New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers

July 18, 2025

New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers

TeleMessage SGNL, a made-in-Israel clone of the Signal app used by US government agencies and regulated businesses, has been found running with an outdated configuration that exposes sensitive interna …

Published Date:
Jul 17, 2025 (12 hours, 14 minutes ago)

Vulnerabilities has been mentioned in this article.

Source: Read More

Previous ArticleISC Warns of Cache Poisoning and Crash Risks in BIND: What You Need to Know About CVE-2025-40776 and CVE-2025-40777

Next Article Hey It’s Nicki Shirt

Highlights

CVE-2025-46328 – Snowflake-Connector-Nodejs TOCTOU Race Condition Local File Write Vulnerability

April 29, 2025

CVE ID : CVE-2025-46328

Published : April 28, 2025, 11:15 p.m. | 3 hours, 50 minutes ago

Description : snowflake-connector-nodejs is a NodeJS driver for Snowflake. Versions starting from 1.10.0 to before 2.0.4, are vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition. When using the Easy Logging feature on Linux and macOS the Driver reads logging configuration from a user-provided file. On Linux and macOS the Driver verifies that the configuration file can be written to only by its owner. That check was vulnerable to a TOCTOU race condition and failed to verify that the file owner matches the user running the Driver. This could allow a local attacker with write access to the configuration file or the directory containing it to overwrite the configuration and gain control over logging level and output location. This issue has been patched in version 2.0.4.

Severity: 3.3 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The state of DevOps and AI: Not just hype

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Look out, Meta Ray-Bans! These AI glasses just raised over $1M in pre-orders in 3 days

Samsung ‘Galaxy Glasses’ powered by Android XR are reportedly on track to be unveiled this month

The M4 iPad Pro is discounted $100 as a last-minute Labor Day deal

Distribution Release: Linux From Scratch 12.4

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

August report 2025

Fake News Detection using Python Machine Learning (ML)

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Download Transcribe! for Windows

Microsoft Fixes CertificateServicesClient (CertEnroll) Error in Windows 11

New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers

New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers

Hacker suspected of trying to cheat his way into university is arrested in Spain

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

SWE-Bench Performance Reaches 50.8% Without Tool Use: A Case for Monolithic State-in-Context Agents

11 Best Antivirus Without Ads

CVE-2025-42605 – Meon Bidding Solutions Remote Authorization Bypass Vulnerability

Figma Sites Isn’t the Future

CVE-2025-46328 – Snowflake-Connector-Nodejs TOCTOU Race Condition Local File Write Vulnerability

CVE-2025-30023 – Apache Server Remote Code Execution Vulnerability

CVE-2020-36844 – KnowBe4 Security Awareness Training Reflective Cross-Site Scripting

Akka introduces platform for distributed agentic AI

New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers

New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers

Related Posts