zlacker

[return to "Notepad++ supply chain attack breakdown"]
1. troad+P8[view] [source] 2026-02-03 23:25:32
>>natebc+(OP)
It now seems to be best practice to simultaneously keep things updated (to avoid newly discovered vulnerabilities), but also not update them too much (to avoid supply chain attacks). Honestly not sure how I'm meant to action those at the same time.
◧◩
2. _carby+3f[view] [source] 2026-02-03 23:57:59
>>troad+P8
I imagine that it depends on the use case.

Using notepad++ (or whatever other program) in a manner that deals with internet content a lot - then updating is the thing.

Using these tools in a trusted space (local files/network only) : then don't update unless it needs to be different to do what you want.

For many people, something in between because new files/network-tech comes and goes from the internet. So, update occasionally...

[go to top]