here is the official statement from threema to the related study mentioned in your link:
https://threema.ch/en/blog/posts/news-alleged-weaknesses-statement
I always wonder why some people are so clever to detect security issues, but aren’t able to bring their own (better) product on the market…