THREATNOIR
Subscribe
Back to Feed
Supply ChainApr 29, 2026

"On 2026-04-02, a threat actor contacted DigiCert's support team via a customer chat channel and...

Threat actor targets DigiCert support via malicious ZIP file in customer chat.

Read at source

Summary

On April 2, 2026, a threat actor contacted DigiCert's support team through a customer chat channel and delivered a ZIP file disguised as a screenshot, containing a malicious .scr executable. CrowdStrike and other security measures successfully blocked the payload. This incident highlights supply chain risks targeting critical certificate infrastructure vendors.

Indicators of Compromise

  • url — https://t.co/BtDkmBZVn8
  • malware — .scr executable payload

Entities

DigiCert (vendor)CrowdStrike (vendor)DigiCert Support Channel Attack (2026-04-02) (campaign)