Last year, the creator of Notepad++ rolled out an update for the text and source code editor after security experts reported that bad actors were hijacking its update mechanism to redirect traffic to ...

TL;DR: Notepad++ was compromised for six months, but it wasn't the software itself which the exploit leveraged, but its hosting provider. An investigation into the attack has just been concluded with ...

The app’s servers were compromised from June through December 2025. The app’s servers were compromised from June through December 2025. is a news writer covering all things consumer tech. Stevie ...

The developer of the popular open source text editor Notepad++ has confirmed that hackers hijacked the software to deliver malicious updates to users over the course of several months in 2025. In a ...

PCWorld reports that Notepad++’s WinGUp update system was compromised between June and December 2025, delivering malware through corrupted executables to targeted users. While the popular text editor ...

A state-sponsored cyber criminal compromised Notepad++'s update service in 2025, according to the project's author. The admission comes after version 8.8.9 of the text editor was released on December ...

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by suspected China-state hackers who used their control to deliver backdoored ...

The likely state-sponsored threat actor had access to the hosting provider for months and targeted only certain Notepad++ customers. Notepad++ on Monday shared additional details on the supply chain ...

The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility's update mechanism to redirect update traffic to malicious servers instead. "The attack involved [an] ...

Chinese state-sponsored hackers compromised Notepad++ update infrastructure at the hosting provider level, not through vulnerabilities in the app's code itself. The espionage campaign ran from June to ...

A likely China-sponsored threat actor hijacked Notepad++'s software update mechanism and quietly redirected targeted users of the popular source code editor to malicious downloads for nearly six ...