Find notable cyber news and cases, enriched with sources, timelines, and signals.

Russia-aligned Signal linked-devices account hijacking campaign

Campaign
First reported
Last updated
Happening score
H score 22
1 unique sources, 1 articles

Summary

Hide ▲

Multiple Russia-aligned threat actors are running an active Signal account hijacking campaign that abuses the app's linked devices feature. The operation has been visible since the start of the year and targets high-value mobile messaging users across the United States, the Middle East, and Europe. It matters because compromising an encrypted messaging account can expose private communications and enable follow-on intrusion activity.

Cases

Related Happenings

UK under-16 social media age-check ban

Public Sector Action
H score25 First: 16.06.2026 17:38 Last: 16.06.2026 17:38 Sources 1

About this happening: The **UK government** announced a ban on **under-16s** using social media, requiring **age checks** for new accounts and tightening access to major platforms. The rollout is set f...

Premium Deception Android malware campaign

Campaign
H score38 First: 20.05.2026 18:30 Last: 20.05.2026 18:30 Sources 1

About this happening: The **Premium Deception** campaign used **nearly 250 fake Android apps** to enroll victims in premium mobile billing subscriptions, creating direct fraud risk across multiple coun...

AI-driven attack surge against customer-facing mobile apps in 2026

Trend
H score43 First: 19.05.2026 15:00 Last: 19.05.2026 15:00 Sources 1

About this happening: **Customer-facing mobile apps** faced a sharp rise in attacks in **2026**, with **87%** of monitored apps hit versus **55% in 2022**. The trend matters because **agentic AI** is l...

Signal adds in-app phishing confirmations and warning messages

Security Tool/Service
H score14 First: 12.05.2026 22:40 Last: 12.05.2026 22:40 Sources 1

About this happening: **Signal** added **in-app confirmations** and **warning messages** to slow phishing and social-engineering attempts that could expose **accounts**, **chats**, and **contacts**. Th...

Suspected Russia-linked Signal phishing campaign targeting political accounts

Campaign
H score18 First: 28.04.2026 13:54 Last: 28.04.2026 13:54 Sources 1

About this happening: A **suspected Russia-linked** phishing campaign on **Signal** compromised about **300 political-sphere accounts**, exposing chats, ongoing conversations, and address books. Victim...

Latest development: 12.05.2026 22:40

Signal introduced new in-app confirmations, warning messages, and educational prompts to help users resist phishing and social engineering attempts, including bogus Signal Support lures and requests to scan QR codes or share registration codes, PINs, or recovery keys.

Timeline

  1. 25.11.2025 08:42 2 articles · 7mo ago

    CISA warns of Russia-aligned Signal linked-devices hijacking campaign

    Initial Disclosure

    CISA warned that multiple Russia-aligned threat actors are actively targeting Signal users by abusing the app's "linked devices" feature to hijack target accounts and facilitate further compromise of mobile devices. The campaign focuses on high-value individuals, including current and former high-ranking government, military, and political officials, along with civil society organizations and individuals across the United States, the Middle East, and Europe.

    Show sources