Hackers are constantly looking for opportunities to take advantage of the deadly CVE-201 According to In a new report from the threat of intelligence company Greynoise.
Greynoise’s tag, which is trying to take advantage of the weakness, has seen 11 IP addresses who have tried exploitation since April.
Other IP addresses can perform Reconnaissance Work: a sum of 2,009 IPs searched for the Spring Boot Boot Actuator endpoints in the past 90 days, and 1,582 IP has specifically targeting the /Health Endpoints, which usually see the deployment of the spring boot actuator.
The flaw allows hackers to extract data from weak systems. The issue “originating in the continued use of the platform of a legacy confirmation in the spring boot actuator, where a diagnostic /Heapdump The endpoint will be publicly accessible without validation, “the research team told Cointelegraph.
https://www.youtube.com/watch?v=T06MVWZ6NGM
Telemessage is similar to the signal app but allows for archives of chats for obedience purposes. Based on Israel, the company is obtained Through the US Smarsh company in 2024, before temporarily suspended services after a security violation in May resulted in files stolen from the app.
“Telemessage said the weakness was beingpatched by their end,” said Howdy Fisher, a member of the Greynoise group. “However, patch timelines can vary depending on different factors.”
Although security weaknesses in apps are more common than desired, telemessage weakness can be significant for its users: government and business organizations. App users may Include former US government officials Like Mike Waltz, US Customs and Border Protection and Crypto Exchange Coinbase.
Greynoise recommends users to hinder malicious IPs and disable or restrict access to /Heapdump Endpoint. In addition, limiting exposure to actuator endpoints can be of useful, it said.
Related: Threats to actors who use ‘elaborate social engineering’ schemes to target crypto users – report
Crypto theft rises in 2025; Darknet credentials go for thousands -thousand
The latest crime report of chainalysis records that over $ 2.17 billion has been stolen until now in 2025, a speed will take crypto -related robbers to new highs. Known security attacks in recent months include physical “Wrench attack ” to Bitcoin holders and high-profile incidents such as February Hack of Crypto Exchange Bybit.
Attempts to steal credentials often involve Attacking phishing, malicious malwareand Social Engineering.
Magazine: Coinbase Hack shows the law probably won’t protect you – here’s why
