Ars Technica

Major cryptography blunder in Java enables “psychic paper” forgeries

Organizations using newer versions of Oracle’s Java framework woke up on Wednesday to a disquieting advisory: A critical vulnerability can make it easy for adversaries to forge TLS certificates and ...
ZDNet

Java zero-day malware 'was signed with certificates stolen from security vendor'

Malware used in a zero-day Java exploit was signed with certificates stolen from a security firm, researchers have found. The editions of Java targeted by the malware, Java 6 Update 41 and Java 7 ...