Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. is ...

PCWorld reports that Windows Notepad’s new Markdown support feature has introduced a serious remote code execution vulnerability with a high CVSS score of 8.8/7.7. The security flaw allows malicious ...

When affected users checked for updates inside Notepad++, their requests to getDownloadUrl.php were silently redirected. Instead of receiving legitimate update information, they were sent altered XML ...

Last year, the creator of Notepad++ rolled out an update for the text and source code editor after security experts reported that bad actors were hijacking its update mechanism to redirect traffic to ...

There has been a continuing problem where traffic from WinGUp, an updater for the text editor Notepad++, was being redirected to malicious domains and distributing malware, and it has now been ...

Notepad++, a free open source text and code editor for the Windows operating system, suffered an "infrastructure-level compromise" last year by threat actors seeking to deliver malware to selected ...

The popular open-source text editor Notepad++ was targeted in a sophisticated supply chain attack that allowed Chinese state-sponsored hackers to deliver malware through compromised software updates, ...

Notepad++ update process hijacked for targeted cyberespionage Cybersecurity firm Rapid7 links attack to Chinese group Lotus Blossom China denies involvement, citing lack of evidence Feb 2 (Reuters) - ...

The developer of the popular open source text editor Notepad++ has confirmed that hackers hijacked the software to deliver malicious updates to users over the course of several months in 2025. In a ...

A state-sponsored cyber criminal compromised Notepad++'s update service in 2025, according to the project's author. The admission comes after version 8.8.9 of the text editor was released on December ...

Following the patching of a previously exploited security vulnerability in the update mechanism by a Notepad++ update in December, investigation results on the incidents are now available. According ...