The Hacker News

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked ...

Hijacked Notepad++ updater quietly targeted users for months

Notepad++ is a favorite of programmers and other power users, but its auto-update function was compromised for months in 2025 ...

Chinese hackers exploit Notepad++ updater to target select users for months: Report

Notepad++ says its update system was reportedly hijacked for months in a targeted cyber campaign linked to suspected Chinese ...

Notepad++ updates got hijacked for months and could have spied for China

The developer did not specify when they became aware of the attack, but said that “all attacker access was definitively ...

Notepad++ users take note: It’s time to check if you’re hacked

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by suspected China-state hackers who used their control to deliver backdoored ...

Notepad++: Updater takeover by state actors

Attackers had specifically delivered malware to systems using the Notepad++ updater. Investigations point to state actors.
Dark Reading

Chinese Hackers Hijack Notepad++ Updates for 6 Months

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

Notepad++ was hijacked by bad actors in 2025. Here's what you need to know.

The popular Notepad alternative was hijacked by bad actors for several months in 2025, but the latest update appears to solve ...
The Register on MSN

Notepad++ hijacking blamed on Chinese Lotus Blossom crew behind Chrysalis backdoor

The group targets telecoms, critical infrastructure - all the usual high-value orgs Security researchers have attributed the ...