Very good share. The upshot is you can avoid this attack by not opening pgp messages in clients that will render HTML.
When I read the headline I thought the vulnerability was in pgp itself, which would be much more shocking.
You are viewing a single comment's thread from:
Exactly! Good summary! PGP itself is still secure, luckily.
Let's say I formulated it that way to get peoples attention :)