Notepad++ Update Servers Hijacked to Redirect Users to Malicious Servers скачать в хорошем качестве

Notepad++ Update Servers Hijacked to Redirect Users to Malicious Servers

In this video, we break down a major cybersecurity incident involving Notepad++, one of the world’s most popular text and code editors. According to a recent report, attackers successfully hijacked the Notepad++ update servers and used them to redirect select users to malicious servers between June and December 2025. 👉 What happened? The breach occurred at the infrastructure level when threat actors accessed the project’s former shared hosting server. This allowed them to intercept update requests destined for notepad-plus-plus.org and redirect some users to attacker-controlled servers distributing malicious binaries.  🔍 Why it matters: • This was not a flaw in the Notepad++ application itself — it was a supply chain compromise at the update delivery level.  • Older versions of the updater didn’t enforce strict certificate or signature validation for downloaded installers, making the attack possible.  • The incident lasted for about six months and was highly selective in targeting.  🛡️ How it was resolved: The Notepad++ team has since migrated its infrastructure to a new host and released version 8.8.9, which includes hardened update verification checks. Future releases will add even stronger safeguards like XML digital signature validation.  📌 Topics Covered in the Video: • What a supply chain attack is • How the Notepad++ update mechanism was compromised • Timeline of the hijacking campaign • What users should do to stay safe • Lessons for developers and cybersecurity pros ⸻ 🔔 Subscribe for more cybersecurity news, breakdowns, and incident analysis. 💬 Let us know in the comments if you use Notepad++ and what security tools you rely on! Source : https://cybersecuritynews.com/notepad...