WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2025 Poal.co

1.2K

Source: https://archive.md/C88Al

Do not open external links that end with .webp

The attack vector can also be spread through a .webp file renamed as .jpg

If you are using FireFox (or a clone) you can disable webp support:

  • about:config >> image.http.accept, delete "image/webp"
  • about:config >> network.http.accept.default, delete "image/webp"
  • about:config >> set image.webp.enabled to FALSE

You can also use:

Update: webp uploading/linking/viewing are now disabled (and on pic8 as well).

Source: https://archive.md/C88Al ## Do not open external links that end with .webp The attack vector can also be spread through a .webp file renamed as .jpg If you are using FireFox (or a clone) you can disable webp support: * about:config >> image.http.accept, delete "image/webp" * about:config >> network.http.accept.default, delete "image/webp" * about:config >> set image.webp.enabled to FALSE You can also use: * https://addons.mozilla.org/en-US/firefox/addon/dont-accept-webp/ ## Update: webp uploading/linking/viewing are now disabled (and on pic8 as well).

(post is archived)

You are currently inside a comment thread.
Click here to see all the comments (39).
[–] 7 pts

Damn, seems like whoever is behind this is using meme culture to their advantage. Cunts.

Thanks for the warning.

[–] 6 pts

I've been calling out those sharing that Joogle's 3 letter agencies trojan.

I always knew it was up to no good.

[–] 2 pts

Does this affect linux platforms?

[–] 2 pts

I haven't checked but it could be if crApple is using ImageIO in Webkit.