What to do after a data breach affects your accounts
When a Signed App Isn’t Safe: The TamperedChef Malware Campaign Most people assume that if a piece of software carries a valid digital signature, it’s legitimate. That assumption is exactly what the attackers behind the recently disclosed TamperedChef campaign are exploiting. According to reports from Cybersecurity News in May 2026, this malware operation takes popular productivity apps—things like text editors, PDF viewers, and office tools—modifies them with malicious code, signs them with stolen or fraudulently obtained certificates, and then distributes them through fake download sites and search ads. Once installed, the booby‑trapped app drops information stealers and remote access trojans (RATs) that can siphon credentials, capture keystrokes, and give attackers persistent control of the machine. ...