Critical flaw in OpenPGP.js raises alarms for encrypted email services

It could pose a serious risk to services like Proton Mail that use OpenPGP.js for client-side encryption.

CSO Online

@patrickcmiller which is yet another reason why I explicitly recommend to not trust #Browsers & #WebApps but use either proper clients (i.e. @monocles / #monoclesMail & @thunderbird ) or do the #airgapped #OfflinePGP method!

https://www.youtube.com/watch?v=vdab4T_CoN8

[English] Pfandleiher on... The offline-pgp-method and why Encrochat, SKY ECC and ANON are failing.

YouTube