Bleeping Computer

Public Certificate Poisoning Can Break Some OpenPGP Implementations

OpenPGP installations can grind to a halt and fail to verify the authenticity of downloaded packages as the keyserver network has been flooded with bogus extra signatures attesting ownership of a ...
TechRadar

An OpenPGP.js flaw just broke public key cryptography

There is a way to verify fake messages as if they were legitimate The bug affects multiple versions of OpenPGP.js A patch is available A security flaw in the JavaScript implementation of OpenPGP.js ...
CSOonline

Critical flaw in OpenPGP.js raises alarms for encrypted email services

A newly discovered flaw in OpenPGP.js, a JavaScript cryptography library used by services like Proton Mail, could allow attackers to spoof messages that appear securely signed and encrypted, security ...
Ars Technica

Facebook users can now add OpenPGP keys for improved e-mail security

Facebook has announced that its users can add an OpenPGP public key to their profile. This will allow Facebook to encrypt notification e-mails, and for others to use the public keys for encrypted ...
ZDNet

Thunderbird to add built-in support for OpenPGP email encryption standard

Mozilla announced plans this week to add native support for the OpenPGP email encryption standard inside Thunderbird, the organization's open-source email client. Support is expected to land in the ...