ZDNet

Let's Encrypt disables TLS-SNI-01 validation

Let's Encrypt has disabled TLS-SNI-01 validation after the discovery of an attack able to hijack certificates using the protocol. The certificate authority, which offers free SSL and TLS certificates ...
ZDNet

Many CMS plugins are disabling TLS certificate validation... and that's very bad

An absurd number of CMS plugins and PHP libraries are disabling SSL/TLS certificate validation on purpose, and by doing so, they're putting millions of internet users at great risk. To make matters ...
Bleeping Computer

DigiCert mass-revoking TLS certificates due to domain validation bug

DigiCert is warning that it will be mass-revoking SSL/TLS certificates due to a bug in how the company verified if a customer owned or operated a domain and requires impacted customers to reissue ...