Tweet URL - https://twitter.com/tqbf/status/1516570590211153922 | Hacker Trends

Thomas H. Ptacek on Twitter: "Welp. It’s the crypto bug of the year. Mark it down for April. Java 15-18 ECDSA doesn’t sanity check that the random x coordinate and signature proof are nonzero; a (0,0) signature validates any message. Breaks JWT, SAML, &c. https://t.co/t2WgnS0g3A" / Twitter

https://twitter.com/tqbf/status/1516570590211153922

https://x.com/home/status/1516680770613620736

https://x.com/home/status/1516725501100019719

https://x.com/home/status/1516790837841117188

https://x.com/home/status/1516793594660933633

https://x.com/home/status/1516847885987553280

https://x.com/home/status/1516890513512747008