Code signing is like a virtual mechanic, ensuring trust across the software supply chain by validating the identities of source code and verifying that it hasn’t been tampered with. Code signing isn’t new, but it has changed.
Security vulnerability that impacts an older form of a BlackBerry industrial systems OS, still in use in both industrial settings and hospital equipment, was discovered by Microsoft researchers in April of this year. Many are only now learning about it.
The term protestware recently made global news when organizations in Russia and Belarus were attacked by malicious code that wiped their computers’ files. This malware was distributed through the popular open source JavaScript library, node-ipc, and was introduced by its maintainer in retaliation for Russia's invasion of Ukraine.