The popular Notepad alternative was hijacked by bad actors for several months in 2025, but the latest update appears to solve ...

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by suspected China-state hackers who used their control to deliver backdoored ...

Notepad++ is a favorite of programmers and other power users, but its auto-update function was compromised for months in 2025 ...

The developer of the popular text editor Notepad++ said hackers associated with the Chinese government hijacked its software ...

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked ...

Notepad++'s updater usually pops up, but users can also prompt it by selecting the "?" dropdown in the taskbar. Christopher ...

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.

Rapid7 dropped a write-up on the Notepad++ update-chain abuse and - finally - it comes with real IOCs - update.exe downloaded ...

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

The program is a free text and code editor that's been downloaded millions of times. The compromise began in June and is ...

A Chinese-linked cyberespionage group targeted Notepad++'s update process to deploy malware. The attack from June to December 2025 selectively affected users, prompting investigations. Hosting ...

A months-long supply chain attack that affected the Notepad++ update process has been linked to a compromise of shared hosting infrastructure rather than a flaw in the software's code. This according ...