Signal
Student hacked Taiwan high-speed rail to trigger emergency brakes
A 23-year-old university student in Taiwan was arrested for interfering with the TETRA communication system used by the country’s high-speed railway network (THSR). According to local media reports, the student halted four trains for 48 minutes on April 5 by using software-defined radio (SDR) communications and handheld radios to transmit a high-priority “General Alarm” signal, triggering […]
Apple fixes bug that let the FBI recover deleted Signal messages
Apple has released out-of-band security updates for iPhone and iPad devices to fix a Notification Services flaw that could allow notifications marked for deletion to remain stored on the device. The bug, tracked as CVE-2026-28950, was fixed on April 22, 2026, in iOS 26.4.2 and iPadOS 26.4.2 and in iOS 18.7.8 and iPadOS 18.7.8. “Notifications […]
FBI links Signal phishing attacks to Russian intelligence services
The FBI has issued a public service announcement warning that Russian intelligence-linked threat actors are actively targeting users of encrypted messaging apps such as Signal and WhatsApp in phishing campaigns that have already compromised thousands of accounts. The FBI’s PSA is the first public attribution linking these campaigns directly to Russian intelligence services, rather than a […]
Dutch govt warns of Signal, WhatsApp account hijacking attacks
Russian state-sponsored hackers have been linked to an ongoing Signal and WhatsApp phishing campaign targeting government officials, military personnel, and journalists to gain access to sensitive messages. This report comes from the Netherlands Defence Intelligence and Security Service (MIVD) and the Netherlands General Intelligence and Security Service (AIVD), who confirmed that Dutch government employees have been […]
Germany warns of Signal account hijacking targeting senior figures
Germany’s domestic intelligence agency is warning of suspected state-sponsored threat actors targeting high-ranking individuals in phishing attacks via messaging apps like Signal. The attacks combine social engineering with legitimate features to steal data from politicians, military officers, diplomats, and investigative journalists in Germany and across Europe. The security advisory is based on intelligence collected by the Federal […]
Multi-threat Android malware Sturnus steals Signal, WhatsApp messages
A new Android banking trojan named Sturnus can capture communication from end-to-end encrypted messaging platforms like Signal, WhatsApp, and Telegram, as well as take complete control of the device. Although still under development, the malware is fully functional and has been configured to target accounts at multiple financial organizations in Europe by using “region-specific overlay templates.” Sturnus […]
Signal adds new cryptographic defense against quantum attacks
Signal announced the introduction of Sparse Post-Quantum Ratchet (SPQR), a new cryptographic component designed to withstand quantum computing threats. SPQR will serve as an advanced mechanism that continuously updates the encryption keys used in conversations and discarding the old ones. Signal is a cross-platform, end-to-end encrypted messaging and calling app managed by the non-profit Signal […]
Android spyware campaigns impersonate Signal and ToTok messengers
Two new spyware campaigns that researchers call ProSpy and ToSpy lured Android users with fake upgrades or plugins for the Signal and ToTok messaging apps to steal sensitive data. To give the malicious files a sense of legitimacy, the threat actor distributed them through websites that impersonated the two communication platforms. Signal is a popular […]
Signal adds secure cloud backups to save and restore chats
Signal has introduced a new opt-in feature that helps users create end-to-end encrypted backups of their chats, allowing them to restore messages even if their phones are damaged or lost. Secure backups are already available in the latest Signal beta version for Android users and will also be rolled out to iOS and desktop devices […]
APT28 hackers use Signal chats to launch new malware attacks on Ukraine
The Russian state-sponsored threat group APT28 is using Signal chats to target government targets in Ukraine with two previously undocumented malware families named BeardShell and SlimAgent. To be clear, this is not a security issue in Signal. Instead, threat actors are more commonly utilizing the messaging platform as part of their phishing attacks due to its […]