The Ethereum Foundation warned Mist browser users about a "critical vulnerability" in all existing versions that threatens private keys.
[SECURITY ALERT] Warning to users of Mist Browser -- https://t.co/DeUqHJvzDh
— Ethereum (@ethereumproject) 15 декабря 2017 г.
The statement says that the Ethereum Wallet is not effected. Developers urge users not to use "untested" websites for transactions.
An important reminder: Mist is still beta software, and you must treat it as such. The Mist Browser beta is provided on an “as is” and “as available” basis and there are no warranties of any kind, expressed or implied, including, but not limited to, warranties of merchantability or fitness of purpose.
According to the representative of the team Mist Everton Fraga, the update of the basic software of the Electron browser is constantly postponed. In this regard, the browser can go to Muon software, which is updated much more often.