The program is a free text and code editor that's been downloaded millions of times. The compromise began in June and is likely to have involved a Chinese state-sponsored group.

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by ...

Notepad++ improves security mechanisms and closes a new vulnerability that allows attackers to execute malicious code.

Notepad++ has adopted a "double-lock" design for its update mechanism to address recently exploited security gaps that ...

The popular Notepad alternative was hijacked by bad actors for several months in 2025, but the latest update appears to solve the issue.

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

Notepad++ has been compromised in a sophisticated nation-state cyberattack. Learn about the security breach, the sophisticated methods used ...

Worried about the Notepad++ supply chain attack? Notepad++ 8.9.2 adds "Double-Lock" security to stop malware hijacking.

A likely China-sponsored threat actor hijacked Notepad++'s software update mechanism and quietly redirected targeted users of the popular source code editor to malicious downloads for nearly six ...

Security researchers believe that Chinese hackers are to blame for the attack in part because of the "selective" nature of ...

Notepad++ update servers were compromised for 6 months in 2025. Learn how the Chrysalis backdoor targeted users and why you must manually update to version 8.9.1 now.