At least one user of Notepad++
December 12, 2025
•[ vulnerability, supply chain attack, software update attack ]
PCGuia reported that a critical vulnerability in Notepad++s automatic update mechanism was actively exploited, allowing attackers to intercept update traffic and distribute compromised/malicious versions of the software to users of versions prior to 8.8.9. The article states developers urged users to avoid the built-in updater and instead manually download the installer from the official site or trusted repositories. It also cites reporting that several organizations suffered serious breaches shortly after updating, and notes that the mitigations in version 8.8.9 included forcing the update URL to GitHub and improvements related to certificate/signature verification. The specific attacker identity, the full list of affected downstream organizations, and whether any sensitive data was exfiltrated from victims are not detailed in the article.
Undisclosed private company in Granada
May 1, 2025
•[ malware, man-in-the-middle ]
Approximately 13,000 was stolen after malware infected the email account of a private company in Granada, Spain, allowing attackers to monitor correspondence and alter supplier payment instructions. Six individuals were arrested in Spain in connection with the man-in-the-middle fraud.
