Software Security

Featured post

The XcodeGhost Incident — The Day Apple’s Developer Tools Distributed Malware

In 2015, identical malicious code was found in multiple iOS apps on the App Store. The cause was not a library, but a tampered Xcode tool. Developers unknowingly built and shipped infected apps, making XcodeGhost a key example of a developer tool supply chain attack.

Latest posts

2026.03.21 15 min read ⚙ Essays 📚 Hackers Targeting Developer Tools Supply Chain Attack Software Security Developer Tools

Why Attacking Developer Tools Means Attacking the World — Why Supply Chain Attacks Target IDEs and Editors

The Notepad++ incident was not just an editor hack. Developer tools are the starting point of software creation, and compromising them can impact countless users. This article explains why IDEs and editors are prime supply chain targets, with insights from XcodeGhost and SolarWinds.

2026.03.21 17 min read ⚙ Essays 📚 Hackers Targeting Developer Tools Supply Chain Attack Software Security Developer Tools

The Notepad++ Hack — It Was the “Update,” Not the Program, That Was Attacked

The Notepad++ incident was not a direct program compromise but an attack on its update supply chain. This article analyzes how update systems, distribution infrastructure, and developer tools become key targets in modern cyberattacks.

2026.03.21 4 min read ⚙ Essays 📚 Hackers Targeting Developer Tools Software Security Supply Chain Security Developer Tools

Hackers Targeting Developer Tools — Why Supply Chain Attacks Focus on IDEs and Editors

In recent years, attackers have shifted from program vulnerabilities to the software supply chain. Developer tools like text editors and IDEs are now key targets. This article explores why they focus on these tools and why such attacks are dangerous, with real-world examples.