Holders continue to search for opportunities to exploit the weak CVE-2025-48927 participating in Telemessge, According to To a new report from Greynoise.
The Greynoise brand, which monitors attempts to benefit from weakness, discovered 11 IP address that has tried to exploit since April.
Other IP addresses may be the performance of the reconnaissance work: a total of 2,009 IPS has searched for the end points of the spring boot operator in the past 90 days, and I targeted 1,582 IPS specifically /health The end points, which usually discover the spread of the spring boot operator.
Disadvantages are allowed to infiltrators to extract data from weak systems. The issue “stems from the continuous use of the platform for the old confirmation of the spring boot operator, where the diagnosis /Hepdump “The end point for the public can be reached without approval,” the research team told Cointelegraph.
https://www.youtube.com/watch?
Telemessge is similar to the signal application but allows the archiving of chats for compliance purposes. Its headquarters in Israel, the company was acquired By the American company Smarsh in 2024, it temporarily before the services were suspended after a seat breach in May, which led to the theft of files from the application.
“Telemessge has reported that weakness has been corrected at the end,” said Hudi Fischer, a member of Greynoise, said. “However, the time tables of the correction can vary depending on a variety of factors.”
Although security weaknesses in applications are more popular than desirable, the remote security vulnerability can be important to its users: governmental organizations and institutions. The users of the application may It includes Former US government officials Love Mike Walz, American Customs, Border Protection and encryption exchange.
Greynoise recommends to users to prevent harmful IPS and disable or restrict access /Hepdump The end point. In addition, reducing exposure to the end of the operator may be useful.
Related to: The actors are threats that use the “Social Engineering Plan” to target encryption users – report
Encryption theft in 2025; Dependence papers on Darknet go to thousands
The latest report of Chainalysis Crime is noted that more than $ 2.17 billion has been stolen so far in 2025, and the pace of encryption theft will take to new levels. Dark security attacks over the past months include “bonding key attacks” on bitcoin holders and high -level accidents such as February breakthrough for Crypto exchange.
Attempts to theft of reliance data are often involved in hunting attacks, malicious programs and social engineering.
magazine: Coinbase Hack explains that the law may not protect you – here
https://images.cointelegraph.com/cdn-cgi/image/format=auto,onerror=redirect,quality=90,width=1200/https://s3.cointelegraph.com/uploads/2025-07/01981f64-3b9d-7a55-8652-344e6a0fb81b
2025-07-18 22:37:00
