The developer of Notepad++, the widely popular open-source text editor, has disclosed a significant security breach affecting its legacy update server. According to the report, hackers successfully compromised the server used throughout last year, allowing them to redirect a portion of user traffic to a malicious download server controlled by the attackers.
The Vulnerability: Shared Hosting Risks
The investigation revealed that the legacy server was running on a shared hosting environment, where multiple websites are hosted on a single physical machine. This configuration likely served as an entry point for the attackers. Security experts believe the campaign was orchestrated by a threat actor group identified by Rapid7 as "Chrysalis."