Notepad++ Update Infrastructure Compromised by Backdoor
🛡️ Hackers linked to the Chinese government trojanized the Notepad++ update supply chain to deliver a backdoor to selected users. The vendor reports the hosting provider's infrastructure remained compromised until September 2, and attackers retained credentials through December 2, enabling continued redirection of chosen update traffic to malicious servers. The threat actor explicitly targeted insufficient update verification controls in older releases and attempted to re-exploit a flaw after it was fixed. Users are advised to run at least version 8.9.1 and verify update integrity.
