A certificateless aggregate signature scheme saves cost from complicated certificate management in PKI and compresses many signatures on different messages signed by different users to one single signature. It is originally required to be secure against a conspiring group of malicious signers (type I adversary) and against malicious KGC (type II adversary). In this paper, we define a novel fundamental type of adversary for certificateless aggregate signature schemes, type III adversary, called malicious KGC & Signers Coalition, who can break Zhang-Zhang scheme. We also propose two new certificateless aggregate schemes which are provably secure against all three types of adversary.