Notepad++ Says Chinese Government Hackers Hijacked Its Software Updates For Months

Notepad++ Says Chinese Government Hackers Hijacked Its Software Updates For Months

Notepad++ Hack Exposed After Silent Six-Month Campaign A sophisticated cyberattack compromised the popular Notepad++ text editor between June and December 2025, with Chinese state-backed hackers secretly injecting malicious code into legitimate software updates. The breach affected users worldwide, though attackers selectively targeted organizations in government, telecommunications, aviation, and critical infrastructure sectors—particularly those with East Asian interests. Developer Don Ho confirmed the intrusion Monday after security researchers uncovered evidence of hands-on keyboard access granted to hackers through poisoned installers. The incident highlights growing threats to open source software supply chains and raises urgent questions about how even trusted tools can become stealthy attack vectors. Credit: Getty Images Why This Breach Matters Beyond Code Editors Notepad++ isn't just another utility app. For over two decades, this free, open source text editor has become indi…