Notepad++ reported that its built-in auto-update feature had been hijacked by Chinese state-sponsored hackers from June to September of 2025, and the credentials gathered by the bas actors enabled ...

A state-sponsored cyber criminal compromised Notepad++'s update service in 2025, according to the project's author.… The admission comes after version 8.8.9 of the text editor was released on December ...

In light of the recent compromise of Notepad++'s update mechanisms, it is worth examining a common pattern in enterprise environments: the belief that using an application’s internal update mechanisms ...

A likely China-sponsored threat actor hijacked Notepad++'s software update mechanism and quietly redirected targeted users of the popular source code editor to malicious downloads for nearly six ...

The developer of the popular open source text editor Notepad++ has confirmed that hackers hijacked the software to deliver malicious updates to users over the course of several months in 2025. In a ...

The recently compromised update mechanism for the popular open source text editor Notepad ++ has been hardened so it’s now ‘effectively unexploitable’, says the application’s author. Don Ho made the ...