State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious downloads since June 2025.

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

The program is a free text and code editor that's been downloaded millions of times. The compromise began in June and is ...

Suspected Chinese state-backed hackers reportedly hijacked Notepad++'s update system for months, targeting select users and ...

Last year, the creator of Notepad++ rolled out an update for the text and source code editor after security experts reported ...

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...

Rapid7 dropped a write-up on the Notepad++ update-chain abuse and - finally - it comes with real IOCs - update.exe downloaded ...

Notepad++ has been compromised in a sophisticated nation-state cyberattack. Learn about the security breach, the ...

Security researchers believe that Chinese hackers are to blame for the attack in part because of the "selective" nature of the targets that were chosen for follow-on compromise via malicious software ...

By AJ Vicens Feb 2 (Reuters) - A Chinese-linked cyberespionage group with a long history hijacked the update process for the ...