Home / Jul 18, 2026 / Story
0
#8 The Hacker News general July 17, 2026 at 16:39 UTC

GoldenEyeDog Subgroup Linked to DigiCert Breach and Code-Signing Certificate Theft

By [email protected] (The Hacker News)

AI Summary

Expel researchers attributed the April 2026 DigiCert breach — involving theft of code-signing certificates — to a subgroup called CylindricalCanine, linked to the Chinese cybercrime cluster GoldenEyeDog (also known as APT-Q-27, Dragon Breath, and Miuuti Group). Stolen DigiCert code-signing certificates are highly weaponizable for supply chain attacks, as they can be used to sign malware that bypasses endpoint security controls.

Relevance score: 84.0/100

# More from July 18