Cryptocat Users Warned of Vulnerability That Allows Hackers to Crack Chats: In case you’re using an older variant of Cryptocat, you are advised to update your installation immediately.
Crypto expert Steve Thomas claims to have identified a vulnerability that exposes all Cryptocat chats from the period between October 17, 2011, and June 15, 2013. He has even developed a tool, DecryptoCat, to demonstrate his point.
“Cryptocat is run by people that don’t know crypto, make stupid mistakes, and not enough eyes are looking at their code to find the bugs,” he said.
“I would suggest not using Cryptocat as there’s no telling how long it will be until they break their public key encryption.”
However, Cryptocat developers have a totally different version of the story.