The Next Web

LinkedIn is secretly scanning your browser for 6,000 extensions, and you weren’t told

LinkedIn runs a hidden JavaScript script called Spectroscopy that silently probes over 6,000 Chrome extensions and collects ...

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google patches 21 Chrome vulnerabilities, including an actively exploited zero-day flaw that could enable code execution and ...
TWCN Tech News

How to enable Search Results window in Notepad++

To enable or use the search results window in Notepad++, you can use the Find All feature window. The window is not a feature you toggle on in the settings. It is a results panel that only appears ...
heise online

Notepad++: Security update against code smuggling vulnerability

Notepad++ has been released in version 8.9.2. The new version improves security mechanisms and closes a highly risky security vulnerability through which attackers can execute arbitrary code. In the ...
CSOonline

Notepad++ author says fixes make update mechanism ‘effectively unexploitable’

The recently compromised update mechanism for the popular open source text editor Notepad ++ has been hardened so it’s now ‘effectively unexploitable’, says the application’s author. Don Ho made the ...
Bleeping Computer

Notepad++ boosts update security with ‘double-lock’ mechanism

Notepad++ has adopted a “double-lock” design for its update mechanism to address recently exploited security gaps that resulted in a supply-chain compromise. The new mechanism landed in Notepad++ ...
PC World

Windows Notepad is now complex enough to have a serious security flaw

PCWorld reports that Windows Notepad’s new Markdown support feature has introduced a serious remote code execution vulnerability with a high CVSS score of 8.8/7.7. The security flaw allows malicious ...
telecom.economictimes.indiatimes

Popular open-source coding application targeted in Chinese-linked supply-chain attack

A Chinese-linked cyberespionage group with a long history hijacked ⁠the update process for the popular code editing platform Notepad++ to deliver a custom backdoor and other malware to targeted users, ...
techtimes

Notepad++ Hack Reveals Six-Month Backdoor Breach Targeting Millions of Users

Notepad++, one of Windows' most widely used text editors, has confirmed a major security breach after its update infrastructure was compromised for nearly six months. Developers say suspected China ...
Engadget

Notepad++ says it was hijacked by Chinese state-sponsored hackers

Last year, the creator of Notepad++ rolled out an update for the text and source code editor after security experts reported that bad actors were hijacking its update mechanism to redirect traffic to ...
TweakTown

Notepad++ hack detailed - and what to do if you think you might be affected

TL;DR: Notepad++ was compromised for six months, but it wasn't the software itself which the exploit leveraged, but its hosting provider. An investigation into the attack has just been concluded with ...
CSOonline

Notepad++ infrastructure hijacked by Chinese APT in sophisticated supply chain attack

The popular open-source text editor Notepad++ was targeted in a sophisticated supply chain attack that allowed Chinese state-sponsored hackers to deliver malware through compromised software updates, ...