Microsoft dismantled malware-signing network Fox Tempest

Microsoft dismantled Fox Tempest, a commercialized malware-signing-as-a-service that issued over 1,000 short‑lived Microsoft Artifact Signing certificates and supported distribution of ransomware and infostealers (including Rhysida, Oyster, Lumma Stealer, Vidar); Microsoft seized infrastructure, revoked certificates, filed suit, and is coordinating with industry and law enforcement to disrupt the operation and mitigate downstream impacts across multiple sectors and countries.