Other Sources of Security Information
The Zcash Company will announce any breaking security issues on this website.
Known Security Issues
Each release contains a ./doc/security-warnings.md document describing security issues known to affect that release. You can find the most recent version of this document here:
Note that this link points to the "in development" version of the file, so it may have more recent findings than the version released with your software. (It might also have issues that are only relevant for the upcoming release which don't affect the current release or older software.)
What if Zcash company gets hacked?
In the event the Zcash Company website is down or hacked, please also check these twitter handles: @ZcashCo, @zooko, and @least_nathan. The Zcash protocol has an alert system and currently a small set of people working for the Zcash Company control the keys to issue alerts. These will be sent to all nodes.
What if Zcash company turns evil?
If we are sufficiently hacked, or if we collectively turn evil, the above resources will not be sufficient to protect you. Luckily, the Zcash network is growing into a larger and more resilient community beyond the Zcash company itself. If you suspect that the company has been compromised, please also check other community resources unrelated to the Zcash Company.