Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by ...

The program is a free text and code editor that's been downloaded millions of times. The compromise began in June and is ...

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

In an alarming revelation, the popular text editor Notepad++ has confirmed that its update service was compromised in a targeted attack linked to state-sponsored cybercriminals. This incident sheds ...

State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious downloads since June 2025.

Notepad++ targeted and used to deliver poisoned updates to a select group of victims.

Attackers had specifically delivered malware to systems using the Notepad++ updater. Investigations point to state actors.

Notepad++ is a favorite of programmers and other power users, but its auto-update function was compromised for months in 2025 ...

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.

Notepad++ update servers were compromised for 6 months in 2025. Learn how the Chrysalis backdoor targeted users and why you must manually update to version 8.9.1 now.