We have an active thread discussing the same topic starting from Matrix’s blogpost disclosing the vulnerabilities. I believe the blogpost is clear enough to avoid third-party news outlets proxing the news