When OpenAI engineers discovered that a poisoned update to a widely used JavaScript library had executed on two corporate ...

Whether you create your own code-signing certificate, or use a certificate from a certificate authority, it’s easy to give your Windows binaries the seal of approval. If you compile programs on ...

Cybercriminals paid between $5,000 and $9,000 to make their malware harder to detect on Windows, highlighting its effectiveness and a shift in how the cybercrime market operates. Microsoft has ...

Stateful hash-based signature (HBS) schemes provide quantum-resistant digital signing for software and firmware. Standardized by NIST in SP 800-208, LMS/HSS and XMSS use one-time keys to ensure strong ...

OpenAI is telling every Mac user running its ChatGPT or Codex desktop app to update right now. The urgency traces back to a supply-chain attack on a popular open-source JavaScript toolkit called ...

BOSTON--(BUSINESS WIRE)--Recently, the CA/B Forum, a voluntary organization of leading Certification Authorities (CAs) and vendors of Internet browser software and other applications, related to Code ...

ConnectWise this Friday will rotate all code-signing certificates for ScreenConnect, ConnectWise Automate, and ConnectWise RMM. While the software company recently disclosed a nation-state attack, it ...

Microsoft has disrupted a cybercrime service that allegedly helped ransomware operators and other attackers make malware appear as verified software, the company said last week.

Microsoft’s Digital Crimes Unit has taken down the infrastructure of Fox Tempest, a prolific cybercrime-enabling threat group ...

Microsoft says it has disrupted a malware-signing-as-a-service (MSaaS) operation that abused the company's Artifact Signing service to generate fraudulent code-signing certificates used by ransomware ...