A remote code execution vulnerability has been spotted in use against some users running PyBitmessage v0.6.2. The cause was identified and a fix has been added and released as 0.6.3.2 here. If you run PyBitmessage via code, we highly recommend that you upgrade to 0.6.3.2. Alternatively you may downgrade to 0.6.1 which is unaffected. .
Bitmessage developer Peter Šurda's Bitmessage addresses are to be considered compromised.
Bitmessage is a P2P communications protocol used to send encrypted messages to another person or to many subscribers. It is decentralized and trustless, meaning that you need-not inherently trust any entities like root certificate authorities. It uses strong authentication which means that the sender of a message cannot be spoofed, and it aims to hide "non-content" data, like the sender and receiver of messages, from passive eavesdroppers like those running warrantless wiretapping programs. If Bitmessage is completely new to you, you may wish to start by reading the whitepaper.
Please follow the contribution guidelines when contributing code or translations.
Security audit needed
Bitmessage is in need of an independent audit to verify its security. If you are a researcher capable of reviewing the source code, please email the lead developer. You will be helping to create a great privacy option for people everywhere!