Hosted on MSN

Notepad++ has allegedly been spying on targeted users after a malicious update got in

Malicious actors served fake Notepad++ updates via the official site from June to December 2025. Older Notepad++ versions lacked update verification, letting targets get malware—upgrade to v8.9.1.
HotHardware

Notepad++ Confirms Hackers Hijacked Update Infrastructure To Push Malware

Notepad++ reported that its built-in auto-update feature had been hijacked by Chinese state-sponsored hackers from June to September of 2025, and the credentials gathered by the bas actors enabled ...
Dark Reading

Chinese Hackers Hijack Notepad++ Updates for 6 Months

A likely China-sponsored threat actor hijacked Notepad++'s software update mechanism and quietly redirected targeted users of the popular source code editor to malicious downloads for nearly six ...
Hosted on MSN

Notepad++ Just Got an Update With a New Clipboard Trick

Notepad++ just dropped version 8.8.6, and now you can finally paste multiple lines of text directly into the Find and Replace fields. You no longer have to rely on ...
TechCrunch

Notepad++ says Chinese government hackers hijacked its software updates for months

The developer of the popular open source text editor Notepad++ has confirmed that hackers hijacked the software to deliver malicious updates to users over the course of several months in 2025. In a ...