DigiCert Revokes Certificates After Support Portal Hack
Hackers delivered malware via a customer chat channel, infected an analyst’s system, and accessed the internal support portal. The post DigiCert Revokes Certificates After Support Portal Hack appeared first on SecurityWeek.
DigiCert last week announced that certificates fraudulently obtained from its internal support portal after a cyberattack were revoked.
The attack, the company said in a detailed report, occurred on April 2, when a threat actor targeted DigiCert’s support team with a malicious payload delivered via a customer chat channel, disguised as a screenshot.
The malware infected two endpoints, one of which was identified on April 3, and another on April 14. DigiCert blames the late discovery of the second infection on the malfunctioning security solutions running on the endpoint.
Source: https://www.securityweek.com/digicert-revokes-certificates-after-support-portal-hack/
Related breach coverage
- AI Firm Braintrust Prompts API Key Rotation After Data Breach2026-05-08
Hackers accessed one of the company’s AWS accounts and compromised AI provider secrets stored in Braintrust. The post AI Firm Braintrust Prompts API Key Rotation After Data Breach appeared first on SecurityWeek.
- Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls2026-05-06
CVE-2026-0300 affects the Captive Portal service of PAN-OS software on PA and VM series firewalls. The post Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls appeared first on SecurityWeek.
- In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner2026-05-08
Other noteworthy stories that might have slipped under the radar: US gov targets 72-hour patch cycles, malware uses Windows Phone Link to steal OTPs, spy operation targets Eurasian drone industry. The post In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner appeared first on SecurityWeek.
- Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants2026-05-08
The hackers gained the ability to modify equipment operational parameters, creating a direct risk to the public water supply. The post Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants appeared first on SecurityWeek.