zlacker

[return to "Notepad++ hijacked by state-sponsored actors"]
1. OsrsNe+a2[view] [source] 2026-02-02 02:21:25
>>myster+(OP)
So the hosting provider was hacked? Who was their hosting provider?

This is also why update signatures should be validated against a different server; it would require hackers to control bother servers to go undetected

◧◩
2. techni+lk[view] [source] 2026-02-02 05:39:15
>>OsrsNe+a2
You can see this in their DNS history:

notepad-plus-plus.org currently has an A record of 95.128.42.184, owned by "Aqua Ray SAS".

It switched up from 191.101.104.10 and 212.1.212.49 on 17/1, which is are Hostinger IP addresses.

[go to top]