Notepad++ 8.9.2 fixes update hijack exploited to deliver malware, patches RCE flaw, and hardens WinGUp security.

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by ...

The recently compromised update mechanism for the popular open source text editor Notepad ++ has been hardened so it’s now ‘effectively unexploitable’, says the application’s author.

The popular Notepad alternative was hijacked by bad actors for several months in 2025, but the latest update appears to solve the issue.

Notepad++ has been compromised in a sophisticated nation-state cyberattack. Learn about the security breach, the ...

Notepad++ has adopted a "double-lock" design for its update mechanism to address recently exploited security gaps that ...

Last year, the creator of Notepad++ rolled out an update for the text and source code editor after security experts reported ...

The group targets telecoms, critical infrastructure - all the usual high-value orgs Security researchers have attributed the ...

The program is a free text and code editor that's been downloaded millions of times. The compromise began in June and is likely to have involved a Chinese state-sponsored group.

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

Breach lingered for months before stronger signature checks shut the door A state-sponsored cyber criminal compromised ...

The hosting provider's compromise allowed attackers to deliver malware through tainted software updates for six months.