Notepad++ supply chain compromise and 7-Zip malware
Description
Summary
In this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant cybersecurity incidents involving Notepad++ and 7-Zip, highlighting the vulnerabilities in open-source software and the importance of enterprise software management. They emphasize the need for ad blockers, the challenges of identifying legitimate software downloads, and the necessity of implementing robust security measures in organizations.
----------------------------------------------------
YouTube Video Link: https://youtu.be/t6ERCYqFHFU
----------------------------------------------------
Documentation:
https://arstechnica.com/security/2026/02/notepad-updater-was-compromised-for-6-months-in-supply-chain-attack/
https://www.rapid7.com/blog/post/tr-chrysalis-backdoor-dive-into-lotus-blossoms-toolkit/
https://msendpointmgr.com/2025/10/04/taming-browser-extensions-with-intune/
https://www.malwarebytes.com/blog/threat-intel/2026/02/fake-7-zip-downloads-are-turning-home-pcs-into-proxy-nodes
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
United States
