Overview

• TeleMessage, a modified Signal-based app used by US government agencies, was breached twice over the weekend, leading to a full suspension of its services by parent company Smarsh.
• The breaches revealed severe security flaws, including hardcoded credentials in the app's publicly available source code, undermining its encryption safeguards.
• US agencies, including Customs and Border Protection and the Departments of Health and Finance, have halted their use of TeleMessage following the incidents.
• Signal Stiftung has publicly disavowed unofficial forks like TeleMessage, emphasizing they cannot guarantee the security of modified versions of their app.
• In Germany, WhatsApp faces growing criticism over privacy and mandatory AI features, prompting media to recommend secure alternatives like Signal, Threema, and TeleGuard.