An attacker would need to send two carefully crafted emails to the target.
The attack required a specific sequence of actions to succeed, which limited its real-world viability: Proton Exploit
When possible, use native desktop or mobile apps which often have different attack surfaces than web-based versions. If you'd like to refine this draft, tell me if you want to: An attacker would need to send two carefully
Ensure you are using the latest version of any Proton applications. Proton Exploit
The vulnerability was strictly limited to the web interface; non-web Proton Mail apps (iOS/Android) were never affected. Protecting Your Data