Signal is an end-to-end encrypted messaging app recommended by Edward Snowden. Two vulnerabilities in Signal allow attackers to add random data to the attachments of encrypted messages sent by Android users, while another bug could allow hackers to remotely crash vulnerable devices. The vulnerabilities have just been patched, but the updated version of Signal is yet available on the Github open source repository, and not on the Google’s official Play Store for Android apps, leaving millions of privacy conscious people vulnerable to attacks. The vulnerability is not easily exploitable; only the attackers with the ability to compromise a Signal server.
Source: https://thehackernews.com/2016/09/signal-private-messenger.html