CSO Online

Notepad++ infrastructure hijacked by Chinese APT in sophisticated supply chain attack

The hosting provider's compromise allowed attackers to deliver malware through tainted software updates for six months.
The Register on MSN

Notepad++ hijacking blamed on Chinese Lotus Blossom crew behind Chrysalis backdoor

The group targets telecoms, critical infrastructure - all the usual high-value orgs Security researchers have attributed the ...
Dark Reading

Chinese Hackers Hijack Notepad++ Updates for 6 Months

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

Notepad++ was hijacked by bad actors in 2025. Here's what you need to know.

The popular Notepad alternative was hijacked by bad actors for several months in 2025, but the latest update appears to solve the issue.
SecurityWeek

Notepad++ Supply Chain Hack Conducted by China via Hosting Provider

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...