CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

The popular Notepad alternative was hijacked by bad actors for several months in 2025, but the latest update appears to solve ...

The program is a free text and code editor that's been downloaded millions of times. The compromise began in June and is ...

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by suspected China-state hackers who used their control to deliver backdoored ...

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...

Notepad++ has been compromised in a sophisticated nation-state cyberattack. Learn about the security breach, the ...

Notepad++ targeted and used to deliver poisoned updates to a select group of victims.

The group targets telecoms, critical infrastructure - all the usual high-value orgs Security researchers have attributed the ...

Notepad++ update servers were compromised for 6 months in 2025. Learn how the Chrysalis backdoor targeted users and why you must manually update to version 8.9.1 now.

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.

State-sponsored hackers' are being blamed for compromising the popular alternative to Windows Notepad over a period of six months last year.