Notepad++ update server hijacked in targeted supply chain attack

Pubblicato il 2026-02-03 11:17 ℹ️ Tom's Hardware 📰 Leggi l'articolo originale →

Attacco alla supply chain di Notepad++ tramite server di aggiornamento

Notepad++ Update Server Hijacked

The Notepad++ project disclosed that its update server was covertly hijacked in a targeted supply chain attack. The attack began in June 2025.

Suspicions of Chinese Hackers

Initial investigations suggest that Chinese state-sponsored hackers may be to blame. The goal appears to have been to compromise the software's chain of trust, potentially to distribute malware to Notepad++ users.

Security Implications

This incident highlights the growing threat of supply chain attacks, where cybercriminals target software vendors to reach a larger number of victims. Compromising an update server is particularly serious, as it allows attackers to distribute malicious software surreptitiously.

Key Takeaway

The Notepad++ project disclosed a supply chain attack starting in June 2025, involving the hijacking of its update server. Chinese state-sponsored hackers are suspected.

🤖 Ask AI about this

Want to dive deeper? Read the full article from the source:

📖 READ THE ORIGINAL ARTICLE