For several years I was using TTRSS, but this year I moved to a Miniflux instance that I host at home. I couple it with an instance of Wallabag for saving articles for later reading. I like the experience of the Miniflux PWA app better than TTRSS.
…Companies making more than $5 million annually by using Post-Open software in a paid-for product would be required to pay 1 percent of their revenue back to this administrative organization, which would distribute the funds to the maintainers of the participating open source project(s). That would cover all Post-Open software used by the organization.
My point being that they deem this serious enough to release publicly themselves instead of an internal memory, and that this is about an active threat actor rather than a mere vulnerability.