Notepad++ updates got hijacked for months and could have spied for China

The developer did not specify when they became aware of the attack, but said that “all attacker access was definitively terminated” by December 2nd. The Notepad++ updater has been updated itself with ...
PCMag on MSN

Chinese hackers hit Notepad++ to serve malicious update

The program is a free text and code editor that's been downloaded millions of times. The compromise began in June and is ...

Notepad++ update service hijacked in targeted state-linked attack

Breach lingered for months before stronger signature checks shut the door A state-sponsored cyber criminal compromised Notepad++'s update service in 2025, according to the project's author.… The ...
OSTechNix

Notepad++ Supply Chain Attack: Is Your Version Secure?

Notepad++ update servers were compromised for 6 months in 2025. Learn how the Chrysalis backdoor targeted users and why you must manually update to version 8.9.1 now.