PCMag

Microsoft Continues to Bulk Up Notepad, This Time With Image Support

Microsoft continues to move Notepad away from its text-editing roots with planned support for images. Although not officially announced, an image icon has appeared on the Notepad toolbar for Windows ...
CSO Online

Notepad++ author says fixes make update mechanism ‘effectively unexploitable’

The recently compromised update mechanism for the popular open source text editor Notepad ++ has been hardened so it’s now ...
The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M installs.
telecom.economictimes.indiatimes

Popular open-source coding application targeted in Chinese-linked supply-chain attack

A Chinese-linked cyberespionage group with a long history hijacked ⁠the update process for the popular code editing platform Notepad++ to deliver a custom backdoor and other malware to targeted users, ...
Indiatimes

How Chinese hackers used Notepad++ to spy on companies doing business in East Asia

Notepad++ users faced a serious threat as Chinese state-sponsored hackers compromised update servers for half of 2025, distributing malware named Chrysalis. Targeting organizations with East Asian ...
GIGAZINE

Notepad++ was hijacked by state-sponsored hackers to distribute malware installers

There has been a continuing problem where traffic from WinGUp, an updater for the text editor Notepad++, was being redirected to malicious domains and distributing malware, and it has now been ...
Mint

Chinese hackers exploit Notepad++ updater to target select users for months: Report

The developer of Notepad++ has reportedly noted that its software update mechanism was covertly hijacked for several months last year, with evidence suggesting the operation was carried out by a ...
TechRadar

Notepad++ hit by suspected Chinese state-sponsored hackers - here's what we know so far

Notepad++ targeted in sophisticated supply-chain style attack via compromised hosting server Attackers delivered tainted updates to select victims, exploiting weak update verification controls Breach ...
CSOonline

Notepad++ infrastructure hijacked by Chinese APT in sophisticated supply chain attack

The popular open-source text editor Notepad++ was targeted in a sophisticated supply chain attack that allowed Chinese state-sponsored hackers to deliver malware through compromised software updates, ...
Reuters

Popular open-source coding application targeted in Chinese-linked supply-chain attack

Notepad++ update process hijacked for targeted cyberespionage Cybersecurity firm Rapid7 links attack to Chinese group Lotus Blossom China denies involvement, citing lack of evidence Feb 2 (Reuters) - ...
HotHardware

Notepad++ Confirms Hackers Hijacked Update Infrastructure To Push Malware

Notepad++ reported that its built-in auto-update feature had been hijacked by Chinese state-sponsored hackers from June to September of 2025, and the credentials gathered by the bas actors enabled ...