Trojanized Installers

Notepad++ Confirms Hosting-Level Update Hijack as Rapid7 Ties Operation to China’s Lotus Blossom

The operation exploited access at the former shared host to selectively redirect updater traffic to rogue servers.