Posted
by
msmash
from the security-woes dept.
Luthair writes: Notepad++ claims to have been focused by a state actor, given their earlier stance on Uyghurs one can speculate a couple of candidate. Notepad++, in a weblog submit: Based on the evaluation supplied by the safety consultants, the assault concerned infrastructure-level compromise that allowed malicious actors to intercept and redirect replace site visitors destined for notepad-plus-plus.org. The precise technical mechanism stays beneath investigation, although the compromise occurred on the internet hosting supplier stage somewhat than by way of vulnerabilities in Notepad++ code itself. Visitors from sure focused customers was selectively redirected to attacker-controlled served malicious replace manifests.
