State-Sponsored Hackers Compromise Notepad++ Update Mechanism

State-Sponsored Hackers Compromise Notepad++ Update Mechanism

First seen 2 Feb 2026, 11:06 UTC HowtogeekWizNews.YcombinatorCybersecuritynewsReddit+67 74% similarity 59.6

Article Content

Browse articles
ThreatCluster

Notepad++ has been hijacked by state-sponsored hackers, specifically a likely Chinese threat actor. The attackers compromised the software's update mechanism between June and December 2025, allowing them to redirect users to malicious servers by exploiting a flaw in update package validation.

ThreatCluster AI

Community

Browse all →