Security Boulevard

What to Know About the Notepad++ Supply-Chain Attack

The cybersecurity community is still grappling with a sobering realization: one of the most ubiquitous tools in the developer’s toolkit, Notepad++, was hiding a critical vulnerability for over six ...
Yahoo

Popular open-source coding application targeted in Chinese-linked supply-chain attack

Feb 2 (Reuters) - A Chinese-linked cyberespionage group with a long history hijacked the update process for the popular code editing platform Notepad++ to deliver a custom backdoor and other malware ...

Notepad++ boosts update security with ‘double-lock’ mechanism

Notepad++ has adopted a "double-lock" design for its update mechanism to address recently exploited security gaps that ...
CPO Magazine

Chinese Hackers Compromised Notepad++ Software Updates For Nearly Half a Year, But Only “Select” Targets Breached

Security researchers believe that Chinese hackers are to blame for the attack in part because of the "selective" nature of ...
SecurityWeek

CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.
Reuters

Popular open-source coding application targeted in Chinese-linked supply-chain attack

Notepad++ update process hijacked for targeted cyberespionage Cybersecurity firm Rapid7 links attack to Chinese group Lotus Blossom China denies involvement, citing lack of evidence Feb 2 (Reuters) - ...