A simple spelling error in the source code of the Telegram Messenger Windows application let attackers bypass a security warning. This enabled the automatic execution of Python scripts after clicking on a link disguised as a video.https://www.notebookcheck.net/Security-vulnerability-in-Telegram-Messenger-s-Windows-application-allowed-code-execution-after-clicking-on-video.827602.0.html
I either encountered mentally handicapped people, scammers, or porn on Telegram, and thankfully none of that interests me anymore...so I wrote the service off. Sorry to the one distant friend who swears by it. Not worth keeping on my phone...