Two flaws in TeleMessage are 'frequent attack vectors for malicious cyber actors'

The US security watchdog CISA has warned that malicious actors are actively exploiting two flaws in the Signal clone TeleMessage TM SGNL, and has directed federal agencies to patch the flaws or discontinue use of the app by July 22.

TeleMessage came to prominence after the Signalgate fiasco, when then-US national security advisor Mike Waltz mistakenly added a journalist to a Signal group chat outlining a March airstrike against Houthi insurgents in Yemen. Since the conversation had messages set to self-delete, government watchdogs raised concerns that the participants were dodging recordkeeping and retention requirements.

Subsequent investigations showed this wasn't the case, as Waltz and others were using a Signal clone - dubbed TM SGNL - developed by TeleMessage, which is owned by US archiving biz Smarsh, to keep records of conversations. But when journalist Micah Lee examined the code, he found it to be severely buggy and didn't have proper ...