Key Findings DigiCert's support team was compromised on April 2, 2026 when a staff member opened malware disguised as a screenshot in a help chat Attackers obtained initialization codes for EV Code Signing certificates, which function as bearer credentials for issuing valid certificates At least 60 certificates were revoked after hackers used stolen credentials to sign the Zhong Stealer malware A second compromised endpoint with a malfunctioning CrowdStrike sensor allowed att