They were using a library with a vulnerability in it. If you updated signal recently. You're fine. Or disable the link preview and you're fine.