Hackers are actively exploiting a critical, previously disclosed vulnerability (CVE-2025-48927) in TeleMessage, a secure communication app used by corporations and government agencies for compliance archiving, according to cybersecurity researchers and CISA. This flaw allows for the trivial theft of plaintext usernames, passwords, and other sensitive data, building on a prior May breach that compromised user messages from entities including Customs and Border Protection and cryptocurrency giant Coinbase. The confirmed active exploitation by CISA underscores a significant and immediate data security risk for organizations utilizing TeleMessage, highlighting broader concerns regarding secure communication platforms.
A critical and easily exploitable vulnerability (CVE-2025-48927) in the TeleMessage communication platform is being actively targeted by hackers, a fact confirmed by both cybersecurity firm GreyNoise and the U.S. CISA agency. This flaw permits the theft of plaintext usernames and passwords, posing an immediate and severe data security threat to the platform's corporate and government clients. The situation is exacerbated by TeleMessage's history, which includes a significant data breach in May that compromised user messages from high-profile clients like U.S. Customs and Border Protection and the cryptocurrency exchange Coinbase (COIN). The confirmation of ongoing exploits by CISA, coupled with TeleMessage's lack of public comment, elevates the perceived operational risk for any entity utilizing its services and underscores a significant failure in the company's security posture.
AI-powered research, real-time alerts, and portfolio analytics for institutional investors.
Request a DemoOverall Sentiment
strongly negative
Sentiment Score
-0.75
Ticker Sentiment
