The most popular SSL/TLS and crypto library just released their new version, 4.0 and its pretty cool so far:

1. Encrypted Client Hello (ECH) support (RFC 9849) – Protects handshake metadata from eavesdroppers.
2. Post-quantum cryptography – Adds hybrid key exchange curveSM2MLKEM768.
3. Negotiated FFDHE in TLS 1.2 – Follows RFC 7919 for stronger key exchange.
4. AKID verification – Enabled when X509_V_FLAG_X509_STRICT is set.
5. Enhanced CRL checks – More robust certificate revocation verification.
6. PKCS5_PBKDF2_HMAC lower bounds enforced – In FIPS provider for stronger password-based key derivation.

and more! Check their github.