The software development kit’s end-to-end encryption is compromised by two critical-severity flaws, according to a security advisory from Matrix, a decentralised communication network (SDK).
By taking advantage of these vulnerabilities, a threat actor could compromise the security of Matrix communications and launch man-in-the-middle attacks that reveal message contents in readable form. Users of the matrix-js-sdk, matrix-ios-sdk, and matrix-android-sdk2 such as Element, Beeper, Cinny, SchildiChat, Circuli, and Synod.im are affected by the bugs. Read More…