Which encryption method is no longer considered secure due to vulnerabilities that can be easily exploited?

MD5 is no longer secure because its collision resistance has been broken in practice. Researchers can generate two different inputs that produce the same MD5 hash, which means an attacker could substitute a malicious file or forge data so that its hash matches that of a legitimate one. This undermines integrity checks and any digital signatures or certificates that rely on MD5. Because of these vulnerabilities, MD5 should not be used for security-sensitive purposes; stronger hashes like SHA-256 (or SHA-3) are recommended, along with proper password hashing methods. The other options refer to algorithms that remain secure for their intended uses (AES for encryption, SHA-256 for hashing, RSA for public-key operations) and aren’t known to have the same practical, widespread collision vulnerabilities.