TeleMessage vulnerability used to pilfer users’ credentials, data

Multiple attacks exploiting a vulnerability in the TeleMessage platform's Signal clone app, tracked as CVE-2025-48927, have sought to compromise users' credentials and data since the flaw's initial disclosure in May, according to TechCrunch.

Threat actors successfully leveraging the flaw could expose usernames, passwords, and other sensitive information in plaintext, a report from GreyNoise revealed. "I was left in disbelief at the simplicity of this exploit. [A]fter some digging, I found that many devices are still open and vulnerable to this," said GreyNoise researcher Howdy Fisher. Such a development comes after the security issue was added by the Cybersecurity and Infrastructure Security Agency to its Known Exploited Vulnerabilities catalog, which recommended the remediation of the bug by July 22. TeleMessage had users' private messages and group chat contents recently compromised after the platform was discovered to have been utilized by officials part of the Trump administration for military strike plan discussions.