TheRegister's platform is a leading technology news website, offering insights into IT industry news, hardware reviews, and software updates. Through articles, analysis, and opinion pieces, TheRegister offers insights into cybersecurity threats, technology trends, and industry developments. Readers can stay updated with the latest news and analysis from the world of technology and IT business.

The Register

Notepad++'s update service was compromised by state-sponsored attackers from June through December 2025. The attackers selectively redirected targeted users to malicious update manifests after compromising the hosting server. Security researchers attribute the attack to a Chinese state-sponsored group based on the selective targeting of users with interests in East Asia. Notepad++ has since released hardened versions (8.8.9 and 8.9) with stronger signature verification, moved to a new hosting provider, and recommends users remove the previously installed self-signed root certificate.

Notepad++ patches update chain after targeted compromise