Notepad++ says Chinese government hackers hijacked its software updates for months | TechCrunch

Notepad++ says Chinese government hackers hijacked its software updates for months | TechCrunch

Briefly

"Ho did not say how many users were targeted or how many were compromised - if known - and did not respond to questions by the time of publication. (If we hear back, we will update.) Notepad++ is one of the longest running open-source projects, spanning more than two decades, and it counts at least tens of millions of downloads to date, including by employees at organizations around the world."

"According to Kevin Beaumont, a security researcher who first discovered the cyberattack and wrote up his findings in December, the hackers compromised a small number of organizations "with interests in East Asia" after someone unwittingly used a tainted version of the popular software. Beaumont said that the hackers were able to gain "hands-on" access to the computers of victims who were running hijacked versions of Notepad++."

"The developer of the popular open-source text editor Notepad++ has confirmed that hackers hijacked the software to deliver malicious updates to users over the course of several months in 2025. In a blog post published Monday, Notepad++ developer Don Ho said that the cyberattack was likely carried out by hackers associated with the Chinese government between June and December 2025, citing an analysis by security experts. Ho said this "would explain the highly selective targeting" seen during the campaign."