State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

Last year, the creator of Notepad++ rolled out an update for the text and source code editor after security experts reported ...

By AJ Vicens Feb 2 (Reuters) - A Chinese-linked cyberespionage group with a long history hijacked the update process for the ...

Notepad++ has been compromised in a sophisticated nation-state cyberattack. Learn about the security breach, the ...

Rapid7 dropped a write-up on the Notepad++ update-chain abuse and - finally - it comes with real IOCs - update.exe downloaded ...

Suspected Chinese state-backed hackers reportedly hijacked Notepad++'s update system for months, targeting select users and ...

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

The hosting provider's compromise allowed attackers to deliver malware through tainted software updates for six months.

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.

The attacks came from a third-party and not from the Notepad++ team.

A months-long supply chain attack that affected the Notepad++ update process has been linked to a compromise of shared hosting infrastructure rather than a flaw in the software's code. This according ...

Notepad++ update servers were compromised for 6 months in 2025. Learn how the Chrysalis backdoor targeted users and why you must manually update to version 8.9.1 now.