Threat Post

Java Serialization Bug Crops Up At PayPal

PayPal has rewarded two researchers with bug bounties for the discovery of a Java serialization vulnerability in manager.paypal.com A Java serialization vulnerability disclosed more than a year ago ...
Ars Technica

Major cryptography blunder in Java enables “psychic paper” forgeries

Organizations using newer versions of Oracle’s Java framework woke up on Wednesday to a disquieting advisory: A critical vulnerability can make it easy for adversaries to forge TLS certificates and ...