Security news aggregator

Latest coverage for SMS

SMS is used for login codes and alerts, but text messages can be intercepted, spoofed, or redirected through phone-account attacks.

10 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

SMS (Short Message Service) is a standardized mobile-network service for sending short text messages between phone numbers. It is widely used for person-to-person communication, service notifications, and one-time authentication codes, but messages are generally not end-to-end encrypted and may be visible to mobile operators or infrastructure handling delivery.

Security concerns include smishing—phishing delivered by text—along with sender-ID spoofing, malicious links, and social engineering. Account recovery and SMS-based multi-factor authentication can also be undermined when an attacker takes control of a phone number through SIM swapping, abuses carrier processes, or exploits signaling-system weaknesses. Organizations should avoid treating SMS as a high-assurance authentication factor where stronger options are practical, restrict sensitive content in texts, monitor number-change and authentication events, and train users to verify unexpected messages through a trusted channel.

Volume over time

Weekly headline count for the current query.

Showing 10 most recent headlines Filtered view

Rapid7 warns flaw could let any app peek at your SMS, but smartphone vendor won't pick up Security researchers report that OnePlus smartphone users remain vulnerable to a critical bug that allows any application to read SMS and MMS data — a flaw that has persisted since late 2021.…

Regulators around the globe pay attention as results of 21-month cloud probe published Britain's competition regulator says Microsoft and AWS are using their dominance to harm UK cloud customers and proposes to designate both with strategic market status (SMS) to take action against them.…

Bad guy also got SMS verification codes, and re-registered one of the numbers they searched for The security breach at Twilio earlier this month affected at least one high-value customer, Signal, and led to the exposure of the phone number and SMS registration codes for 1,900 users of the encrypted messaging service, it confirmed.…

Android messaging heist isn't the action of a well company. Let us help Opinion One of the joys of academic research is that if you do it right, you can prove the truth. In the case of computer science professor Douglas Leith, this truth is that Google has been taking detailed notes of every telephone call and SMS message made and received on the default Android apps.…