targeting the ...
techtimes

Telegram’s Bot API Now Lets Autonomous AI Agents Coordinate Directly — With No Federal Multi-Agent Security Standard in Place

On May 7, 2026, Telegram became the first billion-user messaging platform to enable native, direct communication between autonomous AI bots — a capability that developers and AI researchers have ...