This article provides a comprehensive analysis of the Shai Hulud 2.0 supply chain attack, detailing the compromised code libraries and the extent of the breaches. It also lists tools and methods for detecting and mitigating the impact of these attacks, emphasizing the importance of version pinning and runtime monitoring.

The article details a supply chain attack on Notepad++, where attackers compromised the update infrastructure between June and September 2025. It outlines various infection chains, unique payloads, and the methods used to gather system information and install malicious software. Kaspersky's solutions successfully blocked these attacks as they unfolded.