012

German security agencies (BfV and BSI) warn of a targeted phishing campaign — likely state‑sponsored — that impersonates Signal support to trick high‑value targets (politicians, military, diplomats, investigative journalists) into giving SMS PINs or scanning QR codes, enabling account takeover and interception/impersonation of messages. The advisory notes the technique can be applied to WhatsApp, links the activity to previously tracked Russia‑aligned clusters, and recommends enabling Registration Lock and auditing linked devices; the report also references unrelated nation‑state activity and incidents involving exposed FortiGate VPN interfaces.