Code Signing stories

Proofpoint says a cargo theft gang spent weeks inside a decoy network, probing banking, fleet payment and load board systems for fraud.

Attackers abuse trusted tools, remote support software and stolen SSO sessions to breach systems, ReliaQuest says.

AppViewX acquires AI identity start-up Eos and appoints its co-founder Archit Lohokare as Chief Executive, targeting non-human identity security.

Attackers push fake Red Alert Android app via SMS, turning Israel rocket warning tool into spyware that steals messages, contacts and location.

Mylobster.ai unveils plan for kernel-level AI assistants across major platforms, targeting a USD $200 billion-plus systems-level market.

CodeHunter extends its behavioural malware analysis into CI/CD pipelines, targeting risky software artefacts before they reach production.

Phishing campaign uses stolen logins and trusted RMM tools like GoTo Resolve and LogMeIn to quietly maintain access to corporate systems.

ReliaQuest warns BaoLoader and trust-based lures are surging, as attackers ditch zero-days for social engineering and valid certificates.

Auto-update turns your firewall into a living defence, slashing patch delays and shutting attackers' favourite door: unpatched systems.

Logitech users on macOS must install manual patches for Options+ and G Hub after an expired certificate stopped both apps from launching.

CommScope launches PRiSM-based secure boot signing for TI AM6x chips, aiming to simplify compliance with tightening industrial cyber rules.

The TamperedChef malware campaign targets healthcare, construction and manufacturing sectors using fake installers with valid digital signatures to spread malicious software.

DigiCert's digital trust solutions are now accessible via AWS Marketplace, enabling customers to easily purchase and manage security services in one place.

Venafi's research reveals 83% of firms use AI for coding, sparking security fears as 66% of leaders struggle to keep pace, warning of a looming security reckoning.