CPO Magazine

Chinese Hackers Compromised Notepad++ Software Updates For Nearly Half a Year, But Only “Select” Targets Breached

Security researchers believe that Chinese hackers are to blame for the attack in part because of the "selective" nature of ...
The Register on MSN

Notepad++ declares hardened update process 'effectively unexploitable'

Miscreants will need to find another avenue for malware shenanigans Notepad++ has continued beefing up security with a release the project's author claims makes the "update process robust and ...
Hosted on MSN

Notepad++ has allegedly been spying on targeted users after a malicious update got in

Malicious actors served fake Notepad++ updates via the official site from June to December 2025. Older Notepad++ versions lacked update verification, letting targets get malware—upgrade to v8.9.1.
HotHardware

Notepad++ Confirms Hackers Hijacked Update Infrastructure To Push Malware

Notepad++ reported that its built-in auto-update feature had been hijacked by Chinese state-sponsored hackers from June to September of 2025, and the credentials gathered by the bas actors enabled ...
CSO Online

Notepad++ author says fixes make update mechanism ‘effectively unexploitable’

The recently compromised update mechanism for the popular open source text editor Notepad ++ has been hardened so it’s now ...
TechCrunch

Notepad++ says Chinese government hackers hijacked its software updates for months

The developer of the popular open source text editor Notepad++ has confirmed that hackers hijacked the software to deliver malicious updates to users over the course of several months in 2025. In a ...