ConnectWise is warning customers that it is rotating the digital code signing certificates used to sign ScreenConnect, ConnectWise Automate, and ConnectWise RMM executables over security concerns.

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered ...

It remains unclear how the threat actor compromised access token used in the breach. Kind of rare to read about a security breach that requires no action. So kudos to Github for good practices. That ...

When OpenAI engineers discovered that a poisoned update to a widely used JavaScript library had executed on two corporate ...

ConnectWise this Friday will rotate all code-signing certificates for ScreenConnect, ConnectWise Automate, and ConnectWise RMM. While the software company recently disclosed a nation-state attack, it ...

Multicloud security firm Fortanix Inc. today announced a new partnership with digital certificates and certificate lifecycle management firm Sectigo Ltd. that will allow enterprises to secure their ...

Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. Threat actors have long sought after code-signing certificates ...

Microsoft disrupted a Rhysida ransomware campaign that used fake Teams binaries signed with digital certificates, including many from Microsoft's own service. In a social media post on X, Microsoft ...

GitHub said unknown intruders gained unauthorized access to some of its code repositories and stole code-signing certificates for two of its desktop applications: Desktop and Atom. Code-signing ...