Malicious actors served fake Notepad++ updates via the official site from June to December 2025. Older Notepad++ versions lacked update verification, letting targets get malware—upgrade to v8.9.1.

Notepad++ reported that its built-in auto-update feature had been hijacked by Chinese state-sponsored hackers from June to September of 2025, and the credentials gathered by the bas actors enabled ...

Notepad++ version 8.8.9 was released to fix a security weakness in its WinGUp update tool after researchers and users reported incidents in which the updater retrieved malicious executables instead of ...

The developer of the popular open-source text editor Notepad++ has confirmed that hackers hijacked the software to deliver malicious updates to users over the course of several months in 2025. In a ...

A likely China-sponsored threat actor hijacked Notepad++'s software update mechanism and quietly redirected targeted users of the popular source code editor to malicious downloads for nearly six ...

In light of the recent compromise of Notepad++'s update mechanisms, it is worth examining a common pattern in enterprise environments: the belief that using an application’s internal update mechanisms ...

The recently compromised update mechanism for the popular open source text editor Notepad ++ has been hardened so it’s now ‘effectively unexploitable’, says the application’s author. Don Ho made the ...