Dark Reading

'Lorem Ipsum' Malware Pivots to ClickFix Delivery

New analysis shows the campaign, which uses compromised WordPress sites, may be linked to the ransomware and extortion group Vice Society.
Hosted on MSN

Key trusted Microsoft platform exploited to enable malware, experts warn

Trusted Signing, a Microsoft certificate-signing service, is being abused by criminals, researchers are saying The criminals are signing malware with short-lived, three-day certificates Microsoft is ...
GIGAZINE

Microsoft has revoked over 1,000 certificates that allowed malware to be mistaken for 'legitimate software.'

On May 19, 2026, Microsoft announced that it had revoked over 1,000 code signing certificates issued by the attack group 'Fox Tempest,' which operated a 'malware signing service' that made malware ...
Bleeping Computer

OpenAI rotates macOS certs after Axios attack hit code-signing workflow

OpenAI is rotating potentially exposed macOS code-signing certificates after a GitHub Actions workflow executed a malicious Axios package during a recent supply chain attack. The company said that on ...
TechRepublic

Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs

Microsoft disrupted Fox Tempest, a malware-signing service accused of abusing Azure certificates to disguise ransomware and malware as trusted software. Microsoft says it disrupted a malware-signing ...
Microsoft

AI brands as bait: How threat actors are using the AI hype in social engineering

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself ...