Tweet
For those who use Notepad++, its update servers were compromised by the CCP late last year. If you updated it any time during the last half of 2025, there is a chance you might have downloaded malicious code. Notepad++ has since removed the malicious code and hardened their infrastructure to prevent it from happening again. Update your Notepad++ asap if you might have gotten the bad updates.
-
Last edited by SactoDoug; 02-03-2026, 11:20 AM. -
Was a pretty sophisticated MITM attack. Thankfully I've not updated my version for over 3 years. lolThere is no week nor day nor hour, when tyranny may not enter upon this country, if the people lose their supreme confidence in themselves -- and lose their roughness and spirit of defiance -- Tyranny may always enter -- there is no charm, no bar against it -- the only bar against it is a large resolute breed of men.
-Walt Whitman -
This is crazy. It's not compromised code, but how it was done. Seems they can intercept and redirect targeted traffic.
According to the analysis provided by the security experts, the attack involved infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic destined for notepad-plus-plus.org. The exact technical mechanism remains under investigation, though the compromise occurred at the hosting provider level rather than through vulnerabilities in Notepad++ code itself. Traffic from certain targeted users was selectively redirected to attacker-controlled malicious update manifests.Comment
There are currently 13822 users online. 108 members and 13714 guests.
Most users ever online was 239,041 at 11:39 PM on 02-14-2026.
Comment