Hijacked Notepad++ updater quietly targeted users for months

Notepad++ is a favorite of programmers and other power users, but its auto-update function was compromised for months in 2025 ...
Dark Reading

Chinese Hackers Hijack Notepad++ Updates for 6 Months

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...
Devdiscourse

Lotus Blossom's Silent Infiltration: Targeted Cyber Attack on Notepad++

A Chinese-linked cyberespionage group named Lotus Blossom hijacked the update process of Notepad++ to target specific users. Gaining access in June 2025, they maintained control until December that ...
PCMag

Chinese Hackers Hit Notepad++ to Serve Malicious Update

The program is a free text and code editor that's been downloaded millions of times. The compromise began in June and is ...