Dark Reading

Criminals Obtain Code-Signing Certificates Using Stolen Corporate IDs

Malware authors have for some time been using code-signing certificates for their malicious payloads so they can sneak past enterprise anti-malware tools. But contrary to popular belief, not all of ...
Ars Technica

GitHub says hackers cloned code-signing certificates in breached repository

GitHub said unknown intruders gained unauthorized access to some of its code repositories and stole code-signing certificates for two of its desktop applications: Desktop and Atom. Code-signing ...