A mistake in the process used by the Signal Desktop application to encrypt locally stored messages leaves them wide open to an attacker.

An Israeli security firm claims its researchers have successfully decrypted Signal’s infamous end-to-end encryption — though the validity of that statement is anyone’s guess. Signal is ...

New attack can now decrypt satellite phone calls in "real time" The paper advances earlier research from 2012, which reverse engineered a popular satphone encryption.

The problem is that the encryption key is stored on the machine in a local plain text file. Any malware able to read unencrypted local files could obtain the key, and therefore decrypt the messages.