Notepad++'s update servers have been compromised by Chinese hackers and all users had been exposed to malware.
-
Notepad++'s update servers have been compromised by Chinese hackers and all users had been exposed to malware. The developer estimated the overall compromise period spanned from June through December 2, 2025.
Users should update to version 8.9.1 (or superior) immediately.Source: https://notepad-plus-plus.org/news/hijacked-incident-info-update/
#security #vulnerability #windows #text #editor #notepad #foss #freesoftware #software
@LorenzoAncora As much as I loved Notepad++, as soon as one leaves windows it no longer is relevant. Kate, VSCodium, and others all fill the void that was lacking in the windows world.
-
Notepad++'s update servers have been compromised by Chinese hackers and all users had been exposed to malware. The developer estimated the overall compromise period spanned from June through December 2, 2025.
Users should update to version 8.9.1 (or superior) immediately.Source: https://notepad-plus-plus.org/news/hijacked-incident-info-update/
#security #vulnerability #windows #text #editor #notepad #foss #freesoftware #software
@LorenzoAncora As far as I understood, it only affected users who used the integrated upgrade function. If you only ever downloaded a new version directly from the site, there was no issue, nor did it affect anyone else except certain targeted groups. So saying all users were exposed is a slight exaggeration, though obviously anyone should still update it.
-
Notepad++'s update servers have been compromised by Chinese hackers and all users had been exposed to malware. The developer estimated the overall compromise period spanned from June through December 2, 2025.
Users should update to version 8.9.1 (or superior) immediately.Source: https://notepad-plus-plus.org/news/hijacked-incident-info-update/
#security #vulnerability #windows #text #editor #notepad #foss #freesoftware #software
@LorenzoAncora It's unfortunate... NPP is such a masterpiece of software. Back when I was a Windows 10 user, NPP ran very fast, it's wasn't from Microslop and has a decent UI and usability experience. As someone pointed out, now as a long-time Linux user I almost forgot the existence of this piece of software.
-
Notepad++'s update servers have been compromised by Chinese hackers and all users had been exposed to malware. The developer estimated the overall compromise period spanned from June through December 2, 2025.
Users should update to version 8.9.1 (or superior) immediately.Source: https://notepad-plus-plus.org/news/hijacked-incident-info-update/
#security #vulnerability #windows #text #editor #notepad #foss #freesoftware #software
@LorenzoAncora
Notepad++ is utterly irrelevant. Sorry to be blunt but windows software distribution is hopelessly broken.Linux software repos are also broken but there is much hope and variety of options.
-
@LorenzoAncora As far as I understood, it only affected users who used the integrated upgrade function. If you only ever downloaded a new version directly from the site, there was no issue, nor did it affect anyone else except certain targeted groups. So saying all users were exposed is a slight exaggeration, though obviously anyone should still update it.
@OtterSide hi, unfortunately, Windows users can also use 3rd party software updaters and download sites, in which case they might've been affected too. In doubt, if you've downloaded or updated Notepad++ in 2025, you should upgrade ASAP.
-
@LorenzoAncora
Notepad++ is utterly irrelevant. Sorry to be blunt but windows software distribution is hopelessly broken.Linux software repos are also broken but there is much hope and variety of options.
@TrimTab most Windows developers use this editor in place of the standard Notepad. It has a very large userbase and frequent updates, so I wouldn't describe it as irrelevant.
-
@LorenzoAncora As much as I loved Notepad++, as soon as one leaves windows it no longer is relevant. Kate, VSCodium, and others all fill the void that was lacking in the windows world.
@rocky1138 it depends on if the user can and wants to change OS. A single security issue on a replaceable application isn't a sufficient incentive.
-
@LorenzoAncora #NotepadPP users might also seriously want to consider the option of switching to some other #TextEditor / #IDE they can trust such as #IntelliJ, #Neovim, #Eclipse or #VSCodium
(edit: added image)@vrtxd
"[...] the attack involved infrastructure-level compromise [...] at the hosting provider level rather than through vulnerabilities in Notepad++ code itself. [...] Multiple independaent security researchers have assessed that the threat actor is likely a Chinese state-sponsored group".So, the incident says nothing about the developer's reliability!
-
@LorenzoAncora
Notepad++ is utterly irrelevant. Sorry to be blunt but windows software distribution is hopelessly broken.Linux software repos are also broken but there is much hope and variety of options.
@TrimTab modern Linux repositories use digital signatures (like OpenPGP), so they are indeed safer to use.
I use both Debian and Fedora, and I can testimony the superior quality of the updates offered, in terms of timing and reliability. Indeed, trying new software is much easier this way! -
@LorenzoAncora As far as I understood, it only affected users who used the integrated upgrade function. If you only ever downloaded a new version directly from the site, there was no issue, nor did it affect anyone else except certain targeted groups. So saying all users were exposed is a slight exaggeration, though obviously anyone should still update it.
@OtterSide no it also concerns the integrated plugin downloader which is on by default and checks for updates regularly.
I also take exception to the dev's statement that the issue is fully resolved. Anyone could have had a boobytrapped update pushed to them, and that would potentially remain in place.
@LorenzoAncora -
@vrtxd
"[...] the attack involved infrastructure-level compromise [...] at the hosting provider level rather than through vulnerabilities in Notepad++ code itself. [...] Multiple independaent security researchers have assessed that the threat actor is likely a Chinese state-sponsored group".So, the incident says nothing about the developer's reliability!
@LorenzoAncora "The attackers specifically targeted Notepad++ domain with the goal of exploiting insufficient update verification controls that existed in older versions of Notepad++."
Yes. It was a solo developer and a hosting provider against superpower-sponsored attackers, it seems. They did their best choosing a reliable hosting provider and making the software secure, and users might still lose trust. I don't blame anyone, I'm just stating options for migration.
-
@OtterSide no it also concerns the integrated plugin downloader which is on by default and checks for updates regularly.
I also take exception to the dev's statement that the issue is fully resolved. Anyone could have had a boobytrapped update pushed to them, and that would potentially remain in place.
@LorenzoAncora@fedops It seems my policy of not installing the updater at all paid off then - also the copy installed by the IT department at work didn't have the updater installed either, so it seems both were more or less safe. Both have been updated since, regardless.
-
N necrosis@chaos.social shared this topic
