1. DigiCert Support Staff Socially Engineered: Attackers Obtain Code-Signing Certificates Used to Sign Malware
DigiCert, one of the world's largest certificate authorities, has disclosed a security breach in which threat actors successfully tricked support staff into executing a malicious file. The attack enabled the adversaries to obtain code-signing certificates that were subsequently weaponized to sign malware, undermining a...