Bleeping Computer

GitHub revokes code signing certificates stolen in repo hack

GitHub says unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications after gaining access to some of its development and release planning repositories.
Wired

Malware Has a New Way to Hide on Your Mac

Malware on Apple's MacBook and iMac lines is more prevalent than some users realize; it can even hide in Apple's curated Mac App Store. But the relatively strong defenses of macOS make it challenging ...

OpenAI to Apple macOS users: Update ChatGPT, Codex and its other apps before May 8 or lose access

OpenAI is mandating macOS users update ChatGPT Desktop and other apps by May 8, 2026, due to a compromised JavaScript library ...
Dark Reading

Criminals Obtain Code-Signing Certificates Using Stolen Corporate IDs

Malware authors have for some time been using code-signing certificates for their malicious payloads so they can sneak past enterprise anti-malware tools. But contrary to popular belief, not all of ...
Bleeping Computer

Latest Code-signing news

Microsoft Defender is detecting legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha, resulting in widespread false-positive alerts, and in some ...