zlacker

[parent] [thread] 1 comments
1. locuso+(OP)[view] [source] 2026-02-02 05:12:06
I don't think "we" would have been impacted since this specifically targets the updates, but recently Microsoft pulled Notepad++ from the list of apps we can use on our production management laptops. Some people were annoyed and whining about this. That predated this announcement by a few weeks. Probably the right move by the security folks.
replies(1): >>hjoutf+gc
2. hjoutf+gc[view] [source] 2026-02-02 07:35:03
>>locuso+(OP)
it was pulled because the binaries were self-signed for a short period, not because they knew something

who signed the binaries was irrelevant for this attack, because the issue was not checking any signature

[go to top]