State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

The program is a free text and code editor that's been downloaded millions of times. The compromise began in June and is ...

Rapid7 dropped a write-up on the Notepad++ update-chain abuse and - finally - it comes with real IOCs - update.exe downloaded ...

State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious ...

Anyone can do it!

The developer did not specify when they became aware of the attack, but said that “all attacker access was definitively ...

Notepad++'s updater usually pops up, but users can also prompt it by selecting the "?" dropdown in the taskbar. Christopher ...

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...

Chinese state-sponsored hackers are suspected of compromising Notepad++ update infrastructure in a hosting-level breach and selectively infecting users with malware.

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.

The recent compromise, as reported by developer Don Ho, involved an infrastructure-level breach at the hosting provider rather than any flaws within Notepad++ itself. Ho stated, "The attack involved ...

A months-long supply chain attack that affected the Notepad++ update process has been linked to a compromise of shared hosting infrastructure rather than a flaw in the software's code. This according ...