Ars Technica

Notepad++ users take note: It’s time to check if you’re hacked

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by suspected China-state hackers who used their control to deliver backdoored ...
Bleeping Computer

Notepad++ fixes flaw that let attackers push malicious update files

Notepad++ version 8.8.9 was released to fix a security weakness in its WinGUp update tool after researchers and users reported incidents in which the updater retrieved malicious executables instead of ...
Dark Reading

Chinese Hackers Hijack Notepad++ Updates for 6 Months

A likely China-sponsored threat actor hijacked Notepad++'s software update mechanism and quietly redirected targeted users of the popular source code editor to malicious downloads for nearly six ...
Infosecurity-magazine.com

Notepad++ Update Hijacking Linked to Hosting Provider Compromise

A months-long supply chain attack that affected the Notepad++ update process has been linked to a compromise of shared hosting infrastructure rather than a flaw in the software's code. This according ...
Forbes

Notepad++ Creator Warns Of Copycat Site With “Hidden Agenda”

The developer of the popular Windows app Notepad++ has warned users not to be fooled by a copycat site that is ranking highly on Google. Notepad++ is a text and code editor that’s been available for ...
CSOonline

Notepad++ vulnerabilities could enable arbitrary code execution on Windows systems

Two flaws in the widely used open-source editor can be triggered through manipulated configuration files, prompting security updates from the project's maintainers. Two arbitrary code execution ...
Infosecurity-magazine.com

Notepad++ Plugins Allow Attackers to Infiltrate Systems, Achieve Persistence

Threat actors may abuse Notepad++ plugins to circumvent security mechanisms and achieve persistence on their victim machine, new research from security company Cybereason suggests. “Using an ...