Notepad++ has patched a serious vulnerability that allowed hackers to hijack the popular code editor's update system. Security researcher Kevin Beaumont reported that Chinese threat actors exploited this flaw to target telecoms and financial services companies across East Asia in early December.
The attack worked by intercepting traffic between Notepad++ and its update servers, tricking users into downloading malicious files instead of legitimate updates. The vulnerability affected the WinGUp updater component, which failed to properly verify the authenticity of downloaded files.
Version 8.8.9 now includes signature verification to prevent fake updates from installing. However, experts believe the attacks required significant resources, possibly involving traffic hijacking at the internet service provider level.
Source: SecurityWeek