Ars Technica

PGP keys, software security, and much more threatened by new SHA1 exploit

Three years ago, Ars declared the SHA1 cryptographic hash algorithm officially dead after researchers performed the world’s first known instance of a fatal exploit known as a “collision” on it. On ...
Computerworld

The SHA1 hash function is now completely unsafe

Security researchers have achieved the first real-world collision attack against the SHA-1 hash function, producing two different PDF files with the same SHA-1 signature. This shows that the algorithm ...