Pierre-Yves Lapersonne@programming.devM to Opensource@programming.dev · 1 month agoNotepad++ hijacked by state-sponsored hackersnotepad-plus-plus.orgexternal-linkmessage-square4linkfedilinkarrow-up122arrow-down10 cross-posted to: foss@beehaw.orghomeassistant@lemmit.onlinehomelab@lemmit.onlinelinustechtips@lemmit.onlinecybersecuritypcmasterrace@lemmit.onlinehackernews@lemmit.onlinetechnik@feddit.orgtechnology@lemmit.online
arrow-up122arrow-down1external-linkNotepad++ hijacked by state-sponsored hackersnotepad-plus-plus.orgPierre-Yves Lapersonne@programming.devM to Opensource@programming.dev · 1 month agomessage-square4linkfedilink cross-posted to: foss@beehaw.orghomeassistant@lemmit.onlinehomelab@lemmit.onlinelinustechtips@lemmit.onlinecybersecuritypcmasterrace@lemmit.onlinehackernews@lemmit.onlinetechnik@feddit.orgtechnology@lemmit.online
minus-squareartyom@piefed.sociallinkfedilinkEnglisharrow-up4arrow-down2·1 month agoI’m so confused. It doesn’t say anything about “state-sponsored attackers” outside of the headline? What state? Why? Why is a Notepad app connecting to any servers or have credentials at all?
minus-squarevoracitude@lemmy.worldlinkfedilinkarrow-up6arrow-down1·edit-218 days agodeleted by creator
minus-squareDem Bosain@midwest.sociallinkfedilinkEnglisharrow-up1·1 month agoIt wasn’t specifically notepad++ code, but a custom-written updater. That’s why it was connecting to the internet.
minus-squarevillage604@adultswim.fanlinkfedilinkEnglisharrow-up2·1 month agoI mean, it is n++ code because the updater is part of the code base. They just didn’t have the connection to the update server hardened. This was patched in like December, though.
I’m so confused.
deleted by creator
It wasn’t specifically notepad++ code, but a custom-written updater. That’s why it was connecting to the internet.
I mean, it is n++ code because the updater is part of the code base. They just didn’t have the connection to the update server hardened.
This was patched in like December, though.