CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by suspected China-state hackers who used their control to deliver backdoored ...

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.

A likely China-sponsored threat actor hijacked Notepad++'s software update mechanism and quietly redirected targeted users of the popular source code editor to malicious downloads for nearly six ...

Active exploitation of BeyondTrust enables unauthenticated RCE as CISA adds Apple, Microsoft, SolarWinds, and Notepad++ flaws ...

Following the patching of a previously exploited security vulnerability in the update mechanism by a Notepad++ update in December, investigation results on the incidents are now available. According ...

The popular Notepad++ code editing software was compromised by a Chinese-linked cyberespionage group, which hijacked its software update system to deliver malware to select users, the program's ...

Notepad++, one of the most popular alternatives to the native Notepad app in Windows 11, has today published on its website a security disclosure stating that the app was "hijacked by state-sponsored ...

A state-sponsored cyber criminal compromised Notepad++'s update service in 2025, according to the project's author.… The admission comes after version 8.8.9 of the text editor was released on December ...