Notepad++ supply chain compromise and 7-Zip malware
Show notes
Summary
In this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant cybersecurity incidents involving Notepad++ and 7-Zip, highlighting the vulnerabilities in open-source software and the importance of enterprise software management. They emphasize the need for ad blockers, the challenges of identifying legitimate software downloads, and the necessity of implementing robust security measures in organizations.
----------------------------------------------------
YouTube Video Link: https://youtu.be/t6ERCYqFHFU
----------------------------------------------------
Documentation:
https://arstechnica.com/security/2026/02/notepad-updater-was-compromised-for-6-months-in-supply-chain-attack/
https://www.rapid7.com/blog/post/tr-chrysalis-backdoor-dive-into-lotus-blossoms-toolkit/
https://msendpointmgr.com/2025/10/04/taming-browser-extensions-with-intune/
https://www.malwarebytes.com/blog/threat-intel/2026/02/fake-7-zip-downloads-are-turning-home-pcs-into-proxy-nodes
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]
← Previous
Do we need phishing sims & Upcoming Intune changes
Next →
Notepad++ supply chain compromise and 7-Zip malware