Notepad++ has confirmed it was the victim of a highly targeted and sophisticated cyberattack, most likely conducted by a ...

The hosting provider's compromise allowed attackers to deliver malware through tainted software updates for six months.

Suspected Chinese state-backed hackers reportedly hijacked Notepad++'s update system for months, targeting select users and redirecting them to malicious servers.

Notepad++ has been compromised in a sophisticated nation-state cyberattack. Learn about the security breach, the ...

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked ...

Don Ho, the developer of Notepad++, says 'malicious actors' had targeted the update process for 'certain targeted users' beginning in June 2025 ...

The developer did not specify when they became aware of the attack, but said that “all attacker access was definitively ...

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

A Chinese-linked cyberespionage group targeted Notepad++'s update process to deploy malware. The attack from June to December 2025 selectively affected users, prompting investigations. Hosting ...

A Chinese-linked cyberespionage group named Lotus Blossom hijacked the update process of Notepad++ to target specific users. Gaining access in June 2025, they maintained control until December that ...

Rapid7 dropped a write-up on the Notepad++ update-chain abuse and - finally - it comes with real IOCs - update.exe downloaded ...

The program is a free text and code editor that's been downloaded millions of times. The compromise began in June and is ...