Vulnerable Jenkins Allowed Attackers to Access Matrix Project’s production infrastructure on 4th April. Attackers gained access to Matrix’s official website and access tokens, private messages, passwords and GPG keys. Matrix is an open source end-to-end encrypted messaging protocol that allows anyone to self-host a messaging service on their own servers, powering many instant messengers, VoIP, WebRTC, bots and IoT communication. Matrix Project assures that both keys used for signing packages have now been revoked.
Source: https://thehackernews.com/2019/04/encrypted-messenger-cyberattack.html