This article has been indexed from The Register – Security
Whole new meaning for zero consequences
Java versions 15 to 18 contain a flaw in its ECDSA signature validation that makes it trivial for miscreants to digitally sign files and other data as if they were legit organizations.…
Read the original article: Oracle already wins ‘crypto bug of the year’ with Java digital signature bypass