Hosted on MSN

Chinese hackers hit Notepad++ to serve malicious update

If you use Notepad++, it's time to update. Hackers compromised the free text and coding editor to distribute a malicious update via the auto-update function. Notepad++ developer Don Ho detected the ...
Dark Reading

When Auto-Updates Become Attack Paths

In light of the recent compromise of Notepad++'s update mechanisms, it is worth examining a common pattern in enterprise environments: the belief that using an application’s internal update mechanisms ...
CSOonline

Notepad++ author says fixes make update mechanism ‘effectively unexploitable’

The recently compromised update mechanism for the popular open source text editor Notepad ++ has been hardened so it’s now ‘effectively unexploitable’, says the application’s author. Don Ho made the ...