Publicly-reported instances of Code-Signing Abuse bypassing endpoint security products. Maintained on the same basis for every technique in the Index.
| Product | Entries | High-confidence | Most recent |
|---|---|---|---|
| Microsoft | 5 | 5 | 2026-05-23 |
| Apple | 1 | 1 | 2023-10-25 |
| DigiCert | 1 | 1 | 2026-05-04 |
| Kaseya | 1 | 1 | 2024-05-10 |
| Product | Confidence | Disclosed | Source | |
|---|---|---|---|---|
| Microsoft | high | 2026-05-23 | www.positioniseverything.net | record → |
| Microsoft | high | 2026-05-20 | cybersecuritynews.com | record → |
| DigiCert | high | 2026-05-04 | cyberinsider.com | record → |
| Microsoft | high | 2025-06-19 | undercodetesting.com | record → |
| Microsoft | high | 2024-08-06 | www.elastic.co | record → |
| Kaseya | high | 2024-05-10 | purplesec.us | record → |
| Microsoft | high | 2024-04-26 | vsociety.medium.com | record → |
| Apple | high | 2023-10-25 | github.com | record → |
Counts reflect distinct publicly-reported events on record; absence of an entry means no confirmed public report is on file.