According to a new report from Greynoise from Threat Intelligence Company, hackers continue to seek opportunities to exploit the infamous CVE-2025-48927 vulnerability.
The Greynoise tag that we monitor is trying to take advantage of the vulnerability, but has detected 11 IP addresses that we have attempted to exploit since April.
Other IP addresses may be performing reconnaissance work. A total of 2,009 IPs have searched for Spring Boot Actuator endpoints over the last 90 days, and 1,582 IPs have specifically targeted /health endpoints that generally detect Spring Boot Actuator deployments.
This flaw allows hackers to extract data from vulnerable systems. The issue is due to the platform’s continuous use of legacy verification in Spring Boot Actuator, where the diagnostic/Heapdump endpoint is published without authentication,” the researchers told CointeLegraph.
https://www.youtube.com/watch?v=t06mvwz6ngm
Telemessage is similar to the Signal App, but allows chat archives for compliance purposes. The Israel-based company was acquired by the US company Smarsh in 2024, but it temporarily stopped services after a security breaches in May, causing files to be stolen from the app.
“Telemessage says the vulnerabilities are patched at their end,” said Howdy Fisher, a member of the Greynoise team. “However, the timeline for a patch may vary depending on a variety of factors.”
While app security weaknesses are more common than desirable, telemedge vulnerabilities can be important to government organizations, businesses and their users. App users may include former US government officials such as Mike Waltz, US Customs and Border Protection, and Crypto Exchange Coinbase.
Greynoise recommends that users block malicious IPS and disable or restrict access to the /heapdump endpoint. He also said it could be helpful to limit exposure to the actuator endpoint.
Related: Threat actors targeting crypto users using “elaborate social engineering schemes” – Reports
Crypto theft rising in 2025. Darknet’s credentials will be thousands
Chain Orisis’s latest crime report says more than $2.17 billion has been stolen so far in 2025. Notable security attacks over the past few months include high-profile incidents such as the physical “wrench attack” of Bitcoin holders and the February hack of Crypto Exchange Bybit.
Attempts to steal qualifications often include phishing attacks, malicious malware and social engineering.
Magazine: Coinbase Hack shows that the law probably won’t protect you – here’s the reason
