BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

Hackers Target TeleMessage App via CVE-2025-48927 Vulnerability

TeleMessage Vulnerability Exploited by Hackers, Leading to Data Breaches and Rising Crypto Theft in 2025

  • Hackers continue exploiting a key vulnerability in TeleMessage, affecting critical endpoints.
  • The flaw enables attackers to extract data from unprotected systems using the Spring Boot Actuator framework.
  • GreyNoise detected 11 IPs actively trying to exploit the bug, and over 2,000 performing related scans since April.
  • TeleMessage reported patching the vulnerability after a security breach led to stolen files in May 2024.
  • Chainalysis reports over $2.17 billion lost to crypto theft in 2025, driven by social engineering and Malware.

Hackers are working to exploit a vulnerability, known as CVE-2025-48927, in the TeleMessage messaging app. A report from threat intelligence firm GreyNoise confirms that attackers continue to target this flaw, which allows unauthorized data extraction from affected systems.

- Advertisement -

The issue stems from the Spring Boot Actuator framework, where a diagnostic endpoint called /heapdump was publicly accessible without a password. According to GreyNoise, their monitoring detected 11 IP addresses attempting direct exploits of the flaw since April. In addition, over 2,000 other IP addresses searched for Actuator endpoints, with 1,582 focusing on the /health feature that helps find vulnerable installations.

The GreyNoise team told Cointelegraph that the problem comes from using old confirmation methods in Spring Boot Actuator, making the /heapdump endpoint easy for Hackers to reach. “TeleMessage has stated that the vulnerability has been patched on their end,” said Howdy Fisher from GreyNoise. “However, patch timelines can vary depending on a variety of factors.”

TeleMessage, which operates similarly to Signal but offers chat archiving for compliance, is used by government organizations and companies such as US Customs and Border Protection and crypto exchange Coinbase. In May 2024, the app suspended services after a security breach led to files being stolen. The company was acquired by US-based Smarsh earlier in the year, as noted in a press release.

GreyNoise recommends users block suspicious IPs and restrict access to the /heapdump endpoint. Limiting exposure to all Actuator endpoints can also help prevent attacks, according to their report.

- Advertisement -

Cybersecurity threats targeting crypto users are on the rise in 2025. According to a report by Chainalysis, over $2.17 billion has been stolen through various methods including phishing, malware, and physical attacks. High-profile cases include the Bybit exchange hack in February. Users of vulnerable apps may include former US government officials, as highlighted in this NBC report.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

FatFs Flaws Let Malicious Media Hijack Millions of Devices

Seven vulnerabilities (CVE-2026-6682 to CVE-2026- 6688) were found in the widely used FatFs filesystem library,...

Saylor Rage-Quits Channel 4 Over Bitcoin Grilling

Michael Saylor ended a Channel 4 interview by accusing the reporter of being offensive...

Linux ‘Bad Epoll’ Bug Grants Any User Root Access

A critical Linux kernel flaw, Bad Epoll (CVE-2026-46242), allows a standard user to gain...

Crypto Bill Fails to Meet White House July 4 Deadline

The White House will miss its July 4 deadline for passing a cryptocurrency market...

Alphabet Undervalued Despite Record Growth, AI Push

Alphabet (GOOGL) stock is deemed undervalued despite record revenue and strong AI positioning, trading...

Must Read

Tutorial: How to Buy a Domain Name Permanently? (Super Easy)

Are you ready to establish a permanent online presence and you want to buy a domain forever?In this tutorial, we'll show you how to...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading