Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by ...

The developer did not specify when they became aware of the attack, but said that “all attacker access was definitively ...

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

Notepad++ is a favorite of programmers and other power users, but its auto-update function was compromised for months in 2025 ...

Notepad++ faced a security breach last year, with reports of updates being compromised by suspected Chinese hackers for a six-month period. The developer has since addressed and fixed the ...

Trust, not tech, is Microsoft’s AI challenge, according to what people are saying on Reddit and elsewhere.

Chinese state-sponsored hackers are suspected of compromising Notepad++ update infrastructure in a hosting-level breach and selectively infecting users with malware.

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked ...

State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious ...

A Chinese-linked cyberespionage group named Lotus Blossom hijacked the update process of Notepad++ to target specific users. Gaining access in June 2025, they maintained control until December that ...

A months-long supply chain attack that affected the Notepad++ update process has been linked to a compromise of shared hosting infrastructure rather than a flaw in the software's code. This according ...

Attackers had specifically delivered malware to systems using the Notepad++ updater. Investigations point to state actors.