A quiet compromise of a popular open-source coding editor has turned into one of the most unsettling software supply-chain ...

State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious downloads since June 2025.

By AJ Vicens Feb 2 (Reuters) - A Chinese-linked cyberespionage group with a long history hijacked the update process for the ...

Suspected Chinese state-backed hackers reportedly hijacked Notepad++'s update system for months, targeting select users and ...

Notepad++ has been compromised in a sophisticated nation-state cyberattack. Learn about the security breach, the ...

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...

Rapid7 dropped a write-up on the Notepad++ update-chain abuse and - finally - it comes with real IOCs - update.exe downloaded ...

The hosting provider's compromise allowed attackers to deliver malware through tainted software updates for six months.

The program is a free text and code editor that's been downloaded millions of times. The compromise began in June and is ...

Notepad++'s updater usually pops up, but users can also prompt it by selecting the "?" dropdown in the taskbar. Christopher ...

A months-long supply chain attack that affected the Notepad++ update process has been linked to a compromise of shared hosting infrastructure rather than a flaw in the software's code. This according ...