Last year, the creator of Notepad++ rolled out an update for the text and source code editor after security experts reported ...

The hosting provider's compromise allowed attackers to deliver malware through tainted software updates for six months.

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked ...

State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious downloads since June 2025.

Don Ho, the French-based ‌developer of Notepad++, said in a blog posted to the project’s website on Monday that “malicious ...

Attackers had specifically delivered malware to systems using the Notepad++ updater. Investigations point to state actors.

The bait incudes plausible subject lines and credible messages, most likely thanks to attackers' use of large language models ...

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...

A software update mechanism for the popular text editor Notepad++ was hijacked by suspected Chinese state-sponsored hackers, allowing them to silently redirect some users to malicious update servers, ...

Notepad++ targeted and used to deliver poisoned updates to a select group of victims.

Notepad++ users faced a serious threat as Chinese state-sponsored hackers compromised update servers for half of 2025, ...