Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping