See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

Hackers Scanning for TeleMessage Signal Clone Flaw Exposing Passwords

GLOBAL, JUL 17 – The vulnerability exposes sensitive data due to outdated configurations and has prompted CISA to mandate patching or discontinuation by July 22, with over 11 exploit attempts logged recently.

  • On Thursday, GreyNoise reported hackers targeting TeleMessage SGNL to access plaintext user data, as attempts continue since April and the app remains vulnerable.
  • GrayNoise researchers found instances still exposed as late as May 5, 2025, attributing this to outdated Spring Boot configurations, explaining the root cause of the flaw.
  • Over the past 90 days, more than 2,009 IPs probed Spring Boot Actuator endpoints, with 1,582 targeting /health; GreyNoise created a dedicated tracking tag for TeleMessage SGNL scans.
  • On July 1, U.S. Cybersecurity and Infrastructure Security Agency instructed agencies to patch or cease using the software, and CVE-2025-48927 was added to the KEV catalogue, forcing TeleMessage offline after attackers accessed backend infrastructure.
  • To defend against these attacks, experts recommend restricting the /heapdump endpoint, blocking IPs flagged by GreyNoise, and upgrading to supported Spring Boot versions.
Insights by Ground AI
Does this summary seem wrong?

11 Articles

BleepingComputerBleepingComputer
Center

Hackers scanning for TeleMessage Signal clone flaw exposing passwords

Researchers are seeing exploitation attempts for the CVE-2025-48927 vulnerability in the TeleMessage SGNL app, which allows retrieving usernames, passwords, and other sensitive data.

Read Full Article
TechCrunchTechCrunch
Reposted by
technewstube.comtechnewstube.com
Center

Hackers are trying to steal passwords and sensitive data from users of Signal clone

The bug in the modified messaging app can expose users' “plaintext usernames, passwords, and other sensitive data,” per GreyNoise.

·United States
Read Full Article
investincryptonews.cominvestincryptonews.com

Hackers Continue Attempts to Exploit Forked Signal App: Report - Invest In Crypto News

Helping you make informed financial decisions with the latest news and insights from the world of investing and cryptocurrency. Unlock the power of crypto.

Read Full Article
The New York LedgerThe New York Ledger

Hackers Continue Attempts to Exploit Forked Signal App: Report | The New York Ledger

Hackers are continuing to look for chances to make use of the notorious CVE-2025-48927 vulnerability associated with TeleMessage, according to a brand-new report from hazard intelligence business GreyNoise. GreyNoise’s tag, which keeps an eye on efforts to make the most of the vulnerability, has actually spotted 11 IP addresses that have actually tried the make use of because April. Other IP addresses might be carrying out reconnaissance work: A…

Read Full Article
Crypto Breaking NewsCrypto Breaking News

Report: Ongoing Hacker Scouting Targets TeleMessage App Flaw

In a recent development within the cryptocurrency security sphere, a new report has surfaced detailing the discovery and implications of a vulnerability within a widely used messaging service, TeleMessage. This issue highlights the ongoing challenges faced by the blockchain and crypto industry in safeguarding communication channels from malicious activities. Uncovering the TeleMessage Vulnerability The vulnerability identified in TeleMessage cou…

Read Full Article
CointelegraphCointelegraph

Hacker reconnaissance work continues on TeleMessage app vulnerability

Hackers continue to try to exploit a forked signal app that is used to archive sensitive messages for compliance purposes, according to a report.

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

technewstube.com broke the news in on Thursday, July 17, 2025.
Sources are mostly out of (0)

Similar News Topics

Apps icon

Apps

Cyber Security icon

Cyber Security

Cryptocurrency icon

Cryptocurrency

Signal icon

Signal

News
For You
SearchBlindspotLocal