The first breakthrough (or proof of breakage) came in late 2004, when Xiaoyun Wang, Dengguo Feng, Xuejia Lai, and Hongbo Yu demonstrated a practical way to obtain collisions in the MD5 hash, as well as in a number of other hash functions. A team composed of Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik and Benne de Weger announced they had succeeded in the creation of a rogue Certification Authority certificate.”]
Source: https://www.bitdefender.com/blog/hotforsecurity/md5-weakness-exploited/

