Miscreants will need to find another avenue for malware shenanigans Notepad++ has continued beefing up security with a release the project's author claims makes the "update process robust and ...

Malicious actors served fake Notepad++ updates via the official site from June to December 2025. Older Notepad++ versions lacked update verification, letting targets get malware—upgrade to v8.9.1.

A likely China-sponsored threat actor hijacked Notepad++'s software update mechanism and quietly redirected targeted users of the popular source code editor to malicious downloads for nearly six ...