Hackers scanning for TeleMessage Signal clone flaw exposing passwords
Researchers are seeing exploitation attempts for the CVE-2025-48927 vulnerability in the TeleMessage SGNL app, which allows retrieving usernames, passwords, and other sensitive data. TeleMessage SGNL is a Signal clone app now owned by Smarsh, a compliance-focused company that provides cloud-based or on-premisses communication solutions to various organizations. Scanning for vulnerable endpoints Threat monitoring firm GreyNoise has observed multiple attempts to exploit CVE-2025-48927, likely b