cryptogon.com

news – analysis – conspiracies

• Home
• About
• Archives
• Contact
• Support Cryptogon
• Story Suggestions

Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

February 2nd, 2026

Microsoft bad.

Think outside the box.

Turns out, there’s always another box.

Via: The Hacker News:

The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility’s update mechanism to redirect update traffic to malicious servers instead.

“The attack involved [an] infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic destined for notepad-plus-plus.org,” developer Don Ho said. “The compromise occurred at the hosting provider level rather than through vulnerabilities in Notepad++ code itself.”

The exact mechanism through which this was realized is currently being investigated, Ho added.

The development comes a little over a month after Notepad++ released version 8.8.9 to address an issue that resulted in traffic from WinGUp, the Notepad++ updater, being “occasionally” redirected to malicious domains, resulting in the download of poisoned executables.

Sign in | Register

The New Zealand Copyright Act 1994 specifies certain circumstances where all or a substantial part of a copyright work may be used without the copyright owner's permission. A "fair dealing" with copyright material does not infringe copyright if it is for the following purposes: research or private study; criticism or review; or reporting current events. If you are a legal copyright holder, or a designated agent for such, and you believe a post on this website falls outside the boundaries of "fair dealing," and legitimately infringes on your or your client's copyright, please contact Kevin Flaherty. Cryptogon contains both original material and material from external sources. Original material: Copyright Kevin Flaherty. Material from external sources: Copyright the respective owners / authors.

Design by Andreas Viklund | Ported by Matteo Turchetto