Every address is believably compromised as long as we are using it online.
We could all avoid that altogether if we use a none split fork address everytime we join in a sig campaign.
Luckily O.P didn't put a rules about changing of address.
I wasn't trying to be cute or philosophical, I am 99% sure that my private key is in the hands of someone else. I didn't see any rules about "keeping the same address" throughout the campaign, so I was hoping I could get it updated (especially because I gave multiple notices many days before payment). Anyways, the payment ended up in my hands anyways, so I suppose all is well.
Could you PM me more information about how "All addresses online could be believably compromised"? Or did you mean, unknowingly due to keyloggers, 0-days and other things?
There a major evidence that we are receiving a botnet from email or script in HTML I've read somewhere, that script will run in the background especially if you bought something online, also I highly believe that it is possible as I practice Javascript and Python it could work out if a black-hat-hacker gets their hand in our Laptop/Desktop, it is a different story if you are using the an Android/IOS phone it requires a different kind of script.
So yeah every address is vulnerable as long as we are using it online, they just only need a manipulating script to work everything out.