Signal
U.S. offers $10 million for hackers targeting WhatsApp, Signal users
The U.S. Department of State is offering up to $10 million for information that helps identify or locate members of the UNC5792 and UNC4221 hacker groups, which are linked to Russia’s intelligence and military services. The bounty is part of the ‘Rewards for Justice’ (RFJ) program, which targets foreign state actors carrying out cyberattacks against […]
FBI: Russian hackers now target Signal backup recovery keys
The FBI and CISA are warning that a phishing campaign targeting Signal users tied to Russian intelligence services has evolved to steal Signal Backup Recovery Keys, allowing attackers to access victims’ historical messages. The updated public service announcement is an update to a March 2026 advisory that warned the threat actors were targeting users of commercial messaging […]
Signal adds security warnings for social engineering, phishing attacks
Signal has introduced new in-app confirmations and warning messages as additional safeguards against phishing and social engineering attempts that could lead to various forms of fraud. The purpose is to introduce enough friction that users get the time to evaluate the safety of an external request. Recently, there have been attacks targeting high-profile users with […]
Student hacked Taiwan high-speed rail to trigger emergency brakes
A 23-year-old university student in Taiwan was arrested for interfering with the TETRA communication system used by the country’s high-speed railway network (THSR). According to local media reports, the student halted four trains for 48 minutes on April 5 by using software-defined radio (SDR) communications and handheld radios to transmit a high-priority “General Alarm” signal, triggering […]
Apple fixes bug that let the FBI recover deleted Signal messages
Apple has released out-of-band security updates for iPhone and iPad devices to fix a Notification Services flaw that could allow notifications marked for deletion to remain stored on the device. The bug, tracked as CVE-2026-28950, was fixed on April 22, 2026, in iOS 26.4.2 and iPadOS 26.4.2 and in iOS 18.7.8 and iPadOS 18.7.8. “Notifications […]
FBI links Signal phishing attacks to Russian intelligence services
The FBI has issued a public service announcement warning that Russian intelligence-linked threat actors are actively targeting users of encrypted messaging apps such as Signal and WhatsApp in phishing campaigns that have already compromised thousands of accounts. The FBI’s PSA is the first public attribution linking these campaigns directly to Russian intelligence services, rather than a […]
Dutch govt warns of Signal, WhatsApp account hijacking attacks
Russian state-sponsored hackers have been linked to an ongoing Signal and WhatsApp phishing campaign targeting government officials, military personnel, and journalists to gain access to sensitive messages. This report comes from the Netherlands Defence Intelligence and Security Service (MIVD) and the Netherlands General Intelligence and Security Service (AIVD), who confirmed that Dutch government employees have been […]
Germany warns of Signal account hijacking targeting senior figures
Germany’s domestic intelligence agency is warning of suspected state-sponsored threat actors targeting high-ranking individuals in phishing attacks via messaging apps like Signal. The attacks combine social engineering with legitimate features to steal data from politicians, military officers, diplomats, and investigative journalists in Germany and across Europe. The security advisory is based on intelligence collected by the Federal […]
Multi-threat Android malware Sturnus steals Signal, WhatsApp messages
A new Android banking trojan named Sturnus can capture communication from end-to-end encrypted messaging platforms like Signal, WhatsApp, and Telegram, as well as take complete control of the device. Although still under development, the malware is fully functional and has been configured to target accounts at multiple financial organizations in Europe by using “region-specific overlay templates.” Sturnus […]
Signal adds new cryptographic defense against quantum attacks
Signal announced the introduction of Sparse Post-Quantum Ratchet (SPQR), a new cryptographic component designed to withstand quantum computing threats. SPQR will serve as an advanced mechanism that continuously updates the encryption keys used in conversations and discarding the old ones. Signal is a cross-platform, end-to-end encrypted messaging and calling app managed by the non-profit Signal […]