Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by ...

The cybersecurity community is still grappling with a sobering realization: one of the most ubiquitous tools in the developer’s toolkit, Notepad++, was hiding a critical vulnerability for over six ...

Notepad++ 8.9.2 fixes update hijack exploited to deliver malware, patches RCE flaw, and hardens WinGUp security.

Notepad++ targeted and used to deliver poisoned updates to a select group of victims.

Notepad++ has adopted a "double-lock" design for its update mechanism to address recently exploited security gaps that ...

The developer of the popular text editor Notepad++ said hackers associated with the Chinese government hijacked its software update mechanism to deliver tainted software to users for months.

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

Notepad++ improves security mechanisms and closes a new vulnerability that allows attackers to execute malicious code.

The Notepad++ supply chain compromise is the latest proof that sophisticated adversaries are deliberately targeting the gap between two disciplines: Vulnerability management and detection and response ...

This is not a drill! The makers of the popular text editor Notepad++ are warning that the Notepad++ updater, which goes by the name WinGUp, links to malware servers. This is a case of traffic ...

TL;DR: Notepad++ was compromised for six months, but it wasn't the software itself which the exploit leveraged, but its hosting provider. An investigation into the attack has just been concluded with ...

Chinese netizens are spamming the GitHub repository of the Notepad++ app with pro-Chinese and anti-Western messages after Notepad++ devs released a version codenamed "Free Uyghur" on Tuesday. Angry ...