Adobe has released security bulletins for Cold Fusion related to CVE-2013-0625 and CVE-2013-0629. These software flaws only affect Cold Fusion deployments with no password set or password protection disabled for Remote Development Services (RDS). The password for RDS should never be the same as the server or system administratve account. The software flaws are being exploited in the wild.

Turktrust had issued subordinate certificates back in August, 2012, which inherited trust from their root certificates. This resulted in other fraudulate certificates being created including for *.google.com. While it does appear that this is the result of humman error users should insure these certificates are no longer trusted.

Google had issued an update to Chrome. Mac users should turn on Online Certificate Status Protocol (OCSP) and Certificate Revocation List (CRL). Mac users can also manage certificates and trust via the Keychain.app.