Technology

Hacker reconnaissance work continues on TeleMessage app vulnerability — Report

Posted on by Minakshi

TeleMessage App Vulnerability: Hackers Intensify Reconnaissance Efforts

Cybersecurity Alert: Potential Risks to TeleMessage Users

A new report indicates heightened activity from hackers attempting to exploit a critical vulnerability (CVE-2025-48927) in the TeleMessage messaging application. This raises concerns about potential data breaches and security compromises for users.

Extensive Scans Detected

Cybersecurity researchers have observed a significant increase in reconnaissance activity targeting TeleMessage. Specifically, 2,009 IP addresses have been identified searching for Spring Boot Actuator endpoints over the past 90 days. This suggests a widespread effort to identify vulnerable systems.

Active Exploit Attempts Underway

The report highlights that at least 11 IP addresses have been actively trying to exploit the identified vulnerability since April. This marks a serious escalation, indicating that hackers are not merely searching for weaknesses but actively attempting to breach security.

Targeting Key Endpoints

A notable aspect of the reconnaissance activity is the focus on /health endpoints, with 1,582 IPs specifically targeting these. These endpoints are commonly used to detect Spring Boot Actuator deployments, making them prime targets for attackers.

  • Stay vigilant about suspicious messages or links received through TeleMessage.
  • Ensure your TeleMessage app is updated to the latest version with all security patches.
  • Practice strong password hygiene and enable two-factor authentication wherever possible.
Summary:

  • Hackers are actively seeking to exploit a vulnerability in the TeleMessage application.
  • Extensive reconnaissance activity has been detected, with thousands of IP addresses scanning for weaknesses.
  • Active exploit attempts have been observed, posing a direct threat to user data.
Key Takeaways:

  • The TeleMessage vulnerability presents a significant cybersecurity risk to users.
  • Organizations and individuals using TeleMessage should prioritize immediate security updates and monitoring.
  • The scale of reconnaissance suggests a highly coordinated and persistent attack campaign.
  • Focus on securing Spring Boot Actuator endpoints to mitigate potential risks.