Breach cyber

TeleMessage

May 14, 2025 1 min read
TeleMessage

A serious flaw in TM SGNL, a messaging app by US-Israeli firm TeleMessage used by former Trump administration officials, has been exploited, exposing sensitive communications and backend data. The breach compromised the platform’s core security claims, raising concerns about the encryption model and the security of high-level communications. The vulnerability was added to CISA's Known Exploited Vulnerabilities (KEV) list, with a three-week deadline for federal agencies to address the issue.

Source: https://hackread.com/cisa-adds-telemessage-vulnerability-breach-kev-list/

TPRM report: https://scoringcyber.rankiteo.com/company/telemessage

"id": "tel546051425",
"linkid": "telemessage",
"type": "Breach",
"date": "5/2025",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'customers_affected': ['former Trump administration '
                                               'officials'],
                        'industry': 'Technology',
                        'location': 'US-Israeli',
                        'name': 'TeleMessage',
                        'type': 'Organization'}],
 'attack_vector': 'Exploiting a vulnerability',
 'data_breach': {'data_encryption': 'Questioned',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['sensitive communications',
                                              'backend data']},
 'description': 'A serious flaw in TM SGNL, a messaging app by US-Israeli firm '
                'TeleMessage used by former Trump administration officials, '
                'has been exploited, exposing sensitive communications and '
                'backend data. The breach compromised the platform’s core '
                'security claims, raising concerns about the encryption model '
                'and the security of high-level communications. The '
                "vulnerability was added to CISA's Known Exploited "
                'Vulnerabilities (KEV) list, with a three-week deadline for '
                'federal agencies to address the issue.',
 'impact': {'brand_reputation_impact': 'Concerns about the encryption model '
                                       'and the security of high-level '
                                       'communications',
            'data_compromised': ['sensitive communications', 'backend data'],
            'systems_affected': ['TM SGNL messaging app']},
 'regulatory_compliance': {'regulatory_notifications': "Added to CISA's Known "
                                                       'Exploited '
                                                       'Vulnerabilities (KEV) '
                                                       'list'},
 'title': 'TM SGNL Messaging App Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Flaw in TM SGNL messaging app'}
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

5àSec

public 1 min read
The company 5àSec has faced a significant data breach where the leadership has downplayed the impact of publishing databases for…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.