When OpenAI engineers discovered that a poisoned update to a widely used JavaScript library had executed on two corporate ...

The recent news that hackers had breached remote access solution company AnyDesk shined a harsh light on the need for companies to take a long, hard look at code-signing practices to help ensure a ...

OpenAI is telling every Mac user running its ChatGPT or Codex desktop app to update right now. The urgency traces back to a supply-chain attack on a popular open-source JavaScript toolkit called ...

OpenAI says Mac users must update ChatGPT, Codex, and Atlas apps by June 12 after an npm supply-chain attack exposed signing certificates.

Cybercriminals paid between $5,000 and $9,000 to make their malware harder to detect on Windows, highlighting its effectiveness and a shift in how the cybercrime market operates. Microsoft has ...

ConnectWise this Friday will rotate all code-signing certificates for ScreenConnect, ConnectWise Automate, and ConnectWise RMM. While the software company recently disclosed a nation-state attack, it ...

BOSTON--(BUSINESS WIRE)--Recently, the CA/B Forum, a voluntary organization of leading Certification Authorities (CAs) and vendors of Internet browser software and other applications, related to Code ...

Stateful hash-based signature (HBS) schemes provide quantum-resistant digital signing for software and firmware. Standardized by NIST in SP 800-208, LMS/HSS and XMSS use one-time keys to ensure strong ...

Microsoft’s Digital Crimes Unit has taken down the infrastructure of Fox Tempest, a prolific cybercrime-enabling threat group ...

Whether you create your own code-signing certificate, or use a certificate from a certificate authority, it’s easy to give your Windows binaries the seal of approval. If you compile programs on ...