supply-chain - VPNrevie.ws

The VPNrevie.ws mascot, a pine marten, investigates a fake telegram that is drawn over with a cross. Under it, the "security check complete" dialogue from APKPure

Investigations

APKPure Served a Data-Stealing Imposter of Telegram

A repackaged Telegram APK on APKPure contained a collector that exfiltrated messages, media and contacts to a server previously running a simple Collector Dashboard.

Tired VPNrevie.ws mascot fed up with all these breaches. Made with Gemini

zero-day

The Patch Wave: Eleven Breaches, One Week, and the Myth of the AI Collapse

A single week saw Linux, Windows, macOS, Next.js, and the global software supply chain battered by critical exploits and mass advisories. Is this the long-feared AI-driven collapse of digital infrastructure, or just the new normal? A technical, evidence-driven investigation.

supply-chain

JDownloader's Linux Installer Delivered a Root Backdoor

ℹ️This is a developing situation I have relied on JDownloader for years. It is the sort of unglamorous tool you install once and forget about until you need to pull a 40 GB archive at 3 a.m. So when the official site went dark on 7 May and

Sad Roblox character holding a shimmering white triangle over a red background

Investigations

Vercel’s supply-chain breach: one Roblox script away from your secrets

A stolen Roblox auto-farm script led to Context.ai credentials, then Vercel Google Workspace takeover via OAuth token abuse in March 2026.