Threat Research

    Proxyware Disguised as Notepad++ Tool

    A malicious campaign is distributing proxyware disguised as a legitimate Notepad++ or cracked software installer through deceptive download sites and ads. In this proxyjacking attack, the malware secretly installs proxyware on victims’ systems to hijack their network bandwidth for profit....
    2/16/2026  0
    Read More »

    The Notepad++ Supply Chain Attack — Unnoticed Execution Chains and New IoCs

    The Notepad++ supply chain attack exploited a compromised update infrastructure to deliver malicious updates through multiple, constantly rotating execution chains, C2 servers, and payloads....
    2/4/2026  0
    Read More »

    Potential Notepad++ CVE-2025-49144 Exploitation

    Detects possible exploitation of CVE-2025-49144 — a local privilege escalation vulnerability affecting Notepad++ installers version 8.8.1 and earlier....
    7/7/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.