Nation-State Actors Exploit Notepad++ Supply Chain

A state-sponsored threat group known as Lotus Blossom compromised the official hosting infrastructure for Notepad++ between June and December 2025. The attackers hijacked traffic to the update server, allowing them to selectively target specific users, primarily in Southeast Asia across government, telecommunications and critical infrastructure sectors. Two infection chains were identified - one using Lua script injection to deliver Cobalt Strike and another using DLL side-loading to deploy a Chrysalis backdoor. The campaign affected additional sectors in South America, US, Europe and Southeast Asia including cloud hosting, energy, financial, government, manufacturing and software development. The sophisticated supply chain attack leveraged insufficient verification controls in older versions of the Notepad++ updater.

Pulse ID: 699329ab4cfd86feb5b85024
Pulse Link: https://otx.alienvault.com/pulse/699329ab4cfd86feb5b85024
Pulse Author: AlienVault
Created: 2026-02-16 14:28:59

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Asia #BackDoor #Cloud #CobaltStrike #CyberSecurity #Europe #Government #InfoSec #LUA #Manufacturing #Notepad #OTX #OpenThreatExchange #SouthAmerica #SupplyChain #Telecom #Telecommunication #bot #AlienVault

Nation-State Actors Exploit Notepad++ Supply Chain

Between June and December 2025, state-sponsored threat group Lotus Blossom compromised the hosting infrastructure for Notepad++, allowing them to intercept and redirect update traffic. This enabled selective targeting of users primarily in Southeast Asian government, telecommunications and critical infrastructure sectors. Two infection chains were identified - one using Lua script injection to deliver Cobalt Strike and another using DLL side-loading for a Chrysalis backdoor. The campaign affected additional sectors across South America, US, Europe and Southeast Asia including cloud hosting, energy, financial, government, manufacturing and software development. The attack exploited insufficient verification in older versions of the Notepad++ updater to serve malicious installers to targeted victims.

Pulse ID: 698d2ac3b38a12b4cb5a2723
Pulse Link: https://otx.alienvault.com/pulse/698d2ac3b38a12b4cb5a2723
Pulse Author: AlienVault
Created: 2026-02-12 01:20:03

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Asia #BackDoor #Cloud #CobaltStrike #CyberSecurity #Europe #Government #InfoSec #LUA #Manufacturing #Notepad #OTX #OpenThreatExchange #RCE #SouthAmerica #SupplyChain #Telecom #Telecommunication #bot #AlienVault

Telecommunications engineer PR path

including ANZSCO codes, EA skills assessment, visa options

#telecommunication #engineer #australiapr

https://cdraustraliaengineer.com/blog/telecommunications-engineer-pr-path/

»"All #satellite #constellations, when they're combined, will not do anything other than [make] a little dent in the global demand for connectivity," he said. "They're going to do fine business at the prices they're charging, but they're not going to serve billions of people. #Space isn't all that scalable. They're going to serve millions of people."«

https://www.space.com/space-exploration/satellites/internet-from-stratosphere-could-replace-starlink

🤔💭

#tech #telecommunication #leo #Starlink

Writing Prompt: Why do (or did) you listen to Shortwave?

How did you get to listen to shortwave radio? And why do you still listen (if you do)?

Is it because the internet isn’t reliable? Or because no bad guy will take your radio away, because it has become too cheap by now, and nobody cares to steal or to pawn it?

Don’t laugh, it did happen in the past.

#broadcasting #foreignRadio #shortwave #telecommunication #国际广播

Mein Arbeitgeber will mal wieder den Standort in München schließen… trotz guter Argumente dafür, hier zu bleiben… Wollen wohl lieber Geld von Trump einstreichen… eine Petition zum Technologiestandort Europa richtet sich dagegen… wer mag, kann gerne unterzeichnen und diesen Post weiter teilen… Danke! 🙏 #Nokia #München #HighTech #Telecommunication

PS: Nokia‘s Hauptgeschäftsfeld ist inzwischen Mobilfunknetzwerktechnologie, nicht Handies… 😉

http://openpetition.eu/!fdyvf

Reminder for the coming dark years, if running any kind of #telecommunication service:

"Do not comply in advance" also holds for implementing #ChatControl.

Should it get passed, it cannot, and will not be the end of the fight. It will be a new round.

Extended my mobile contract and received a new SIM card, which I installed this evening. It's a 5G card, the way into the future, we are told.

The verification took so long my partner called a neighbour to come and ring at my door and see whether I was still alive, as they couldn't reach me.

Verification of my new 5G card complete, and the little sign at the top says 4G. So that was worth it, wasn't it.

#life #mobilephone #cellphone #telecommunication #vodafone #CustomerService