The story of how WoSign gave me an SSL certificate for GitHub.com
It was rather surreal when I realized I had actual valid SSL/TLS certificates for the primary GitHub domains. Https is supposed to prevent eavesdropping, yet with these keys, I could become a man-in-the-middle with ease.
Source: www.schrauger.com