DigiCert suffers breach, stolen certificates used to sign malware

📅 4 May 2026 at 10:28 UTC📰 Cyber InsiderView original source ↗

DigiCert has disclosed a security incident in which attackers compromised internal support systems and abused stolen certificate issuance data to obtain valid EV code signing certificates. Some of the certificates were subsequently used to sign malware tied to the Zhong Stealer family. DigiCert, a major certificate authority trusted by browsers and operating systems worldwide, plays … The post DigiCert suffers breach, stolen certificates used to sign malware appeared first on CyberInsider.

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

DigiCert suffered a breach, allowing attackers to obtain valid EV code-signing certificates, which were subsequently used to sign malware tied to the Zhong Stealer family.

⚙️Technical Details

Affected Systems

DigiCert's internal support systemsCustomer accounts in DigiCert's customer support portal

Attack Vectors

Malicious ZIP archive disguised as a screenshotMisconfigured CrowdStrike endpoint detection and response (EDR) agent

💥Impact Assessment

Severity: critical

Who Is at Risk

Software developers, users of software applications signed with compromised certificates, and potentially anyone who uses internet communications secured by DigiCert's certificates.

🛡️Recommended Actions

1Implement strict file upload controls

2Enhance endpoint monitoring

3Use phishing-resistant multi-factor authentication

📦Affected Products

Software applications signed with compromised EV code-signing certificates

Read the full article

This is a curated summary. The complete article is available at Cyber Insider.

Read on Cyber Insider ↗

← Back to feed