TeleMessage App Under Cyber Attack: Hackers Scouring for Vulnerabilities

Amidst growing concerns over data security, the TeleMessage messaging application is reportedly facing persistent cyberattacks. Hackers are actively engaged in reconnaissance, attempting to exploit a known vulnerability, CVE-2025-48927.

Active Exploit Attempts Detected

A recent threat intelligence report reveals that at least 11 IP addresses have been actively trying to exploit the vulnerability since April. This indicates a focused and ongoing effort by malicious actors to compromise the security of TeleMessage user data.

Reconnaissance Activities on the Rise

Beyond direct exploit attempts, a significant number of IP addresses appear to be involved in reconnaissance activities. These activities aim to identify vulnerable systems and pave the way for future attacks. Key findings include:

• 2,009 IPs have searched for Spring Boot Actuator endpoints in the last 90 days.
• 1,582 IPs have specifically targeted the /health endpoints, commonly used to detect Spring Boot Actuator deployments.

This suggests a wide net is being cast to identify potentially vulnerable TeleMessage installations, increasing the risk to users.

What This Means for Indian Users

TeleMessage, like many global messaging apps, has a presence in India. This vulnerability poses a direct risk to Indian users, potentially exposing their communications and personal data. It is crucial that users remain vigilant and follow recommended security practices.

Steps Users Can Take

• Ensure the TeleMessage app is updated to the latest version, including any security patches.
• Be cautious of suspicious links or messages.
• Enable two-factor authentication (if available) for added security.