Popular text editor Notepad++ was hacked to drop malware

Rapid7 dropped a write-up on the Notepad++ update-chain abuse and - finally - it comes with real IOCs - update.exe downloaded ...
The Hacker News

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked updates, fixed in v8.8.9 ...
MUO on MSN

I deleted my to-do app and switched to plain text files, and here's why it works

Time to use something simpler!
MUO on MSN

I stopped using the Start Menu—and I don’t miss it at all

Turns out Windows is fast when you stop using the Start menu ...
CSO Online

Notepad++ infrastructure hijacked by Chinese APT in sophisticated supply chain attack

The hosting provider's compromise allowed attackers to deliver malware through tainted software updates for six months.

Now there's a ransomware that can't give your files back even if you pay

A true lose/lose situation.
OSTechNix

Notepad++ Supply Chain Attack: Is Your Version Secure?

Notepad++ update servers were compromised for 6 months in 2025. Learn how the Chrysalis backdoor targeted users and why you must manually update to version 8.9.1 now.