Upstream infrastructure was compromised. Implying it’s a fault with Notepad++ fault is disingenuous. What OSS maintainer is going to think, “I need to pick a hosting provider that’s not going to get hacked by the Chinese government”? Unless your favorite editor is being hosted on infrastructure hardened against state level hackers, it’s not any better.
Upstream infrastructure was compromised. Implying it’s a fault with Notepad++ fault is disingenuous. What OSS maintainer is going to think, “I need to pick a hosting provider that’s not going to get hacked by the Chinese government”? Unless your favorite editor is being hosted on infrastructure hardened against state level hackers, it’s not any better.
Did you not read the part about n++ not changing/rotating credentials? I think there’s enough blame to go around.