Suspected Chinese state-sponsored attackers hijacked the Notepad++ update mechanism by compromising the software project’s shared hosting server and intercepting and redirecting update traffic destined for notepad-plus-plus.org, the software’s maintainer Don Ho confirmed on Monday. The attack timeline In early December 2025, security researcher Kevin Beaumont said that he knew of three organizations that have had security incidents traced back to Notepad++ processes providing the attackers initial access to the computers. “I’ve only talked to a … More → The post How state-sponsored attackers hijacked Notepad++ updates appeared first on Help Net Security .