heise online

Notepad++: Security update against code smuggling vulnerability

Notepad++ has been released in version 8.9.2. The new version improves security mechanisms and closes a highly risky security vulnerability through which attackers can execute arbitrary code. In the ...
CSOonline

Notepad++ author says fixes make update mechanism ‘effectively unexploitable’

The recently compromised update mechanism for the popular open source text editor Notepad ++ has been hardened so it’s now ‘effectively unexploitable’, says the application’s author. Don Ho made the ...
Bleeping Computer

Notepad++ boosts update security with ‘double-lock’ mechanism

Notepad++ has adopted a “double-lock” design for its update mechanism to address recently exploited security gaps that resulted in a supply-chain compromise. The new mechanism landed in Notepad++ ...
TechRadar

A popular Microsoft Outlook add-in has been hijacked to try and steal user accounts - here's how to stay safe

Abandoned Outlook add-in AgreeTo hijacked into phishing kit stealing Microsoft accounts Attackers stole 4,000 accounts, credit card data, and banking security answers Microsoft removed add-in; users ...
ZATAZ

Notepad++ update channel hijacked in suspected state-backed operation

Attackers suspected of ties to Beijing selectively diverted Notepad++ update traffic to malicious servers. No code bug was exploited, the compromise hit distribution infrastructure, making it quieter ...
techtimes

Notepad++ Hack Reveals Six-Month Backdoor Breach Targeting Millions of Users

Notepad++, one of Windows' most widely used text editors, has confirmed a major security breach after its update infrastructure was compromised for nearly six months. Developers say suspected China ...
GIGAZINE

Notepad++ was hijacked by state-sponsored hackers to distribute malware installers

There has been a continuing problem where traffic from WinGUp, an updater for the text editor Notepad++, was being redirected to malicious domains and distributing malware, and it has now been ...
IT News For Australia Business

Popular text editor Notepad++ was hacked to drop malware

Notepad++, a free open source text and code editor for the Windows operating system, suffered an "infrastructure-level compromise" last year by threat actors seeking to deliver malware to selected ...
Mint

Chinese hackers exploit Notepad++ updater to target select users for months: Report

The developer of Notepad++ has reportedly noted that its software update mechanism was covertly hijacked for several months last year, with evidence suggesting the operation was carried out by a ...
PC Magazine

Chinese Hackers Hit Notepad++ to Serve Malicious Update

If you use Notepad++, it's time to update. Hackers compromised the free text and coding editor to distribute a malicious update via the auto-update function. Notepad++ developer Don Ho detected the ...
TweakTown

Notepad++ hack detailed - and what to do if you think you might be affected

TL;DR: Notepad++ was compromised for six months, but it wasn't the software itself which the exploit leveraged, but its hosting provider. An investigation into the attack has just been concluded with ...