Morning Overview on MSN

The TanStack supply chain attack hit OpenAI — hackers reached two employee devices and forced the company to rotate all its code-signing certificates

When OpenAI engineers discovered that a poisoned update to a widely used JavaScript library had executed on two corporate ...
Morning Overview on MSN

OpenAI asks all macOS users to update immediately after the TanStack attack forced the company to rotate its code-signing certificates

OpenAI is telling every Mac user running its ChatGPT or Codex desktop app to update right now. The urgency traces back to a ...

OpenAI Warns Mac Users to Update Apps After Supply-Chain Attack

OpenAI says Mac users must update ChatGPT, Codex, and Atlas apps by June 12 after an npm supply-chain attack exposed signing ...
Nextgov

Microsoft disrupts cybercrime service offering malware disguised as legitimate software

The downstream impact of that service’s operations “has resulted in attacks against a broad range of industry sectors” in the ...
Dark Reading

ConnectWise to Rotate Code-Signing Certificates

ConnectWise this Friday will rotate all code-signing certificates for ScreenConnect, ConnectWise Automate, and ConnectWise RMM. While the software company recently disclosed a nation-state attack, it ...
SecurityWeek

Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’

Microsoft has disrupted the Fox Tempest cybercrime service that has been helping threat actors distribute ransomware and ...
SD Times

New InstallAware X17: Future-Proof, Azure Trusted, Dongle-Free Code Signing

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...
Infosecurity Magazine

Microsoft Takes Down Fox Tempest for Providing Ransomware-Enabling Signing Tool

Microsoft’s Digital Crimes Unit has taken down the infrastructure of Fox Tempest, a prolific cybercrime-enabling threat group ...