Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Try Vanilla Forums Cloud product
Vanilla 2.6.1 is here with critical security patches. One of them has been publicly disclosed.

SHA-1 is officially compromised

LincLinc Director of DevelopmentDetroit Vanilla Staff

Today, Google announced the first SHA-1 collision. In 90 days they will release the code to duplicate their attack. In practical terms, it means you need to move any SHA-1 using applications to SHA-256 as soon as possible. This includes, potentially, jsConnect connections.



Sign In or Register to comment.