A subgroup of the Chinese cybercrime group GoldenEyeDog has been linked to the April 2026 security incident at DigiCert, a prominent certificate authority. This subgroup, known as CylindricalCanine, was identified by researchers at Expel, who provided technical details of the breach. The attack resulted in the theft of code-signing certificates, which could be used to sign malicious software and make it appear legitimate. The GoldenEyeDog group, also known as APT-Q-27, Dragon Breath, and Miuuti Group, is known for targeting the gaming and gambling sectors. The fact that a state-aligned threat actor is involved in this breach raises the stakes, with implications extending beyond the immediate target1. This incident highlights the need for organizations to be vigilant about the potential for state-sponsored attacks, which can have significant geopolitical consequences.