Security Boulevard

What to Know About the Notepad++ Supply-Chain Attack

The cybersecurity community is still grappling with a sobering realization: one of the most ubiquitous tools in the developer ...

Notepad++: Security update against code smuggling vulnerability

Notepad++ improves security mechanisms and closes a new vulnerability that allows attackers to execute malicious code.
CPO Magazine

Chinese Hackers Compromised Notepad++ Software Updates For Nearly Half a Year, But Only “Select” Targets Breached

Security researchers believe that Chinese hackers are to blame for the attack in part because of the "selective" nature of the targets that were chosen for follow-on compromise via malicious software ...

Notepad++ hit by suspected Chinese state-sponsored hackers

Notepad++ targeted and used to deliver poisoned updates to a select group of victims.
The Hacker News

Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware

Notepad++ 8.9.2 fixes update hijack exploited to deliver malware, patches RCE flaw, and hardens WinGUp security.
OSTechNix

Notepad++ 8.9.2 Introduces “Double-Lock” Security to Fix the Update Hijack

Worried about the Notepad++ supply chain attack? Notepad++ 8.9.2 adds "Double-Lock" security to stop malware hijacking.
Cybernews

Notepad++ releases another patch following recent cyberattacks

Notepad++ released a security patch to reinforce its update process with a “double-lock” design after a sophisticated cyberattack exploited its auto-updater.
Indiatimes

How Chinese hackers used Notepad++ to spy on companies doing business in East Asia

Notepad++ users faced a serious threat as Chinese state-sponsored hackers compromised update servers for half of 2025, distributing malware named Chrysalis. Targeting organizations with East Asian ...