"CVE-2025-47934 – Spoofing OpenPGP.js signature verification"

https://codeanlabs.com/blog/research/cve-2025-47934-spoofing-openpgp-js-signatures/

#security #cybersecurity #infosec #openpgp #openpgpjs

Critical flaw in OpenPGP.js (CVE-2025-47934) lets attackers spoof valid signatures on arbitrary data, tricking verifiers into trusting malicious content. Patch available in v5.11.3 and v6.1.1.

https://codeanlabs.com/blog/research/cve-2025-47934-spoofing-openpgp-js-signatures/

#infosec #PGP #crypto #OpenPGPjs

Spoofing OpenPGP.js signature verification

https://codeanlabs.com/blog/research/cve-2025-47934-spoofing-openpgp-js-signatures/

#HackerNews #Spoofing #OpenPGP.js #signature #verification #OpenPGPjs #CVE2025 #cybersecurity #research

The German Sovereign Tech Fund supports the development, improvement and maintenance of open digital infrastructure.
The following projects will receive funding starting October 2022:
#OpenMLS, #curl, #OpenBGPd, #Bundler/ #RubyGems, #WireGuard, #OpenPGPjs/ #GopenPGP, #OpenSSH

Strengthening Digital Infrastructure and Open Source Ecosystems
in the Public Interest
https://sovereigntechfund.de/en.html

#SovereignTechFund #FreeSoftware