I'm out of the loop: How did they bypass Notepad++'s digital signatures? I just downloaded it to double-check, and the installer is signed with a valid code-signing certificate.
I'm out of the loop: How did they bypass Notepad++'s digital signatures? I just downloaded it to double-check, and the installer is signed with a valid code-signing certificate.
https://notepad-plus-plus.org/news/8.8.2-available-in-1-week...
Jeez, they didn't waste any time, did they? No more signing certificate in June, compromise in July
The updater doesn't check the certificate of the updated installer, it just executes whatever.