Ahead of the Signal leak, the Pentagon warned of the app’s weaknesses

Days before top national security officials accidentally included a reporter in a Signal chat about bombing the Houthi sites in Yemen, a Pentagon-wide advisory warned against using the messaging app, even for unclassified information.
“A vulnerability has been identified in the Signal messenger application,” begins the department-wide email, dated March 18, obtained by NPR.
The memo continues, “Russian professional hacking groups are employing the ‘linked devices’ features to spy on encrypted conversations.” It notes that Google has identified Russian hacking groups who are “targeting Signal Messenger to spy on persons of interest.”
In a statement to NPR, Signal spokesperson Jun Harada said, “We aren’t aware of any vulnerabilities or supposed ones that we haven’t addressed publicly.”
The Pentagon memo adds, “Please note: third-party messaging apps (e.g. Signal) are permitted by policy for unclassified accountability/recall exercises but are not approved to process or store non-public unclassified information.”
The encrypted Signal app is what Defense Secretary Pete Hegseth and other leading national security officials within the administration used to discuss bombing Houthi earlier this month. The Atlantic editor Jeffrey Goldberg was inadvertently added to the group and privy to the highly sensitive discussions.
In the military, sending classified data over insecure channels is called “slippage” when it’s considered minor, but even that can be a career ender for a military officer.
At least as far back as 2023, a DoD memo, also seen by NPR, prohibited use of mobile applications for even “controlled unclassified information,” which is many degrees less important than information about on-going military operations.
There’s almost no precedent for the heads of Defense, State, Intelligence and National Security to be sharing such sensitive military intelligence in a forum that was known to be unsecured.
NPR’s Bobby Allyn contributed to this story.
NPR disclosure: Katherine Maher, the CEO of NPR, chairs the board of the Signal Foundation.
The artist behind ‘the worst’ Trump portrait defends her work
The painting, which was commissioned by Republicans, has hung in Colorado's state Capitol since 2019. Trump follows other U.S. presidents who weren't flattered by their depictions.
The (artificial intelligence) therapist can see you now
Many AI products claim to deliver mental health therapy, but with little quality control. But new research suggests with the right training, AI can be effective at helping people.
Are UAB officials mum about grant cuts because they fear a spiteful president?
Cuts to federal research grants could cost UAB $70 million a year, leading to layoffs and economic impacts beyond the campus. Some faculty and area leaders want UAB to be more vocal against the Trump administration cutbacks.
Netanyahu is set to meet Trump to discuss Israeli hostages in Gaza and U.S. tariffs
Israeli Prime Minister Benjamin Netanyahu will meet with President Trump expecting to discuss tariffs, hostages and war in Gaza and other issues.
Colon cancer survivors who exercise regularly live longer
Colon cancer is on the rise in younger people in the U.S. New research shows regular exercise can help survivors live longer — in some cases even longer than people who didn't have cancer.
A young boy safely returned to his family after getting lost at the NYC Marathon
After Nancy Willis finished the New York City Marathon, she went to greet her family, only to discover that her 8-year-old son was missing. After a frantic search, a woman appeared with the boy.