Hijacked Notepad++ updater quietly targeted users for months

Notepad++ is a favorite of programmers and other power users, but its auto-update function was compromised for months in 2025 ...
SecurityWeek

Notepad++ Supply Chain Hack Conducted by China via Hosting Provider

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...
The Hacker News

Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious ...
The Hacker News

OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

A high-severity OpenClaw flaw allows one-click remote code execution via token theft and WebSocket hijacking; patched in ...

Notepad++ update feature hijacked by Chinese state hackers for months

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.
PCMag

Chinese Hackers Hit Notepad++ to Serve Malicious Update

The program is a free text and code editor that's been downloaded millions of times. The compromise began in June and is ...