Ars Technica

GitHub says hackers cloned code-signing certificates in breached repository

It remains unclear how the threat actor compromised access token used in the breach. Kind of rare to read about a security breach that requires no action. So kudos to Github for good practices. That ...
Bleeping Computer

Malware now using NVIDIA's stolen code signing certificates

Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. This week, NVIDIA confirmed that they ...
Ars Technica

GitHub says hackers cloned code-signing certificates in breached repository

GitHub said unknown intruders gained unauthorized access to some of its code repositories and stole code-signing certificates for two of its desktop applications: Desktop and Atom. Code-signing ...