Notepad++ updates got hijacked for months and could have spied for China

The developer did not specify when they became aware of the attack, but said that “all attacker access was definitively ...
The Hacker News

Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious ...

Hijacked Notepad++ updater quietly targeted users for months

Notepad++ is a favorite of programmers and other power users, but its auto-update function was compromised for months in 2025 ...
SecurityWeek

Notepad++ Supply Chain Hack Conducted by China via Hosting Provider

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...

Notepad++ update feature hijacked by Chinese state hackers for months

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.
PCMag

Chinese Hackers Hit Notepad++ to Serve Malicious Update

The program is a free text and code editor that's been downloaded millions of times. The compromise began in June and is ...