New SignSight Supply-Chain Attack Targeted Certification Authority in Southeast Asia Twice
The attackers made changes to software installers available for download from a Vietnam government website. In addition, they added a backdoor to target users of a legitimate application.