Skip to content
The Nexus
SECURITYMay 19 · 15:00 UTCCYBERSCOOPMatt Kapko

Microsoft disrupts cybercrime service that abused software verification systems en masse

Microsoft disrupted a cybercrime service called Fox Tempest that created and sold code-signing certificates to make malware appear legitimate. The service was used by multiple ransomware groups and had a global impact. Microsoft seized infrastructure and dismantled the operation after tracking it since September 2025.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this