Worried about the Notepad++ supply chain attack? Notepad++ 8.9.2 adds "Double-Lock" security to stop malware hijacking.

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by ...

The program is a free text and code editor that's been downloaded millions of times. The compromise began in June and is likely to have involved a Chinese state-sponsored group.

In an alarming revelation, the popular text editor Notepad++ has confirmed that its update service was compromised in a targeted attack linked to state-sponsored cybercriminals. This incident sheds ...

Notepad++ targeted and used to deliver poisoned updates to a select group of victims.

Attackers had specifically delivered malware to systems using the Notepad++ updater. Investigations point to state actors.

Notepad++ update servers were compromised for 6 months in 2025. Learn how the Chrysalis backdoor targeted users and why you must manually update to version 8.9.1 now.

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.

A likely China-sponsored threat actor hijacked Notepad++'s software update mechanism and quietly redirected targeted users of the popular source code editor to malicious downloads for nearly six ...

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

The developer did not specify when they became aware of the attack, but said that “all attacker access was definitively terminated” by December 2nd. The Notepad++ updater has been updated itself with ...

The sophisticated hacking group known as StrongPity is circulating laced Notepad++ installers that infect targets with malware. This hacking group, also known as APT-C-41 and Promethium, was ...