CyberSecurityBoard
Sponsor Register Login

Signal App Clone TeleMessage Vulnerability May Leak Passwords; Hackers Exploiting It

GreyNoise recommends blocking malicious IPs using their threat intelligence feeds, specifically targeting SPRING BOOT ACTUATOR CRAWLER and SPRING BOOT ACTUATOR HEALTH SCANNER activities. The severity of this issue prompted the Cybersecurity and Infrastructure Security Agency (CISA) to add CVE-2025-48927 to its Known Exploited Vulnerabilities (KEV) catalog on July 14th. Of these, 1,582 IPs specifically targeted /health endpoints, commonly used by attackers to identify internet-exposed Spring Boot deployments vulnerable to exploitation. The flaw, designated CVE-2025-48927, affects government agencies and enterprises using this secure communication platform for archiving confidential messages. Disable /heapdump endpoint, block malicious IPs, upgrade Spring Boot immediately. This endpoint can return complete snapshots of heap memory, approximately 150MB in size, potentially containing plaintext usernames, passwords, and other sensitive data. The security firm created a dedicated tracking tag on July 10 to monitor these exploitation attempts. GreyNoise Research has identified significant malicious activity targeting this vulnerability. This systematic approach to identifying vulnerable systems suggests organized cybercriminal campaigns rather than opportunistic attacks.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 18 Jul 2025 09:50:13 +0000


Cyber News related to Signal App Clone TeleMessage Vulnerability May Leak Passwords; Hackers Exploiting It

Unofficial Signal app used by Trump officials investigates hack - The statement comes in response to a request to confirm a 404 Media report saying that a hacker breached TeleMessage and gained access to direct messages and group chats archived using TM SGNL, TeleMessage's unofficial Signal clone, which former ...
2 months ago Bleepingcomputer.com
Russian Groups Target Signal Messenger in Spy Campaign - But the tactics the threat actors are using in the campaign could well serve as a blueprint for other groups to follow in broader attacks on Signal, WhatsApp, Telegram, and other popular messaging apps, GTIG warned in a blog post this week. The other ...
5 months ago Darkreading.com Turla
Running Signal Will Soon Cost $50 Million a Year - While Whittaker argues that Signal runs as lean an operation as possible, she also notes that many of its features cost more than they do for other communications platforms, due to the extra cost of enabling those features in privacy-preserving ways. ...
1 year ago Wired.com
Signal Finally Rolls Out Usernames, So You Can Keep Your Phone Number Private - The third new feature, which is not enabled by default and which Signal recommends mainly for high-risk users, allows you to turn off not just your number's visibility but its discoverability. That extra safeguard might be important if you don't want ...
1 year ago Wired.com
Russian state hackers spy on Ukrainian military through Signal app | The Record from Recorded Future News - Google said that while these recent attacks were likely driven by wartime demands to access sensitive government and military communications in the context of Russia’s invasion of Ukraine, researchers expect attacks on Signal to grow and spread to ...
5 months ago Therecord.media Turla
X now blocks Signal contact links, flags them as malicious - According to BleepingComputer's tests and other users' reports, attempting to post Signal.me links via public posts, direct messages, or profile bios receive error messages citing spam or malware risks. Social media platform X (formerly Twitter) is ...
5 months ago Bleepingcomputer.com
The most popular passwords of 2023 are easy to guess and crack - Each year, analysts at various Internet security companies release lists of the most used passwords. ADVERTISEMENT. The passwords that are on these lists may act as a warning for any Internet and electronic device user. Some common passwords have ...
1 year ago Ghacks.net
Enzoic for AD Lite Data Shows Increase in Crucial Risk Factors - The 2023 data from Enzoic for Active Directory Lite data from 2023 offers a revealing glimpse into the current state of cybersecurity, highlighting a significant increase in risk factors that lead to data breaches. The free password auditor has been ...
1 year ago Securityboulevard.com
CISA Warns of TeleMessage TM SGNL Vulnerabilities Exploited in Attacks - The vulnerabilities, tracked as CVE-2025-48927 and CVE-2025-48928, pose significant security risks to organizations utilizing this communication platform, with CISA adding both flaws to its Known Exploited Vulnerabilities (KEV) catalog on July 1, ...
3 weeks ago Cybersecuritynews.com CVE-2025-48927
SharePoint 0-day Vulnerability Exploited in Wild by All Sorts of Hacker Groups - File Indicators of Compromise (IoCs) SHA-1FilenameDetectionDescriptionF5B60A8EAD96703080E73A1F79C3E70FF44DF271spinstall0.aspxMSIL/Webshell.JSWebshell deployed via SharePoint vulnerabilities Network Indicators of Compromise (IoCs) IP ...
1 day ago Cybersecuritynews.com
Fake app impersonating LastPass spotted in Apple's App Store The Register - LastPass says a rogue application impersonating its popular password manager made it past Apple's gatekeepers and was listed in the iOS App Store for unsuspecting folks to download and install. A screenshot of the fake LastPass app in the Apple App ...
1 year ago Go.theregister.com
Fake LastPass password manager spotted on Apple's App Store - LastPass is warning that a fake copy of its app is being distributed on the Apple App Store, likely used as a phishing app to steal users' credentials. The fake app uses a similar name to the genuine app, a similar icon, and a red-themed interface ...
1 year ago Bleepingcomputer.com
CVE-2025-29154 - HTML injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the .galera.app/ted/solicitacao_treinamento/, .galera.app/rh/metas/perspectiva_estrategica/edicao/, ...
2 months ago
ChatGPT Clone Apps Collecting Personal Data on iOS, Play Store - On Android devices, one of the apps analyzed by researchers has more than 100,000 downloads, tracks, and shares location data with ByteDance and Amazon, etc. ChatGPT, the AI software, has already taken the Internet by storm, and that is why ...
2 years ago Hackread.com Everest
Hackers scanning for TeleMessage Signal clone flaw exposing passwords - When using outdated Spring Boot configurations that do not restrict access to diagnostic endpoints, the flaw lets an attacker download a full Java heap memory dump of approximately 150MB, which may contain plaintext usernames, passwords, tokens, and ...
1 week ago Bleepingcomputer.com CVE-2025-48927
How to use the Apple Passwords app - Help Net Security - The app’s Security section informs you if you have chosed easily guessable or reused passwords, or if that particular password has been compromised (i.e., appears in public data leaks). To edit passwords, select the “All” section and then ...
9 months ago Helpnetsecurity.com
Signal no longer cooperating with Ukraine on Russian cyber threats, official says | The Record from Recorded Future News - Speaking to Recorded Future News on the sidelines of the Kyiv cyber forum, Demediuk said that Ukraine used “an official communication channel” to reach out to Signal about how the app is being abused by Russians, including for phishing attacks ...
4 months ago Therecord.media
Ukrainian military targeted in new Signal spear-phishing attacks - Ukraine's Computer Emergency Response Team (CERT-UA) is warning about highly targeted attacks employing compromised Signal accounts to send malware to employees of defense industry firms and members of the country's army forces. In February 2025, ...
4 months ago Bleepingcomputer.com
Signal rolls out usernames that let you hide your phone number - End-to-end encrypted messaging app Signal finally allows users to pick custom usernames to connect with others while protecting their phone number privacy. This is part of a beta rollout that follows a public test phase in a staging environment ...
1 year ago Bleepingcomputer.com
CVE-2021-47326 - In the Linux kernel, the following vulnerability has been resolved: x86/signal: Detect and prevent an alternate signal stack overflow The kernel pushes context on to the userspace stack to prepare for the user's signal handler. When the user has ...
1 year ago Tenable.com
How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
2 years ago Hackread.com
In Pursuit of a Passwordless Future - Many computer users dream of a day when the industry can move past its reliance on passwords to reach a more serene future of frictionless cybersecurity. The fact is, countless remaining devices and systems are aging relics that have been based on ...
1 year ago Cyberdefensemagazine.com
CVE-2022-39253 - Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local ...
1 year ago
The 7 technology trends that could replace passwords - In passwords, this provides a secure way to let users prove that they know their own password, without any need to transmit their actual credentials – it is a cryptographic method that proves you know your password without needing to actually ...
3 months ago Bleepingcomputer.com
Holiday Hackers: How to Safeguard Your Service Desk - Hackers really don't take holidays, but they will take advantage of them. Many of these cyberattacks will zero in on the service or help desk to gain entry into network systems. Recovering accounts because of forgotten passwords is one of the ...
1 year ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)