Microsoft disrupts Fox Tempest malware-signing-as-a-service platform tied to ransomware gangs

Microsoft disrupted 'Fox Tempest', a well-resourced malware-signing-as-a-service (MSaaS) that weaponized Microsoft Artifact Signing to generate short-lived fraudulent code-signing certificates, enabling ransomware affiliates and malware operators to make malicious binaries appear legitimate; Microsoft seized the site, revoked over 1,000 certificates, took down hundreds of supporting virtual machines and Azure tenants, and found evidence of wide use by ransomware groups and infostealer families across multiple countries.