A security breach has emerged in the ongoing U.S. government Signal chat scandal, as a cloned version of the Signal app used by Trump administration officials was reportedly hacked in less than 30 minutes, raising further concerns about the handling of sensitive military information.
TeleMessage Security Breach
An anonymous hacker gained access to TeleMessage, an Israeli firm that sells modified versions of Signal and other messaging apps to U.S. government agencies, in just 15-20 minutes by exploiting an easily discovered vulnerability. The breach exposed archived communications from various entities including Customs and Border Protection, Coinbase, and other financial institutions, revealing usernames, passwords, backend access panels, and snippets of chat content. While no messages from former National Security Adviser Mike Waltz or other Trump cabinet officials were reportedly compromised, the incident revealed a critical security flaw: despite TeleMessage's claims of maintaining Signal's end-to-end encryption, archived chat logs were not properly secured once transmitted to storage servers.
The hack exposed serious vulnerabilities in TeleMessage's implementation, which works by adding a third party to conversations to capture and archive messages. The company's server, hosted on Amazon AWS infrastructure in Northern Virginia, stored unencrypted messages that were intercepted during transmission. This security breach has intensified scrutiny over the use of unofficial messaging apps for sensitive government communications, especially following the "Signalgate" scandal where Waltz accidentally added a journalist to a Signal group discussing military operations in Yemen. Signal has officially distanced itself from TeleMessage, stating it "cannot guarantee the privacy or security properties of unofficial versions of Signal".
Pentagon Signal Warning Memo
Just days after the high-profile Signal chat leak involving Yemen airstrikes, the Pentagon issued a department-wide warning about the messaging app on March 18, 2025. The memo, obtained by NPR, stated that "a vulnerability has been identified in the Signal messenger application" and warned that "Russian professional hacking groups are employing the 'linked devices' features to spy on encrypted conversations." The timing was particularly notable, coming shortly after Defense Secretary Pete Hegseth and other national security officials had inadvertently included The Atlantic's editor-in-chief Jeffrey Goldberg in sensitive military discussions.
Signal spokesperson Jun Harada clarified that the Pentagon memo wasn't about the app's security but rather about phishing threats, stating, "Once we learned that Signal users were being targeted and how they were being targeted, we introduced additional safeguards and in-app warnings to help protect people from falling victim to phishing attacks. This work was completed months ago." The Pentagon memo explicitly noted that while Signal was permitted for "unclassified accountability/recall exercises," it was "not approved to process or store non-public unclassified information" – a policy that had apparently been in place since at least 2023, well before the controversial leak that would become known as "Signalgate."
Hegseth's Second Chat Group
Defense Secretary Pete Hegseth shared sensitive details about a March 15, 2025 airstrike against Houthi targets in Yemen in a second Signal group chat that included his wife Jennifer (a former Fox News producer), his brother Phil, and his personal attorney Tim Parlatore.This "Defense | Team Huddle" chat, which included approximately 13 people, contained the same operational information Hegseth had shared in the first Signal chat that accidentally included The Atlantic's editor-in-chief Jeffrey Goldberg. The shared details included specific flight schedules for F/A-18 Hornets and other sensitive operational information that multiple officials have indicated would typically be classified.
The revelation intensified scrutiny of Hegseth's handling of sensitive military information, with Senate Armed Services Committee member Jack Reed expressing "grave concerns about Secretary Hegseth's ability to maintain the trust and confidence of U.S. servicemembers." While Hegseth dismissed the accusations as a "hoax" blamed on "disgruntled former employees," the Pentagon's acting inspector general launched a formal investigation into the use of commercial messaging apps for official business and compliance with classification requirements. The controversy, dubbed "SignalGate," has sparked bipartisan concern, with Republican Representative Don Bacon calling the situation "totally unacceptable" even as President Trump defended Hegseth
Russian State Duma Chairman Vyacheslav Volodin met North Korean leader Kim Jong Un in Pyongyang, underscoring Moscow and Pyongyang’s ongoing militar...
Protests against Serbia’s ruling Serbian Progressive Party (SNS) intensified on Thursday, with demonstrators demolishing party offices in Novi Sad a...
Talks at the United Nations in Geneva to establish a global legally binding treaty on plastic pollution went into overtime on Thursday, with discussio...
The Panama Canal Authority will begin consultations with companies in the first quarter of next year to launch a competitive tender for the constructi...
Armenian Prime Minister Nikol Pashinyan defends the U.S.-brokered peace accord, calling it “not a zero-sum game” and a step toward regional cooper...
Brazilian authorities have arrested a suspect linked to a cyberattack that diverted more than 540 million reais (about $100 million) from the country’s banking network.
Two days before Poland’s presidential election, Prime Minister Donald Tusk announced that Russian hackers launched attacks on the websites of parties in his ruling coalition.
A website affiliated with GlobalX, the airline central to President Donald Trump’s offshore deportation campaign, was defaced by hackers on Monday, displaying a message from a group claiming to act under the name “Anonymous.”
The hackers' activities tracked by Reuters provide a rare glimpse into the operations of an election interference effort
The world’s biggest dance music festival faces an unexpected setback as a fire destroys its main stage, prompting a last-minute response from organisers determined to keep the party alive in Boom, Belgium.
A powerful eruption at Japan’s Shinmoedake volcano sent an ash plume more than 3,000 metres high on Sunday morning, prompting safety warnings from authorities.
According to the German Research Centre for Geosciences (GFZ), a magnitude 5.7 earthquake struck the Oaxaca region of Mexico on Saturday.
A resumption of Iraq’s Kurdish oil exports is not expected in the near term, sources familiar with the matter said on Friday, despite an announcement by Iraq’s federal government a day earlier stating that shipments would resume immediately.
A magnitude 5.2 earthquake struck 56 kilometres east of Gorgan in northern Iran early Sunday morning, according to preliminary seismic data.
In recent months, the U.S. and Russia have engaged in crucial diplomatic talks, despite rising tensions over Ukraine, nuclear arms, and cybersecurity. What’s behind these meetings, and why do they matter?
Russian State Duma Chairman Vyacheslav Volodin met North Korean leader Kim Jong Un in Pyongyang, underscoring Moscow and Pyongyang’s ongoing military and diplomatic cooperation amid the Ukraine conflict.
Protests against Serbia’s ruling Serbian Progressive Party (SNS) intensified on Thursday, with demonstrators demolishing party offices in Novi Sad and clashing with police and party supporters in Belgrade.
The Panama Canal Authority will begin consultations with companies in the first quarter of next year to launch a competitive tender for the construction and operation of two new ports within its zone, a source involved in the preparations said Thursday.
The Scottish National Party (SNP) urged the UK government to immediately recognise a Palestinian state after Israel’s far-right finance minister announced plans to expand settlements in the West Bank, undermining the prospect of a two-state solution.
You can download the AnewZ application from Play Store and the App Store.
What is your opinion on this topic?
Leave the first comment