Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Hackers continue to seek opportunities to use the infamous vulnerability of CVE-2025-48927 involved in Telemesage, according to To a new report from Greynoise Greynoise.
The Greynoise brand, which monitors, is trying to use vulnerability, has found 11 IP addresses that have tried to exploit since April.
Other IP addresses can do a reconnaissance work: a total of 2 009 IP has been looking for spring endpoints in the last 90 days and 1,582 IP has specifically focused on /health Ending points that normally detect the deployment of the spring drive.
The error allows hackers to extract data from vulnerable systems. The problem “stems from the continued use of the inheritance confirmation of the platform in the spring bootor, where the diagnostics is /Heapdump The endpoint is publicly accessible without authentication, ”said the Caintelegraph research team.
https://www.youtube.com/watch?v=t06mvwz6ngm
Telemessage is similar to Signal, but allows you to archive cottages for conformity purposes. Based in Israel, the company was obtained The American company SMARSH in 2024, before temporary services after a violation of security in May, resulting in theft of files from the application.
“Telemessage said that the vulnerability was corrected at the end,” said Howdy Fisher, member of the Greynoise team. “However, the patches timelines may vary depending on different factors.”
Although the weaknesses of security in applications are more common than required, telemesage vulnerability could be significant to its users: government organizations and businesses. App users can include Former US government officials as Mike Waltz, American Customs and Border Protection and EXCHANGE COINBASE.
Greynoise recommends users to block harmful IP and deactivate or reduce access to /Heapdump the end point. In addition, it may be useful to limit the exposure to the end points of the drive, he said.
Related: Established actors using a “complicated scheme of social engineering” to target crypt users – report
Crypto theft rising in 2025; Darknet credentials go to thousands
The latest report on the crime of chainsalysis’ observes that in 2025 more than $ 2.17 billion has been stolen so far, the pace would bring the theft of crypto related to new maximums. Remarkable security attacks in recent months include physical ”Key attacks ” For Bitcoins and High Profiles Incidents such as February hack crypto exchange bybit.
Attempts to stole credentials often include Phishing, malwareand social engineering.
Magazine: Coinbase Hack shows that the law probably won’t protect you – here’s the reason
