"Malicious uploads allowed hijacking of WhatsApp and Telegram accounts"

The developers of popular communication service apps, WhatsApp and Telegram, have recently patched their application code after being notified by security researchers of vulnerabilities that would allow attackers to infiltrate user accounts through the distribution of malicious files. Researchers discovered ways in which hackers can bypass implemented security verifications to upload HTML files instead of actual image and video files. This article discusses how attackers could exploit this vulnerability as well as what they might do with this unauthorized access.  
 

http://www.computerworld.com/article/3180979/security/malicious-uploads-allowed-hijacking-of-whatsapp-and-telegram-accounts.html