In yet another instance of software supply chain attack, unidentified hackers breached the website ofMonPass, one of Mongolia’s major certificate authorities, to backdoor its installer software with Cobalt Strike binaries. The trojanized client was available for download between February 8, 2021, and March 3, 2021, said Czech cybersecurity software company Avast in areportpublished Thursday.