Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by ...

The program is a free text and code editor that's been downloaded millions of times. The compromise began in June and is ...

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

In an alarming revelation, the popular text editor Notepad++ has confirmed that its update service was compromised in a targeted attack linked to state-sponsored cybercriminals. This incident sheds ...

Notepad++ targeted and used to deliver poisoned updates to a select group of victims.

State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious downloads since June 2025.

The popular Notepad alternative was hijacked by bad actors for several months in 2025, but the latest update appears to solve the issue.

Attackers had specifically delivered malware to systems using the Notepad++ updater. Investigations point to state actors.

Notepad++ is a favorite of programmers and other power users, but its auto-update function was compromised for months in 2025 ...

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.