Notepad++ released version 8.8.9 in December, which checks digital signatures and certificates before installing any updates.

Notepad++, one of Windows' most widely used text editors, has confirmed a major security breach after its update infrastructure was compromised for nearly six months. Developers say suspected China ...

Some Notepad++ users were redirected to malicious servers last year. Now, its developer says they were targeted by Chinese ...

A software update mechanism for the popular text editor Notepad++ was hijacked by suspected Chinese state-sponsored hackers, allowing them to silently redirect some users to malicious update servers, ...

The Notepad++ project yesterday disclosed that its update server was covertly hijacked in a targeted supply chain attack that began in June 2025, ...

The hosting provider's compromise allowed attackers to deliver malware through tainted software updates for six months.

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked updates, fixed in v8.8.9 ...

Notepad++ says its update system was reportedly hijacked for months in a targeted cyber campaign linked to suspected Chinese ...

The developer did not specify when they became aware of the attack, but said that “all attacker access was definitively terminated” by December 2nd. The Notepad++ updater has been updated itself with ...

The group targets telecoms, critical infrastructure - all the usual high-value orgs Security researchers have attributed the ...

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

The developer of the popular text editor Notepad++ said hackers associated with the Chinese government hijacked its software ...