The encryption mechanisms were tested, found wanting, and replaced in subsequent systems. PGP's installed base prevented them from keeping up. As a result, the constructions used in PGP today are essentially reviled by cryptography engineers.
Here's a quick overview: We have what we call primitives that achieve a certain goal. For example AES on its own does a pretty good job of being a block cipher. However it doesn't fulfil all our expectations for actual secure communication alone and for this we need to use it as part of a slightly larger scheme.
These are the constructions tptacek refers to. How we put together the bits we have in a way that meets our expectations, which we refer to as semantic security. This doesn't just apply to AES but also to public key crypto as well. This might seem quite abstract, so let me put it this way: AES alone doesn't know if the ciphertext you feed it has been modified by an attacker. It will simply process that data with a given key. The decrypting software might notice and report an error (the message will look garbled), and there are circimstances where this can actually be exploited to reveal information. This is not what we expected to happen.
We've learned a lot about this since the early 90s. Many modern primitives actually come with all the parts we would call a construction built in, to avoid potential misuse (although these schemes are for the most part academic right now). Almost all modern systems combine primitives like AES in such a way as to meet our expectations. Except perhaps Telegram but nobody knows what they're smoking.
If you want an actual textbook, Introduction to Modern Cryptography by Katz and Lindell, or Cryptography Made Simple by Nigel Smart will cover this in plenty of detail, and are also good all round introductions to most areas of cryptography by leading experts. I learn towards the book by Smart, but either will be perfectly fine.
