Notepad++ updates got hijacked for months and could have spied for China

Published: 2 days ago (February 2, 2026 at 03:43 PM EST)

1 min read

Source: The Verge

Details

Users of the text and code editor Notepad++ may have unknowingly downloaded a malicious update for the app after its shared hosting servers were hijacked last year. On Monday, the app’s developer, Don Ho, posted an update on the attack with more details, including that the hackers were “likely a Chinese state‑sponsored group” and that the malicious code was inserted into the installer package hosted on the compromised server.

Back to Blog

Backdoor in Notepad++

Hackers associated with the Chinese government used a Trojaned version of Notepad++ to deliver malware to selected users. Notepad++ said that officials with the...

Notepad++ Users, You May Have Been Hacked by China

Suspected Chinese state-backed hackers hijacked the Notepadd++ update infrastructure to deliver backdoored version of the popular free source code editor and no...

Notepad++ update server hijacked in targeted attacks — outfit claims Chinese state-sponsored hackers may be to blame

The Notepad++ project yesterday disclosed that its update server was covertly hijacked in a targeted supply chain attack that began in June 2025,...

Notepad++ update feature hijacked by Chinese state hackers for months

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer s...

Details

Related posts

Backdoor in Notepad++

Notepad++ Users, You May Have Been Hacked by China

Notepad++ update server hijacked in targeted attacks — outfit claims Chinese state-sponsored hackers may be to blame

Notepad++ update feature hijacked by Chinese state hackers for months