DigiNews

Summary

Notepad++ reports an infrastructure-level attack where update traffic was redirected to attacker-controlled servers. The compromise was at the hosting provider level (not Notepad++ code) and appears to have targeted Notepad++ users, with remediation completed by December 2025 and improvements to the updater’s verification process in upcoming releases.