Signal has rolled out new in-app confirmations and security warnings designed to protect users from phishing and social engineering attacks. The measures aim to prevent fraud by alerting users to suspicious activity.
The messaging app introduced the safeguards as part of its ongoing effort to combat deception tactics targeting its user base. The new warnings prompt users to verify unusual requests and confirm sensitive actions before proceeding.
Signal's approach addresses common attack vectors where bad actors impersonate trusted contacts or services to extract sensitive information or credentials. In-app confirmations now interrupt potentially dangerous user flows, giving people a moment to assess whether an action is legitimate.
The update reflects broader security concerns across messaging platforms, where social engineering remains a persistent threat despite encryption protections. By adding friction to certain actions, Signal creates checkpoints that help users identify manipulation attempts.
The company did not announce specific technical details about the implementation, but the warnings integrate directly into Signal's interface. Users will encounter the new prompts during vulnerable moments when they're most susceptible to scam attempts.
Federal prosecutors have unsealed a 2024 indictment charging three Russian nationals and two web hosting services with facilitating cyberattacks and money laundering that victimized cybercrime targets of $62 million.
A hacker accessed Suno's source code using stolen employee credentials, revealing that the AI music generator scraped decades of audio from YouTube to train its model.
Criminals can now clone voices with AI in mere seconds, outpacing traditional authentication defenses that banks and financial institutions rely on to prevent fraud.
Five malicious versions of AsyncAPI packages were published to npm, delivering a remote access trojan capable of stealing credentials and sensitive data from developer systems.