Notepad++ has adopted a “double-lock” design for its update mechanism to address recently exploited security gaps that resulted in a supply-chain compromise. The new mechanism landed in Notepad++ ...

Software updates usually keep us safe, but what happens when hackers hijack the update process itself? This is exactly what happened to Notepad++ during a sophisticated attack in 2025. To solve this, ...

The US cybersecurity agency CISA on Thursday warned that recently disclosed SolarWinds, Notepad++, and Apple vulnerabilities have been exploited in the wild. Tracked as CVE-2025-40536 (CVSS score of 8 ...

Kaspersky Global Research and Analysis Team (GReAT) researchers have discovered that attackers behind the Notepad++ supply chain compromise targeted a government organization in the Philippines, a ...

A Chinese-linked cyberespionage group with a long history hijacked ⁠the update process for the popular code editing platform Notepad++ to deliver a custom backdoor and other malware to targeted users, ...

Between June and December 2025, a sophisticated supply chain attack targeted the official update system of Notepad++. This incident allowed attackers to deliver spyware to specific users by hijacking ...

Notepad++ users faced a serious threat as Chinese state-sponsored hackers compromised update servers for half of 2025, distributing malware named Chrysalis. Targeting organizations with East Asian ...

When affected users checked for updates inside Notepad++, their requests to getDownloadUrl.php were silently redirected. Instead of receiving legitimate update information, they were sent altered XML ...

Don Ho, the programmer behind the popular Windows text and source code editor Notepad++, says Chinese government hackers spent half a year hijacking the tool's software updates. The state-sponsored ...

Notepad++, a popular text and source code editor, has revealed that its update system was hijacked in a targeted cyberattack. The breach, which is believed to have been carried out by state-sponsored ...