I don't think "we" would have been impacted since this specifically targets the ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		locusofself 6 days ago \| parent \| context \| favorite \| on: Notepad++ hijacked by state-sponsored actors I don't think "we" would have been impacted since this specifically targets the updates, but recently Microsoft pulled Notepad++ from the list of apps we can use on our production management laptops. Some people were annoyed and whining about this. That predated this announcement by a few weeks. Probably the right move by the security folks.

hjoutfbkfd 6 days ago [–]

it was pulled because the binaries were self-signed for a short period, not because they knew something

who signed the binaries was irrelevant for this attack, because the issue was not checking any signature

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact