Breaking News – Cyber Threats (last 6h)
Generated: 2026-02-02 02:00 PST
- Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
The Hacker News • 2026-02-02 00:55 • thehackernews.com
The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility’s update mechanism to redirect update traffic to malicious servers instead.
“The attack involved [an] infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic destined for notepad-plus-plus.org,” developer Don Ho said. “The compromise occurred at the hosting
https://thehackernews.com/2026/02/notepad-official-update-mechanism.html - eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware
The Hacker News • 2026-02-01 21:47 • thehackernews.com
The update infrastructure for eScan antivirus, a security solution developed by Indian cybersecurity company MicroWorld Technologies, has been compromised by unknown attackers to deliver a persistent downloader to enterprise and consumer systems.
“Malicious updates were distributed through eScan’s legitimate update infrastructure, resulting in the deployment of multi-stage malware to enterprise
https://thehackernews.com/2026/02/escan-antivirus-update-servers.html - Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm
The Hacker News • 2026-02-01 21:04 • thehackernews.com
Cybersecurity researchers have disclosed details of a supply chain attack targeting the Open VSX Registry in which unidentified threat actors compromised a legitimate developer’s resources to push malicious updates to downstream users.
“On January 30, 2026, four established Open VSX extensions published by the oorzc author had malicious versions published to Open VSX that embed the GlassWorm
https://thehackernews.com/2026/02/open-vsx-supply-chain-attack-used.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
