Pierre-Yves Lapersonne@programming.devM to Opensource@programming.dev · 2 months agoNotepad++ hijacked by state-sponsored hackersnotepad-plus-plus.orgexternal-linkmessage-square5linkfedilinkarrow-up11arrow-down10 cross-posted to: [email protected][email protected][email protected][email protected][email protected][email protected][email protected]
arrow-up11arrow-down1external-linkNotepad++ hijacked by state-sponsored hackersnotepad-plus-plus.orgPierre-Yves Lapersonne@programming.devM to Opensource@programming.dev · 2 months agomessage-square5linkfedilink cross-posted to: [email protected][email protected][email protected][email protected][email protected][email protected][email protected]
minus-squareartyom@piefed.sociallinkfedilinkEnglisharrow-up0·2 months agoI’m so confused. It doesn’t say anything about “state-sponsored attackers” outside of the headline? What state? Why? Why is a Notepad app connecting to any servers or have credentials at all?
minus-squareDem Bosain@midwest.sociallinkfedilinkEnglisharrow-up0·2 months agoIt wasn’t specifically notepad++ code, but a custom-written updater. That’s why it was connecting to the internet.
minus-squarevillage604@adultswim.fanlinkfedilinkEnglisharrow-up0·2 months agoI mean, it is n++ code because the updater is part of the code base. They just didn’t have the connection to the update server hardened. This was patched in like December, though.
I’m so confused.
deleted by creator
It wasn’t specifically notepad++ code, but a custom-written updater. That’s why it was connecting to the internet.
I mean, it is n++ code because the updater is part of the code base. They just didn’t have the connection to the update server hardened.
This was patched in like December, though.