// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-wedgDTG 0600Z
ColdRecon / Breach Radar / DigiCert
Breach Record

DigiCert

DISCLOSED 2026-05-04 · MALWARE

Attackers compromised DigiCert's internal support systems via a social engineering attack, gaining access to initialization codes for pending EV code-signing certificates. They fraudulently obtained valid certificates and used them to sign Zhong Stealer malware. DigiCert revoked 60 certificates, 27 directly linked to the attacker.

The record

What we know

Disclosed
2026-05-04
Attack vector
Malware
Sources

Cited reporting

Similar vector · recent

Other malware breaches on file

This page is the permanent ColdRecon entry for the DigiCert disclosure. It updates if new public reporting emerges. All tracked breaches →

DigiCert just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →