Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. is ...

Don Ho, the programmer behind the popular Windows text and source code editor Notepad++, says Chinese government hackers spent half a year hijacking the tool's software updates. The state-sponsored ...

There has been a continuing problem where traffic from WinGUp, an updater for the text editor Notepad++, was being redirected to malicious domains and distributing malware, and it has now been ...

If you use Notepad++, it's time to update. Hackers compromised the free text and coding editor to distribute a malicious update via the auto-update function. Notepad++ developer Don Ho detected the ...

TL;DR: Notepad++ was compromised for six months, but it wasn't the software itself which the exploit leveraged, but its hosting provider. An investigation into the attack has just been concluded with ...

A software update mechanism for the popular text editor Notepad++ was hijacked by suspected Chinese state-sponsored hackers, allowing them to silently redirect some users to malicious update servers, ...

Notepad++ reported that its built-in auto-update feature had been hijacked by Chinese state-sponsored hackers from June to September of 2025, and the credentials gathered by the bas actors enabled ...

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by suspected China-state hackers who used their control to deliver backdoored ...

Following the patching of a previously exploited security vulnerability in the update mechanism by a Notepad++ update in December, investigation results on the incidents are now available. According ...

A months-long supply chain attack that affected the Notepad++ update process has been linked to a compromise of shared hosting infrastructure rather than a flaw in the software's code. This according ...