Anyone using PGP to encrypt their email could have their messages exposed thanks to a severe vulnerability for which there's no proper fix. They might reveal the plaintext of encrypted emails, including encrypted emails sent in the past. The EFF has also offered guidance on how to remove plug-ins associated with PGP email, which users can find in the blog. "The attacker changes an encrypted email in a particular way and sends this changed encrypted email to the victim. "As the world's largest encrypted email service based on PGP, we are disappointed that some organizations and publications have contributed to a narrative that suggests PGP is broken or that people should stop using PGP.

Source: Forbes May 14, 2018 07:52 UTC