Heads up to all #Riot users: with the recent attack on @matrix' infrastructure, it's possible that Riot's Google Play version got compromised. This doesn't affect Riot's F-Droid version. Just as Riot started to do now, F-Droid has always signed all its apps on an inaccessible, offline machine. For more information, see https://riot.im/reinstall
To avoid maintenance overhead, however, it's likely to happen that F-Droid users must also change the app in near future. Still, there's no need to act now.
As far as being "safe", then yes, if you avoid the electron app (or at least firejail it; electron has a horrible security record). Most of the difficulty happens at the homeservers, and seem to be mostly the result of naive and insecure federation code. One gotcha to note is that while messages can be encrypted, attachments NEVER are, and worse, they're world-accessible (a "feature" for some uses though)
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!