TechRadar

Why October 1, 2026, could be the day SSL/TLS certificates 'break the Internet'

As SSL/TLS certificate lifespans shrink, IT departments must adapt to faster renewal cycles. This shift toward shorter lifecycles, driven by a need for better security, will soon create immense ...

Critical flaw in wolfSSL library enables forged certificate use

A critical vulnerability in the wolfSSL SSL/TLS library can weaken security via improper verification of the hash algorithm ...
Indiatimes

Tesla's former VP Andrej Karpathy shares AI coding 'horror', 'Python supply chain attack' that could have wiped millions of SSL private keys, database passwords, more; and Elon ...

Andrej Karpathy, the former Tesla AI director and OpenAI cofounder, is calling a recent Python package attack "software horror"—and the details are genuinely alarming. A compromised version of LiteLLM ...
Hackaday

This Week In Security: Docker Auth, Windows Tools, And A Very Full Patch Tuesday

CVE-2026-34040 lets attackers bypass some Docker authentication plugins by allowing an empty request body. Present since 2024, this bug was caused by a previous fix to the auth workflow. In the ...