Malware now using NVIDIA's stolen code signing certificates
Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. [...]
Nvidia provides GPUs, drivers, and software used in AI and computing; flaws in these components can expose systems, data, and workloads.
Search across headline titles and summaries.
Background for this topic.
Nvidia develops graphics processing units (GPUs), accelerator cards, system-on-chip platforms, and the drivers and software stacks that control them. Its hardware is used in workstations, cloud systems, high-performance computing, and AI infrastructure; security news under this tag therefore commonly concerns device firmware, kernel drivers, GPU runtimes, management tools, and software libraries rather than the silicon alone.
Security advisories matter because flaws in drivers or privileged GPU components can allow local code to crash systems, gain elevated access, or cross intended isolation boundaries, depending on the affected platform. Shared GPU servers also require careful tenant and data isolation: residual data in device memory or insecure accelerator-management interfaces can expose workloads. Operators should track Nvidia security bulletins, inventory driver and firmware versions, obtain updates through trusted channels, restrict management endpoints, and test upgrades against dependent CUDA or AI workloads. Vulnerability assessment should include container and orchestration integrations, since a GPU-enabled workload may receive additional host access.
Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. [...]
70k staff email addresses and NTLM password hashes also dumped online An Nvidia code-signing certificate was among the mountain of files stolen and leaked online by criminals who ransacked the GPU giant's internal systems.…
More than 71,000 employee credentials were stolen and leaked online following a data breach suffered by US chipmaker giant Nvidia last month. [...]
American chipmaking company NVIDIA on Tuesday confirmed that its network was breached as a result of a cyber attack, enabling the perpetrators to gain access to sensitive data, including source code purportedly associated with its Deep Learning Super Sampling (DLSS) technology
Attackers claim to have IP which could increase capacity for crypto-mining
Chipmaker giant Nvidia confirms that its network was breached in a cyberattack last week, giving intruders access to proprietary information data and employee login data. [...]
The Lapsus$ data extortion group has released what they claim to be data stolen from the Nvidia GPU designer. The cache is an archive that is almost 20GB large. [...]
Online chatter suggests chip giant “hacked back” at its attacker