A rather significant bug has been spotted in Monero's decoy selection algorithm. Please read this whole message carefully.
If users spend funds immediately following the lock time in the first 2 blocks allowable by consensus rules (20 minutes after receiving funds), then there is a good probability that the output can be identified as the true spend. This does not reveal anything about addresses or transaction amounts. Funds are never at risk of being stolen.
This bug persists in the official wallet code today. Users can substantially mitigate the risk to their privacy by waiting 1 hour or longer before spending their newly-received Monero, until a fix can be added in a future wallet software update. A full network upgrade (hard fork) is not required to address this bug.
The Monero Research Lab and Monero developers take this matter very seriously. We will provide an update when wallet fixes are available. Please read this GitHub issue for more details: https://github.com/monero-project/monero/issues/7807
I have invited the individual who spotted this bug, Justin Berman, to join me on an episode of Breaking Monero once we can more easily explain the required fix to people.