Pierre-Yves Lapersonne@programming.devM to Opensource@programming.dev · 21 days agoNotepad++ hijacked by state-sponsored hackersnotepad-plus-plus.orgexternal-linkmessage-square5fedilinkarrow-up123arrow-down10 cross-posted to: [email protected][email protected][email protected][email protected][email protected][email protected][email protected]
arrow-up123arrow-down1external-linkNotepad++ hijacked by state-sponsored hackersnotepad-plus-plus.orgPierre-Yves Lapersonne@programming.devM to Opensource@programming.dev · 21 days agomessage-square5fedilink cross-posted to: [email protected][email protected][email protected][email protected][email protected][email protected][email protected]
minus-squareartyom@piefed.sociallinkfedilinkEnglisharrow-up5arrow-down2·21 days agoI’m so confused. It doesn’t say anything about “state-sponsored attackers” outside of the headline? What state? Why? Why is a Notepad app connecting to any servers or have credentials at all?
minus-squarevoracitude@lemmy.worldlinkfedilinkarrow-up6arrow-down1·edit-24 days agodeleted by creator
minus-squareDem Bosain@midwest.sociallinkfedilinkEnglisharrow-up1·21 days agoIt wasn’t specifically notepad++ code, but a custom-written updater. That’s why it was connecting to the internet.
minus-squarevillage604@adultswim.fanlinkfedilinkEnglisharrow-up2·21 days agoI mean, it is n++ code because the updater is part of the code base. They just didn’t have the connection to the update server hardened. This was patched in like December, though.
I’m so confused.
deleted by creator
It wasn’t specifically notepad++ code, but a custom-written updater. That’s why it was connecting to the internet.
I mean, it is n++ code because the updater is part of the code base. They just didn’t have the connection to the update server hardened.
This was patched in like December, though.