The MD5 password hash algorithm is "no longer considered safe" by the original software developer, a day after the leak of more than 6.4 million hashed LinkedIn passwords.

If you thought MD5 was banished from HTTPS encryption, you'd be wrong. It turns out the fatally weak cryptographic hash function, along with its only slightly stronger SHA1 cousin, are still ...

The key takeaway, according to Lenstra: "It's imperative that browsers and CAs stop using MD5, and migrate to more robust alternatives such as SHA-2 and the upcoming SHA-3 standard." Further details: ...

Flame attackers' ability to forge a valid certificate for Windows Update should be a warning to companies to stop using the MD5 algorithm to issue security certificates.

Oracle says that starting with April 18, 2017, Java (JRE) will treat all JAR files signed with the MD5 algorithm as unsigned, meaning they'll be considered insecure and blocked from running.