Aside: this is a *major* reason why I quit Bluesky and deleted my account some months back.

@denschub @vkc Yep, DMs or "Private mentions" on Mastodon can be exploited using a similar vector. The client can say this message should be readable only to this/these users, but you can write a client which doesn't respect the protocol and view them anyway. It's a strong argument for why DMs should probably not exist on decentralized platforms that do not or cannot use E2EE.