Notepad++ updater was compromised for 6 months in supply-chain attack

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by ...
SecurityWeek

Notepad++ Supply Chain Hack Conducted by China via Hosting Provider

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...

Hijacked Notepad++ updater quietly targeted users for months

Notepad++ is a favorite of programmers and other power users, but its auto-update function was compromised for months in 2025 ...
Devdiscourse

Lotus Blossom's Silent Infiltration: Targeted Cyber Attack on Notepad++

A Chinese-linked cyberespionage group named Lotus Blossom hijacked the update process of Notepad++ to target specific users. Gaining access in June 2025, they maintained control until December that ...

Notepad++ was hijacked by bad actors in 2025. Here's what you need to know.

The popular Notepad alternative was hijacked by bad actors for several months in 2025, but the latest update appears to solve the issue.