The hosting provider's compromise allowed attackers to deliver malware through tainted software updates for six months.

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.

The developer did not specify when they became aware of the attack, but said that “all attacker access was definitively terminated” by December 2nd. The Notepad++ updater has been updated itself with ...

OpenClaw patched a critical vulnerability that could be exploited to hijack the increasingly popular AI assistant.

State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious ...

The Notepad++ project yesterday disclosed that its update server was covertly hijacked in a targeted supply chain attack that began in June 2025, ...

Notepad++ updates were hijacked in a state-sponsored attack, with China-linked hackers redirecting downloads to malicious servers.

Melbourne removes dozens of copycat “Aussie" posters featuring one of the two Bondi Beach Hanukkah terrorists, drawing ...

A months-long supply chain attack that affected the Notepad++ update process has been linked to a compromise of shared hosting infrastructure rather than a flaw in the software's code. This according ...

The developer of the popular text editor Notepad++ said hackers associated with the Chinese government hijacked its software ...

APT28 exploited a Microsoft Office flaw to deliver MiniDoor and Covenant Grunt malware in targeted attacks across Ukraine and Eastern Europe.

AI browsers can be hijacked through prompt injection, turning assistants into insider threats. Learn how these exploits work ...