Two Sun security certificates have been compromised, which could allow malicious users to insert malicious code such as applets and make it appear that it is signed by Sun.