Signal says it has no evidence that rumored zero-day is real
Signal has denied reports of a zero-day vulnerability in its encrypted messaging app that have been circulating online over the weekend.
The company said it conducted a thorough investigation and found no evidence that the rumored zero-day vulnerability is real.
“PSA: we have seen the vague viral reports alleging a Signal 0-day vulnerability. After responsible investigation we have no evidence that suggests this vulnerability is real nor has any additional info been shared via our official reporting channels,” the company said in a post on social media.
“We also checked with people across US Government, since the copy-paste report claimed USG as a source. Those we spoke to have no info suggesting this is a valid claim,” it added.
Although Signal has not found concrete evidence to support the existence of the bug, the security team encouraged users who have “real” information to contact them.
Latest Posts
Cyber Security Week in Review: October 4, 2024
In brief: the US disrupts FSB-linked ColdRiver hackers’ operations, Lockbit and EvilCorp members arrested, and more.
Critical Ivanti EPM RCE flaw exploited in the wild
The flaw is an SQL Injection issue that allows a remote attacker to execute arbitrary SQL queries in database.
New China-aligned threat actor CeranaKeeper steals data from Southeast Asian entities
CeranaKeeper is notable for its evolving backdoor techniques, which allow it to evade detection and facilitate extensive data theft.