Threat actors are using EV code signing certificates to distribute both information-stealing malware and ransomware, indicating a streamlining of operations and the need for stronger security measures.