TeleMessage Exploit: Inside the Messaging Flaw That Hit Coinbase and CBP
Audio is streamed directly from the publisher (media.transistor.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
In this episode, we dissect CVE-2025-47729, a critical vulnerability in TeleMessage, a message archiving app recently thrust into the spotlight due to its use by former National Security Advisor Mike Waltz. Following Waltz’s controversial tenure—marked by the "Signalgate" leak and the subsequent appearance of TeleMessage on his phone—researchers uncovered a major flaw: a lack of end-to-end encryption between the app and its archive server.
Hackers have exploited this flaw in the wild, accessing unencrypted chat logs—including internal communications from Coinbase and a list of Customs and Border Protection employees. The breach has raised red flags at the federal level, with CISA adding CVE-2025-47729 to its Known Exploited Vulnerabilities (KEV) catalog, mandating urgent action from federal agencies.
We explore:
- How TeleMessage works and why it was adopted in sensitive government contexts
- What independent code analysis revealed about its flawed encryption model
- What was stolen—and what wasn’t—in the confirmed breaches
- Smarsh’s response and the suspension of TeleMessage services
- Why CISA is effectively advising users to stop using the app altogether
Whether you’re in cybersecurity, compliance, or just concerned about how message archiving can become a liability, this episode lays out the facts—and the failures—behind the latest messaging app security scandal.