Luthair writes: Notepad++ claims to have been targeted by a state actor, given their previous stance on Uyghurs one can speculate about a candidate. Notepad++, in a blog post: According to the analysis provided by the security experts, the attack involved infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic destined for notepad-plus-plus.org. The exact technical mechanism remains under investigation, though the compromise occurred at the hosting provider level rather than through vulnerabilities in Notepad++ code itself. Traffic from certain targeted users was selectively redirected to attacker-controlled served malicious update manifests.
Read more of this story at Slashdot.