How is it misleading if it is accurate? They bypassed it by compromising the phone. No encryption is going to save you in that situation and their targets were WhatsApp, Telegram, etc. So that part is accurate as well. It is a headline, I think what you are expecting is they put all the facts into the headline and there isn't enough space.
It's misleading by omission. Until I read the article I was under the impression that they had found a flaw or something exploitable in the OWS protocol.
If the problem was with Signal or Whatsapp, as the headline suggested to me, switching to another messaging service is the natural reaction. If people understand that the problem is with the platform, and that all platforms are compromised that solution doesn't work, and using signal is still better than SMS because it still protects against other forms of surveillance.
They bypassed it by compromising Android phones. There is a clear action item here if you want to be secure: switch to an iPhone, which is what tptacek has been saying here all along.
While the Wikileaks announcement explicitly mentions the iPhone (zero-days to "control, infest, and exfiltrate data"), the NY Times article mentions only Android in the context of bypassing Signal, WhatsApp.
I've been thinking a lot about this as it relates to the "fake news" trend. Journalists have been using real information to lead people to wrong conclusions. Now we are very concerned about political sites using false information to lead people to wrong conclusions. Fake facts are bad but using facts to mislead people does damage to people's trust as well.
If they emphasized that no app is secure if the phone itself is compromised I wouldn't hae a problem with it. By calling out specific apps it could cause someone to switch to a less secure alternative not mentioned.