zlacker

[return to "Notepad++ hijacked by state-sponsored actors"]
1. jmole+12[view] [source] 2026-02-02 02:20:10
>>myster+(OP)
i always worry about tools like this, maintained by small teams, that are so universal that even if only a small fraction of installs are somehow co-opted by malicious actors, you have a wide open attack surface on most tech companies.

e.g. iTerm, Cyberduck, editors of all shades, various VSCode extensions, etc.

◧◩
2. hsbaua+Y2[view] [source] 2026-02-02 02:29:13
>>jmole+12
If you think large companies are somehow immune to this, you’re gonna have a bad time.
◧◩◪
3. Araina+q3[view] [source] 2026-02-02 02:34:11
>>hsbaua+Y2
It's not a matter of "immune" - larger organizations generally have more resources to allocate to things like this. That doesn't mean they get it right 100% of the time, but they are at least able to try, while small teams or volunteer projects often simply don't have the hours to spend on things like this.
[go to top]