Hackers are trying to steal passwords and sensitive data from users of Signal clone

Recent reports indicate that hackers are exploiting a known vulnerability in the TeleMessage app, a modified version of Signal, to gain unauthorized access to users' sensitive information. This alarming trend has been highlighted by security experts and a U.S. government cybersecurity agency, raising concerns over user privacy. TeleMessage, which earlier this year became notorious after being used by high-ranking officials in the Trump administration, has faced scrutiny following a data breach incident in May. The application is designed for corporations and government agencies requiring chat archiving for legal compliance. However, the app's security shortcomings have now come to light, prompting warnings from cybersecurity firms. GreyNoise, a cybersecurity company that monitors online threats, recently published a warning about the vulnerability, which was originally disclosed in May. The firm noted multiple attempts to exploit this flaw, which could potentially allow hackers to access plaintext usernames, passwords, and other critical data from affected users. According to GreyNoise researcher Howdy Fisher, the exploit's simplicity is shocking, revealing that many systems remain unprotected. In early July, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) officially listed the flaw under the identifier CVE-2025-48927 in its catalog of Known Exploited Vulnerabilities. This designation indicates that hackers are actively leveraging this security hole, although no public reports of successful hacks against TeleMessage customers have emerged. The spotlight on TeleMessage intensified earlier in the year when U.S. National Security Advisor Mike Waltz inadvertently disclosed his use of the app, leading to a significant operational security breach. This incident and its fallout have only added to the scrutiny faced by the platform, especially after reports of attackers accessing private messages from users, including sensitive groups within Customs and Border Protection and Coinbase. As the situation develops, the need for vigilance and robust cybersecurity measures becomes increasingly critical for users of the TeleMessage app and similar services.