Morning Overview on MSN

The TanStack supply chain attack hit OpenAI — hackers reached two employee devices and forced the company to rotate all its code-signing certificates

When OpenAI engineers discovered that a poisoned update to a widely used JavaScript library had executed on two corporate ...
CSO Online

Microsoft disrupts malware code-signing service used by ransomware gangs

Cybercriminals paid between $5,000 and $9,000 to make their malware harder to detect on Windows, highlighting its ...
Dark Reading

8 Strategies for Enhancing Code Signing Security

The recent news that hackers had breached remote access solution company AnyDesk shined a harsh light on the need for companies to take a long, hard look at code-signing practices to help ensure a ...
Bleeping Computer

GitHub revokes code signing certificates stolen in repo hack

GitHub says unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications after gaining access to some of its development and release planning repositories.
Krebs on Security

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered ...
Geeky Gadgets

1Password now features recovery codes and QR Code sign-in

Recovery codes are unique, secure codes generated by 1Password to help users regain access to their accounts if they forget their password or lose their Secret Key. This feature is particularly ...