Efail Email Encryption Vulnerabilities Expose OpenPGP Users to Risk

Security researchers on May 14 announced a new set of vulnerabilities in the widely deployed S/MIME and OpenPGP email encryption technologies, dubbed Efail.

In a 21-page academic paper, the researchers from Munster University, Ruhr University Bochum and KU Leuven, detail the Efail attack which could potentially enable an attacker to read encrypted emails that have been encrypted with the OpenPGP and S/MIME standards.