Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Signal Backup Recovery Key phishing mitigation

Advisory/Mitigation
First reported
Last updated
Happening score
H score 25
1 unique sources, 1 articles

Summary

Hide ▲

The FBI and CISA updated mitigation guidance for Signal users after a phishing operation began targeting Backup Recovery Keys, which can expose historical messages on compromised accounts. The advisory says legitimate support communicates only through official company email addresses, never asks for verification codes in the app, and does not send links to verify or restore accounts. Users who may have shared a key are told to create a new Backup Recovery Key so the old one no longer works for future backup downloads, although already stolen backups can still remain accessible.

Related Happenings

Service desk social engineering defenses tighten identity verification for password resets and MFA changes

Defensive Guidance
H score17 First: 24.06.2026 17:02 Last: 24.06.2026 17:02 Sources 1

About this happening: **Service desk identity verification** is being tightened against **social engineering attacks**, reducing impersonation-driven account takeover and unauthorized access across cor...

Open Happening

Kali365 Microsoft 365 device-code phishing campaign

Campaign
H score46 First: 25.05.2026 15:45 Last: 25.05.2026 15:45 Sources 1

About this happening: A **Kali365** phishing campaign is targeting **Microsoft 365** environments worldwide with **device-code login lures**, putting accounts at risk of **token theft** and **MFA bypas...

Open Happening

Signal adds in-app phishing confirmations and warning messages

Security Tool/Service
H score14 First: 12.05.2026 22:40 Last: 12.05.2026 22:40 Sources 1

About this happening: **Signal** added **in-app confirmations** and **warning messages** to slow phishing and social-engineering attempts that could expose **accounts**, **chats**, and **contacts**. Th...

Open Happening

Microsoft AiTM payroll pirate attack mitigation

Advisory/Mitigation
H score34 First: 10.04.2026 14:56 Last: 10.04.2026 14:56 Sources 1

About this happening: **Microsoft** is urging defenders to harden **Microsoft 365** and related **HR workflows** against **AiTM**-driven payroll theft by requiring **phishing-resistant MFA**, blocking...

Open Happening

Signal and WhatsApp anti-phishing account-hardening guidance

Defensive Guidance
H score26 First: 21.03.2026 15:17 Last: 21.03.2026 15:17 Sources 1

About this happening: A **UK National Cyber Security Centre (NCSC)** alert on **March 31** warned that **Russia-based actors** are increasing **targeted attacks** against **high-risk individuals** usin...

Open Happening

Timeline

  1. 27.06.2026 01:06 2 articles · 1h ago

    FBI and CISA warn Signal users about Backup Recovery Key phishing

    Mitigation Patch Update

    FBI and CISA updated guidance for Signal users after a phishing campaign tied to Russian Intelligence Services evolved from stealing verification codes and account PINs to stealing Signal Backup Recovery Keys, which can let attackers restore backups and read historical messages. The guidance says legitimate messaging support teams use official company email addresses, never request verification codes inside the app, and do not send links to verify or restore accounts; users who may have shared a key should generate a new Backup Recovery Key in Signal's backup settings to invalidate the old key for future backup downloads.

    Show sources
    Open in new tab