certificates
Digital certificates and malware: a dangerous mix
In the past few days we have heard several stories about major corporations getting hacked and their security systems completely bypassed. If anything, that should remind us …
GitHub MitM attack orchestrated by Chinese censors?
China-based users and visitors of GitHub, the globally popular online source code repository, have been targeted with an man-in-the-middle attack late last Friday, reports …
Fraudulent digital certificate for Google web properties used in active attacks
A fraudulent digital certificate that could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against several Google web properties has …
Adobe admits breach, will revoke compromised code signing certificate
Adobe has confirmed that one of their build servers that has access to the Adobe code signing infrastructure has been compromised, allowing attackers to digitally sign two …
Flame abused Windows Update to spread
You have probably already heard that Microsoft released an out-of-band update that revokes three rogue certificates that were used to sign a couple of modules of the recently …
Some Flame modules were signed with rogue Microsoft certificates
While investigating the recently unearthed Flame (SkyWiper) toolkit, Microsoft’s researchers have made an unwelcome discovery. “We have discovered through our …
Featured news
Resources
Don't miss
- Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257)
- FAPI 2.0: How the OpenID Foundation is enabling scalable interoperability in global healthcare
- pqcscan: Open-source post-quantum cryptography scanner
- Bitdefender PHASR: Proactive hardening demo overview
- Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812)