"TrueCrypt is not secure," official SourceForge page abruptly warns (Ars Technica)
Ars Technica reports that the SourceForge-hosted web page for the TrueCrypt encryption program suddenly changed to carry a prominent security warning. It indicates that the program may "contain unfixed security issues" and "is not secure". A new version of TrueCrypt, 7.2, has been released, but with some major differences:

"The SourceForge page, which was delivered to people trying to view truecrypt.org pages, contained a new version of the program that, according to this "diff" analysis [.diff.gz], appears to contain changes warning that the program isn't safe to use. Curiously, the new release also appeared to let users decrypt encrypted data but not create new volumes.

Significantly, TrueCrypt version 7.2 was certified with the official TrueCrypt private signing key, suggesting that the page warning that TrueCrypt isn't safe wasn't a hoax posted by hackers who managed to gain unauthorized access. After all, someone with the ability to sign new TrueCrypt releases probably wouldn't squander that hack with a prank."