Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by ...

The program is a free text and code editor that's been downloaded millions of times. The compromise began in June and is ...

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

In an alarming revelation, the popular text editor Notepad++ has confirmed that its update service was compromised in a targeted attack linked to state-sponsored cybercriminals. This incident sheds ...

State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious downloads since June 2025.

Notepad++ targeted and used to deliver poisoned updates to a select group of victims.

Chinese state-sponsored hackers are suspected of compromising Notepad++ update infrastructure in a hosting-level breach and selectively infecting users with malware.

The popular Notepad alternative was hijacked by bad actors for several months in 2025, but the latest update appears to solve the issue.

Attackers had specifically delivered malware to systems using the Notepad++ updater. Investigations point to state actors.

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.

Notepad++ update servers were compromised for 6 months in 2025. Learn how the Chrysalis backdoor targeted users and why you must manually update to version 8.9.1 now.