Dan Goodin / Ars Technica:
Oracle patches a critical bug in Java 15 and above, which lets attackers forge TLS certificates and signatures, two-factor authentication messages, and more — A failure to sanity check signatures for division-by-zero flaws makes forgeries easy. — Organizations using newer versions …
Brought to you by USA Today Read the rest of the article here.