State-sponsored hackers' are being blamed for compromising the popular alternative to Windows Notepad over a period of six months last year.

Some Notepad++ users were redirected to malicious servers last year. Now, its developer says they were targeted by Chinese ...

A software update mechanism for the popular text editor Notepad++ was hijacked by suspected Chinese state-sponsored hackers, allowing them to silently redirect some users to malicious update servers, ...

Notepad++ targeted and used to deliver poisoned updates to a select group of victims.

The hosting provider's compromise allowed attackers to deliver malware through tainted software updates for six months.

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked updates, fixed in v8.8.9 ...

The developer did not specify when they became aware of the attack, but said that “all attacker access was definitively terminated” by December 2nd. The Notepad++ updater has been updated itself with ...

A Chinese-linked cyberespionage group targeted Notepad++'s update process to deploy malware. The attack from June to December 2025 selectively affected users, prompting investigations. Hosting ...

The popular Notepad alternative was hijacked by bad actors for several months in 2025, but the latest update appears to solve ...

Attackers had specifically delivered malware to systems using the Notepad++ updater. Investigations point to state actors.

State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious downloads since June 2025.