A vulnerability found in the web versions of WhatsApp and Telegram could have been exploited to hijack accounts by sending the targeted user a malicious HTML file disguised as an image or a video.
The flaw was discovered by researchers at Check Point earlier this month and it was quickly patched by both Telegram and WhatsApp on the server side.
Article Link: http://feedproxy.google.com/~r/Securityweek/~3/kaG03fOxt-E/whatsapp-telegram-patch-account-hijacking-vulnerability