The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility's update mechanism to redirect update traffic to malicious servers instead. "The attack involved [an] infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic destined for notepad-plus-plus.org," developer Don Ho said. "The compromise occurred at the hosting
![]()
source https://thehackernews.com/2026/02/notepad-official-update-mechanism.html
source https://thehackernews.com/2026/02/notepad-official-update-mechanism.html