Hacker reconnaissance work continues on TeleMessage app vulnerability — Report
TeleMessage App Vulnerability: Hackers Intensify Reconnaissance, Raising Security Concerns
Concerns are mounting over a security vulnerability in the TeleMessage app, as reports indicate a surge in reconnaissance activity by hackers. The vulnerability, identified as CVE-2025-48927, is now subject of intensified exploit attempts.
Active Exploit Attempts Detected
According to recent findings, at least 11 IP addresses have been actively attempting to exploit the vulnerability since April. This suggests a concerted effort by malicious actors to gain unauthorized access or control over the app.
Widespread Reconnaissance Underway
Adding to the worries, a significantly larger number of IP addresses appear to be engaged in reconnaissance activities. Over the past 90 days, a total of 2,009 IPs have been observed scanning for Spring Boot Actuator endpoints. Furthermore, 1,582 IPs have specifically targeted the /health endpoints, commonly used to detect Spring Boot Actuator deployments.
- The exploitation attempts began in April.
- Hackers are actively looking for ways to leverage the vulnerability.
- Security experts advise users to update their apps promptly.
- Hackers are actively trying to exploit a vulnerability (CVE-2025-48927) in the TeleMessage app.
- At least 11 IP addresses have attempted to exploit the vulnerability since April.
- Thousands of other IP addresses are performing reconnaissance work, searching for potential entry points.
- The TeleMessage app presents a significant security risk due to the actively exploited vulnerability.
- Users should remain vigilant and implement all recommended security measures, including updating to the latest version.
- Organizations using TeleMessage for sensitive communications are advised to conduct thorough security audits.
- The reconnaissance activities suggest a potential for large-scale attacks targeting user data.