Notepad++ have released a new version to fix the auto update process being hijacked https://notepad-plus-plus.org/news/v889-released/ I reported the vulnerability, it is being hijacked by threat actors in China. https://doublepulsar.com/small-numbers-of-notepad-users-reporting-security-woes-371d7a3fd2d9

There’s one very crucial detail about the ‘react2shell’ stuff and the level of threat it does or doesn’t pose, which I’ve decided to sit on while the entire industry sets itself on fire about it.

If you're into reverse engineering malware, this might tickle your fancy: a511be5164dc1122fb5a7daa3eef9467e43d8458425b15a640235796006590c9 Entry via a supply chain attack, sideloads off a legit AV product, remote access trojan, drops FatBeehive. #threatintel