This affects all remote node connections

Active attack vector

The attack is pretty straightforward: when the wallet requests data from the remote node to create a transaction, the remote node sends bogus data in response. This results in an error message displayed to the user. If the user clicks through the error and retries the transaction a second time, this immediately reveals the real input to the remote node. Mitigations: If you see ANY** error message after attempting a transaction, DISCONNECT from that remote node and DO NOT try your transaction again right away.

1st and most important rule:

You need to have Full Trust in the Remote-Node Operator to use that node for sending transactions
another thing is common
unsecured connection
what does it mean???
whole communication made between client <-> server is RAW Plain Text
and can be seen by simple Network Traffic Wrapper
The moral of this is only use remote nodes from trusted sources.