According to a report by GreyNoise, hackers are actively trying to exploit the CVE-2025-48927 vulnerability in TeleMessage. Since April, 11 IP addresses have been identified attempting to exploit this flaw, while 2,009 IPs have searched for Spring Boot Actuator endpoints, with 1,582 specifically targeting the /health endpoints. This vulnerability allows unauthorized data extraction due to a legacy confirmation issue in Spring Boot Actuator, where the /heapdump endpoint is publicly accessible without authentication. TeleMessage, which archives chats for compliance, was acquired by Smarsh in 2024 and faced a security breach in May that led to stolen files. Although TeleMessage claims to have patched the vulnerability, GreyNoise warns that patch timelines can vary. The app is used by various organizations, including former US officials and enterprises. GreyNoise advises users to block malicious IPs and restrict access to the /heapdump endpoint to enhance security. Meanwhile, crypto-related thefts have surged, with over $2.17 billion stolen in 2025 alone. Read more AI-generated news on: https://app.chaingpt.org/news