We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

Messenger

Marbled Dust leverages zero-day in Output Messenger for regional espionage
AppWizard
May 14, 2025

Marbled Dust leverages zero-day in Output Messenger for regional espionage

Since April 2024, the threat actor Marbled Dust has been exploiting a zero-day vulnerability (CVE-2025-27920) in the Output Messenger chat application, targeting user accounts that have not applied necessary fixes. This exploitation has resulted in the collection of sensitive data from users in Iraq, specifically linked to the Kurdish military. Microsoft has high confidence in this assessment and notes that Marbled Dust conducts reconnaissance to identify potential targets using Output Messenger. Marbled Dust has successfully utilized this vulnerability to deploy malicious files and exfiltrate data. Microsoft notified the application’s developer, Srimax, about the vulnerability, leading to the release of a software update. A second vulnerability (CVE-2025-27921) was also found, but no exploitation of this second flaw has been observed. The zero-day vulnerability allows an authenticated user to upload malicious files to the server's startup directory. Marbled Dust has exploited this flaw to place a backdoor file, OMServerService.vbs, in the startup folder, enabling them to access communications and sensitive data indiscriminately. The attack chain begins with Marbled Dust gaining access to the Output Messenger Server Manager, likely through DNS hijacking or other credential interception techniques. Once inside, they exploit the vulnerability to drop malicious files, including a GoLang backdoor, which connects to a Marbled Dust command-and-control domain for data exfiltration. To mitigate this threat, Microsoft recommends updating to the latest version of Output Messenger, activating various security protections, and implementing rigorous vulnerability management strategies. Microsoft Defender XDR customers can identify potential threat activity through specific alerts related to Marbled Dust and utilize advanced hunting queries for detection. Indicators of compromise include traffic to the domain api.wordinfos[.]com, associated with Marbled Dust activities.
Slack down: Messaging app hit by major global outage
AppWizard
May 14, 2025

Slack down: Messaging app hit by major global outage

Slack is currently experiencing a major outage affecting users worldwide, with issues including error spikes that hinder the ability to open channels, send messages, and use integrated applications. The company has stated that backend database routing is contributing to these errors and is actively investigating the situation with its engineering team. While initially reported as a global outage affecting all users, it has been clarified that the impact is widespread but not universal. Users are facing challenges such as difficulties in starting the application, unsent messages, and problems with loading channels and threads. Slack has committed to providing updates every 30 minutes until the issues are resolved. As of the latest update, operations are reportedly returning to normal after significant disruptions.
Waltz’s Use of Messaging Platform Raises New Security Questions
AppWizard
May 13, 2025

Waltz’s Use of Messaging Platform Raises New Security Questions

Michael Waltz, the former national security adviser, mistakenly included a journalist in a sensitive chat on Signal during a cabinet meeting, raising concerns about communication practices among senior officials. A photograph captured him using a different messaging app that promotes archiving for record-keeping, which raises compliance questions with federal regulations. Visible contacts on his screen included Vice President JD Vance, special envoy Steve Witkoff, Secretary of State Marco Rubio, and Director of National Intelligence Tulsi Gabbard. The use of encrypted messaging apps like Signal complicates the National Archives' role in preserving governmental records, highlighting the tension between secure communication and the need for transparency in government operations.
Turkish spies caught exploiting zero-day for over a year
AppWizard
May 13, 2025

Turkish spies caught exploiting zero-day for over a year

Microsoft reported that Turkish espionage operatives have been exploiting a zero-day vulnerability (CVE-2025-27920) in the Output Messenger app to gather intelligence on the Kurdish military in Iraq. This operation, attributed to the group Marbled Dust, began in April 2024. The vulnerability is a directory traversal flaw in version 2.0.62 of the app, and many users have not yet updated to the patched version released in December. Marbled Dust has used this flaw to access sensitive user data and deploy malicious files within the Output Messenger server. The group has a history of targeting entities opposing Turkish interests and has evolved its tactics by leveraging this vulnerability for unauthorized access. Srimax and Microsoft are advising users to upgrade to version V2.0.63 to mitigate the risks associated with the exploit.
Platkin joins letter pushing messaging app to stop fentanyl trafficking
AppWizard
May 13, 2025

Platkin joins letter pushing messaging app to stop fentanyl trafficking

New Jersey Attorney General Matt Platkin has joined a bipartisan coalition of attorneys general to address concerns regarding the encrypted messaging app WeChat, which is believed to facilitate fentanyl trafficking in the United States. This group claims that WeChat enables traffickers to launder money, particularly through transactions from China to Mexico. They have urged the app to take immediate action against these "dangerous and unlawful" activities. The attorneys general emphasize a pattern of complicity by WeChat in facilitating money laundering related to fentanyl trafficking, with a DEA agent stating that criminal activities are openly occurring on the platform.
Scrutinizing the security of messaging apps continues.
AppWizard
May 11, 2025

Scrutinizing the security of messaging apps continues.

Customs and Border Protection (CBP) and the White House are facing scrutiny over security vulnerabilities in their messaging application. Hacktivists breached GlobalX, the airline handling U.S. deportation flights, exposing sensitive flight manifests. The FBI warned about threats exploiting outdated routers. Pearson confirmed a cyberattack compromising customer data. Research shows cybercriminals are using Windows Remote Management (WinRM) for lateral movements in Active Directory environments. A new email attack campaign is delivering a Remote Access Trojan (RAT) via malicious PDF invoices. A zero-day vulnerability in SAP NetWeaver allows remote code execution, affecting multiple sectors. An Indiana health system reported a data breach affecting nearly 263,000 individuals.
Someone Reportedly Hacked the Messaging App Mike Waltz Was Seen Using
AppWizard
May 8, 2025

Someone Reportedly Hacked the Messaging App Mike Waltz Was Seen Using

A cybersecurity breach involving TeleMessage, an Israeli messaging application company, has raised concerns about customer data safety. The breach allowed unauthorized access to direct messages and personal information on the platform, which lacks full end-to-end encryption like Signal. The hacker reported that accessing the data took only 15-20 minutes and exposed names, phone numbers, and email addresses of Customs and Border Protection officials, along with information from various financial institutions. TeleMessage is used by government agencies, including the State Department and the Centers for Disease Control and Prevention, making the breach more significant. While the hacker did not access all content, they indicated potential for further breaches, and journalists have verified some of the compromised material. TeleMessage's claim of maintaining Signal's security standards is questioned, as archiving messages introduces privacy risks. A spokesperson for Signal warned against using unofficial versions of their app, highlighting security vulnerabilities.
Waltz used Signal-like app at White House day before ouster as national security advisor
AppWizard
May 8, 2025

Waltz used Signal-like app at White House day before ouster as national security advisor

U.S. National Security Advisor Mike Waltz was seen using a modified version of the messaging app Signal during a Cabinet meeting, despite President Donald Trump's prior discouragement of its use after the "Signalgate" controversy. A photograph showed Waltz with the app active and conversations involving at least six officials, including Vice President JD Vance and Secretary of State Marco Rubio, indicating ongoing discussions. White House spokeswoman Anna Kelly confirmed that Signal is an approved application for government use, and the modified version appeared to be associated with TeleMessage, a company that provides archiving services for messaging applications. This adaptation raises concerns about the integrity of Signal's end-to-end encryption due to potential external storage of messages, which could compromise privacy. TeleMessage has ties to military intelligence and was recently acquired by Smarsh. The use of Signal by Trump administration officials has been controversial in the past, particularly regarding military discussions that inadvertently involved a journalist.
Signal clone used by Trump team hacked, GlobalX flight data leaked
AppWizard
May 8, 2025

Signal clone used by Trump team hacked, GlobalX flight data leaked

The messaging app TeleMessage, used by President Donald Trump’s national security advisor, has been suspended due to a reported security breach, raising concerns about the security of sensitive government communications. The app, a modified version of Signal, was halted after a hacker accessed message contents from its customized versions, although the communications of national security advisor Mike Waltz were reportedly not affected. TeleMessage's suspension follows a statement from its parent company, Smarsh, confirming an investigation into the security incident. Despite President Trump's criticism of Signal, the White House continues to defend it, highlighting its pre-installation on government devices. Concerns about privacy protections arise from TeleMessage's archiving features, which may compromise Signal's end-to-end encryption. Additionally, GlobalX, the airline involved in Trump’s deportation flights, experienced a hacking incident, resulting in the exposure of flight records and passenger lists.
Search