You might have version 8.8.1 or lower, however it might have tried to order update got the vulnerable package instead and then remained on the older version. I think even if you have the older version that’s not a sign that you weren’t compromised.
Fair point. I was assuming the malicious payload would come along with an update on order to hide, but it’s also possible that the malicious payload was delivered without any update to notepad++.
I’m not sure what you mean. The article states there were remote hands on keyboard noticed in multiple companies. That’s how the vulnerability was discovered.
What was the latest version before June 2025?
Looks like 8.8.1 was May 2025 https://notepad-plus-plus.org/news/v881-we-are-with-ukraine/
8.8.2 was June 2025 and has a warning to ignore “false positives” of malware in the update… Ouch. https://notepad-plus-plus.org/news/8.8.2-available-in-1-week-without-certificate/
You might have version 8.8.1 or lower, however it might have tried to order update got the vulnerable package instead and then remained on the older version. I think even if you have the older version that’s not a sign that you weren’t compromised.
Fair point. I was assuming the malicious payload would come along with an update on order to hide, but it’s also possible that the malicious payload was delivered without any update to notepad++.
I’ve not seen any IOCs published have you?
I’m not sure what you mean. The article states there were remote hands on keyboard noticed in multiple companies. That’s how the vulnerability was discovered.