Bleeping Computer

Notepad++ boosts update security with ‘double-lock’ mechanism

Notepad++ has adopted a “double-lock” design for its update mechanism to address recently exploited security gaps that resulted in a supply-chain compromise. The new mechanism landed in Notepad++ ...
TechRadar

A popular Microsoft Outlook add-in has been hijacked to try and steal user accounts - here's how to stay safe

Abandoned Outlook add-in AgreeTo hijacked into phishing kit stealing Microsoft accounts Attackers stole 4,000 accounts, credit card data, and banking security answers Microsoft removed add-in; users ...
techtimes

Notepad++ Hack Reveals Six-Month Backdoor Breach Targeting Millions of Users

Notepad++, one of Windows' most widely used text editors, has confirmed a major security breach after its update infrastructure was compromised for nearly six months. Developers say suspected China ...
ExtremeTech

Notepad++ Says Chinese-State Hackers Spent Half a Year Hijacking Its Software Updates

Don Ho, the programmer behind the popular Windows text and source code editor Notepad++, says Chinese government hackers spent half a year hijacking the tool's software updates. The state-sponsored ...
Engadget

Notepad++ says it was hijacked by Chinese state-sponsored hackers

Last year, the creator of Notepad++ rolled out an update for the text and source code editor after security experts reported that bad actors were hijacking its update mechanism to redirect traffic to ...
IT News For Australia Business

Popular text editor Notepad++ was hacked to drop malware

Notepad++, a free open source text and code editor for the Windows operating system, suffered an "infrastructure-level compromise" last year by threat actors seeking to deliver malware to selected ...
Mint

Chinese hackers exploit Notepad++ updater to target select users for months: Report

The developer of Notepad++ has reportedly noted that its software update mechanism was covertly hijacked for several months last year, with evidence suggesting the operation was carried out by a ...
PC Magazine

Chinese Hackers Hit Notepad++ to Serve Malicious Update

If you use Notepad++, it's time to update. Hackers compromised the free text and coding editor to distribute a malicious update via the auto-update function. Notepad++ developer Don Ho detected the ...
TweakTown

Notepad++ hack detailed - and what to do if you think you might be affected

TL;DR: Notepad++ was compromised for six months, but it wasn't the software itself which the exploit leveraged, but its hosting provider. An investigation into the attack has just been concluded with ...
TechRadar

Notepad++ hit by suspected Chinese state-sponsored hackers - here's what we know so far

Notepad++ targeted in sophisticated supply-chain style attack via compromised hosting server Attackers delivered tainted updates to select victims, exploiting weak update verification controls Breach ...
CSOonline

Notepad++ infrastructure hijacked by Chinese APT in sophisticated supply chain attack

The popular open-source text editor Notepad++ was targeted in a sophisticated supply chain attack that allowed Chinese state-sponsored hackers to deliver malware through compromised software updates, ...