Dartraiden

**Name of the Vulnerable Software and Affected Versions** Notepad++ versions 8.8.3 and earlier **Description** Notepad++ version 8.8.3 contains a DLL hijacking flaw. This allows an attacker to replace original DLL files, such as `NppExport.dll`, with malicious versions, leading to arbitrary code execution. The attack occurs when a malicious DLL is placed in the plugin directory. The flaw could impact millions of users, with some reports indicating approximately 28 million potentially affected. A proof-of-concept exploit is publicly available. The vulnerability allows for local code execution, potentially enabling malware persistence across system reboots. The attacker can modify the application's behavior while maintaining its typical appearance to users. The malicious DLL executes in the background, allowing attackers to manipulate the system with the same permissions as the user running Notepad++. **Recommendations** Update to a patched version when available. As a temporary workaround, consider restricting write access to the Notepad++ plugin directory. Avoid downloading Notepad++ from unofficial sources.