The National Institute of Standards and Technology Feb. 2 published details on a critical vulnerability that impacted Notepad++, a free, open-source text and source code program widely used by several ...

Notepad++ released version 8.8.9 in December, which checks digital signatures and certificates before installing any updates.

Some Notepad++ users were redirected to malicious servers last year. Now, its developer says they were targeted by Chinese ...

It's believed that, between June and November 10/December 2, 2025 (independent security experts and its hosting provider ...

The hosting provider's compromise allowed attackers to deliver malware through tainted software updates for six months.

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked updates, fixed in v8.8.9 ...

The program is a free text and code editor that's been downloaded millions of times. The compromise began in June and is ...

Notepad++ is a favorite of programmers and other power users, but its auto-update function was compromised for months in 2025 ...

Attackers had specifically delivered malware to systems using the Notepad++ updater. Investigations point to state actors.

State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious downloads since June 2025.

Twitch streamer "Lacari" opened Notepad while live, not realizing that the new version saves your previous session. Oh boy.

The tech news you may have missed this week.