Daniel Gordon
LightNews LightNews
validhorizon.bsky.social
Daniel Gordon
@validhorizon.bsky.social
3.3K followers 200 following 690 posts
Thought Trailer, Cyber Threat Intel, DFIR. He/Him. Bucketing, sharing, and bacon-saving as a service. https://validhorizon.medium.com/
Posts Replies Media Videos
validhorizon.bsky.social
securelist.com/notepad-supp...
The Notepad++ supply chain attack – unnoticed execution chains and new IoCs
Kaspersky GReAT experts discovered previously undocumented infection chains used in the Notepad++ supply chain attacks. The article provides new IoCs related to those incidents which employ DLL sidelo...
securelist.com
February 3, 2026 at 2:32 PM
validhorizon.bsky.social
The bypassed security feature is control over your device.
February 3, 2026 at 12:41 PM
validhorizon.bsky.social
Sounds like it’s time to start up your North Korean laptop farm
February 2, 2026 at 9:47 PM
validhorizon.bsky.social
Backdoor apparently delivered by the Notepad++ activity and attribution to LotusBlossom aka APT30 or “Raspberry Typhoon” in case people were thinking about what would happen if it was conducted by a slushy.

www.rapid7.com/blog/post/tr...
The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit
Rapid7 Labs, together with the Rapid7 MDR team, has uncovered a sophisticated campaign attributed to the Chinese APT group Lotus Blossom.
www.rapid7.com
February 2, 2026 at 4:49 PM
validhorizon.bsky.social
💯
February 2, 2026 at 1:36 PM
validhorizon.bsky.social
bsky.app/profile/vali...
validhorizon.bsky.social Daniel Gordon @validhorizon.bsky.social · 5d
Targeted activity despite the widespread potential access from Notepad++ huge user base.

Additional details:
community.notepad-plus-plus.org/topic/27212/...

doublepulsar.com/small-number...
February 2, 2026 at 1:14 PM
validhorizon.bsky.social
😂 This statement by Hitachi is really something. “Don’t pay attention to our devices shipping with a universal default password or that nobody in OT environments performs updates, this is definitely the customer’s fault!” bsky.app/profile/rago...
ragolsec.com Olli Rajala @ragolsec.com · 8d
Hitachi Energy also released a statement, as their devices were targeted.

tl;dr; security settings were not configured properly
Hitachi Energy Publisher
publisher.hitachienergy.com
January 30, 2026 at 2:26 PM
validhorizon.bsky.social
Been a while since we had a public APT attribution drama but here we go!

bsky.app/profile/eset...
esetresearch.bsky.social ESET Research @esetresearch.bsky.social · 8d
#BREAKING #ESETresearch provides technical details on #DynoWiper, a data‑wiping malware used in a data‑destruction incident on December 29, 2025, affecting a company in Poland’s energy sector. www.welivesecurity.com/en/eset-rese... 1/5
www.welivesecurity.com
January 30, 2026 at 12:13 PM
validhorizon.bsky.social
😂💯
January 29, 2026 at 6:43 PM
validhorizon.bsky.social
a little girl is asking why not both while standing in a kitchen .
ALT: a little girl is asking why not both while standing in a kitchen .
media.tenor.com
January 26, 2026 at 12:24 PM
validhorizon.bsky.social
I was just going to say “It depends” but this works
January 22, 2026 at 11:18 PM