Microsoft Trust Signing service abused to code-sign malware

Cybercriminals are abusing Microsoft’s Trusted Signing platform to code-sign malware executables with short-lived three-day certificates.

bleepingcomputer.com