> a library used by Notepad++ was compromised for a period of time
Nothing at the referenced URL corroborates how you are representing the referenced URL.
According to the URL, the CIA was replacing one of Notepad++'s components w/ another in order to run code on the user's system and stay hidden. Nothing in that links indicates that that replacement is done through any breach in security in Notepad++ itself, and AFAICT, they're using it merely as a good hiding place. The Notepad++ announcement fixes no particular bugs, but merely signs the code.
Nothing at the referenced URL corroborates how you are representing the referenced URL.
According to the URL, the CIA was replacing one of Notepad++'s components w/ another in order to run code on the user's system and stay hidden. Nothing in that links indicates that that replacement is done through any breach in security in Notepad++ itself, and AFAICT, they're using it merely as a good hiding place. The Notepad++ announcement fixes no particular bugs, but merely signs the code.
"It rather involved being on the other side of this airtight hatchway": https://devblogs.microsoft.com/oldnewthing/20060508-22/?p=31...
I'd also say that the CIA is probably not within the threat model of most companies. (If they had one.)