Howtogeek
State-Sponsored Hackers Compromise Notepad++ Update Mechanism
First seen 2 Feb 2026, 11:06 UTC
•



+67
•74% similarity
•59.6
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Notepad++ has been hijacked by state-sponsored hackers, specifically a likely Chinese threat actor. The attackers compromised the software's update mechanism between June and December 2025, allowing them to redirect users to malicious servers by exploiting a flaw in update package validation.
ThreatCluster AI