https://cybernews.com/security/hackers-exploit-vulnerability-in-notepad-plus-plus-updater/>Security researcher Kevin Beaumont previously reported that at least three organizations in East Asia had been compromised via a common attack vector – Notepad++ installations.>Don Ho, the creator and maintainer of Notepad++, acknowledged the vulnerability and released an updated version of Notepad++.>“According to the investigation, traffic from WinGUp (the Notepad++ updater) was occasionally redirected to malicious servers, resulting in the download of compromised executables,” the Notepad++ advisory reads.>The maintainer identified a weakness in the updater's validation of the integrity and authenticity of downloaded update files.>Attackers, who can intercept network traffic between the updater client and the Notepad++ update server, were likely exploiting this flaw to trick the updater into downloading and running malicious executables, instead of legitimate updates.>Beaumont explained that Notepad++’s updater sends the current app version in use to the update service, which in turn provides an XML file containing a download URL for the update. It is likely that hackers were able to redirect the traffic to a malicious location by changing the URL in the file.>Earlier app versions used self-signed root certificates, and anti-tampering protection might not have been robust enough.
>>107512215i don't get it, how did the attackers "intercept network traffic between the updater client and the Notepad++ update server"? isn't it going over TLS?
>>107512215>starts virtue signaling>software shits the bedmany such cases
>>107512296you expect a nonbinary leftard vibecoder to implement basic security measures?
