Last year, the creator of Notepad++ rolled out an update for the text and source code editor after security experts reported ...

State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious downloads since June 2025.

The hosting provider's compromise allowed attackers to deliver malware through tainted software updates for six months.

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked updates, fixed in v8.8.9 ...

Don Ho, the French-based ‌developer of Notepad++, said in a blog posted to the project’s website on Monday that “malicious ...

Attackers had specifically delivered malware to systems using the Notepad++ updater. Investigations point to state actors.

Notepad++ released version 8.8.9 in December, which checks digital signatures and certificates before installing any updates.

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...

A months-long supply chain attack that affected the Notepad++ update process has been linked to a compromise of shared hosting infrastructure rather than a flaw in the software's code. This according ...

Notepad++ targeted and used to deliver poisoned updates to a select group of victims.

Notepad++ users faced a serious threat as Chinese state-sponsored hackers compromised update servers for half of 2025, ...