> TritonInfoSec News
Home / May 21, 2026 / Story
0
#2 The Hacker News general May 20, 2026 at 14:36 UTC

Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks

By [email protected] (The Hacker News)

AI Summary

Microsoft disrupted Fox Tempest, a malware-signing-as-a-service (MSaaS) operation active since May 2025 that weaponized Microsoft's Artifact Signing system to deliver ransomware and other malware disguised as legitimate software. The disruption was formalized via a legal case unsealed in U.S. District Court. The operation compromised thousands of machines globally, making it a significant threat to organizations relying on code-signing trust chains.

Read full article → https://thehackernews.com/2026/05/microsoft-takes-…

Relevance score: 90.0/100

# More from May 21

  1. 1
    GitHub confirms breach of 3,800 repos via malicious VSCode extension BleepingComputer
  2. 3
    Microsoft disrupts Fox Tempest malware-signing-as-a-service platform tied to ransomware gangs The Record
  3. 4
    Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit The Hacker News
  4. 5
    CISA Exposes Secrets, Credentials in 'Private' Repo Dark Reading
  5. 6
    Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches CyberScoop
  6. 7
    7-Eleven confirms data breach claimed by the ShinyHunters gang BleepingComputer
  7. 8
    Grafana breach caused by missed token rotation after TanStack attack BleepingComputer
  8. 9
    Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack SecurityWeek
  9. 10
    Microsoft Self-Service Password Reset abused in Azure data theft attacks BleepingComputer