Users of the matter and codification editor Notepad++ whitethorn person unknowingly downloaded a malicious update for the app aft its shared hosting servers were hijacked past year. On Monday, the app’s developer, Don Ho, posted an update connected the attack pinch much details, including that the hackers were “likely a Chinese state-sponsored group” and that the app’s servers were susceptible for astir six months from June done December 2nd, 2025.
The station explains that the hijacking occurred connected the app’s unnamed, now-former hosting provider’s end, stating that “Traffic from definite targeted users was selectively redirected to attacker-controlled served malicious update manifests.” When victims were redirected, their app update could beryllium replaced pinch a malicious executable that, according to independent cybersecurity master Kevin Beaumont, whitethorn person fixed the hackers distant entree to a victim’s keyboard.
Don Ho’s station besides adds that the onslaught progressive “highly selective targeting” successful position of the victims it redirected distant from the morganatic Notepad++ website. Kevin Beaumont noted that the victims he said pinch “are [organizations] pinch interests successful East Asia.” So, while this is simply a superior information vulnerability, it’s imaginable that the hackers were engaged watching circumstantial group alternatively of conscionable anyone.
The developer did not specify erstwhile they became alert of the attack, but said that “all attacker entree was definitively terminated” by December 2nd. The Notepad++ updater has been updated itself pinch stronger information measures to cheque for tampering and verify that updates are legitimate.
Notepad++ users should make judge they are connected astatine slightest version 8.8.9, which addressed the vulnerabilities from the hijacking attack, and they should astir apt download that type directly from the Notepad++ website. Additionally, Kevin Beaumont suggested users double-check that they’re not utilizing an unofficial type of Notepad++, support a adjacent oculus connected activity from “gup.exe,” the app’s updater, and cheque for a suspicious “update.exe” aliases “AutoUpdater.exe” record successful their TEMP folder.
Notably, Don Ho, the developer of Notepad++, criticized the Chinese government successful a 2019 app update. He called that type the “Free Uyghur” edition, and told The Verge astatine the clip that his website had faced DDoS attacks successful response.
Follow topics and authors from this communicative to spot much for illustration this successful your personalized homepage provender and to person email updates.
.png "How Kv Caching Slashes Llm Inference Costs At Scale")
English (US) · 
Indonesian (ID) ·