Git client vulnerabilities on case-insensitive filesystems:
https://github.com/blog/1938-vulnerability-announced-update-your-git-clients
NTPd vulnerabilities announced:
http://www.kb.cert.org/vuls/id/852879
OSX and MS Windows users, start by updating your github apps and plugins and then your regular command-line git client. NTP fixes still pending for most platforms.
SSL certificates can be compromised using a new vulnerability that shipped on currently supported versions of Debian, Ubuntu, CentOS, Fedora, the BSDs, etc.
Time update your servers, regenerate certs and if you are being rigorous about it, go through the certificate revocation process for your old ones. BUT, be careful that you have available OpenSSL 1.0.1g (or newer, should their be one). Versions previous to 1.0.1 are NOT vulnerable to heartbleed. Though many of these old versions are vulnerable to other bugs, you would not want to update from 1.0.0 for the sole purpose of avoiding heartbleed, if you are only going to land in 1.0.1e, thereby introducing the problem.
Considering the widespread deployment of OpenSSL, it is hard to overstate how common this bug is online.
Former Detroit Public Library chief Tim Cromer accused of closing branches while embezzling $1.4M:
http://www.detroitnews.com/article/20130522/METRO01/305220352
Quite a depressing read.
