The maintainer of the popular text editor Notepad++, Don Ho, has reported a sophisticated infrastructure-level compromise targeting the application's update mechanism. State-sponsored threat actors successfully hijacked the update traffic by compromising the hosting environment, allowing them to redirect legitimate update requests to malicious servers controlled by the attackers.
This supply chain attack highlights the ongoing risks associated with software distribution channels. By intercepting traffic destined for the official domain, the attackers were positioned to deliver malicious payloads under the guise of legitimate software updates.
Top comments (0)