Microsoft: Critical Security Issue Found in Windows Notepad

Microsoft patches CVE-2026-20841, a high-severity Windows Notepad flaw that could allow code execution via malicious Markdown ...
PCMag

Microsoft Continues to Bulk Up Notepad, This Time With Image Support

Microsoft continues to move Notepad away from its text-editing roots with planned support for images. Although not officially announced, an image icon has appeared on the Notepad toolbar for Windows ...
The Register on MSN

Notepad++ declares hardened update process 'effectively unexploitable'

Miscreants will need to find another avenue for malware shenanigans Notepad++ has continued beefing up security with a ...
How-To Geek on MSN

I’m done with Windows Notepad: Why I went back to this 20-year-old open-source tool

I don’t need tabs, sessions, or extra clutter in a tool I open for two seconds. Notepad++ stays fast, simple, and doesn't ...
Windows Latest

How I disabled 13 AI features in Windows 11 safely, no third-party apps needed

In 2026, all major consumer-focused operating systems have AI baked in. However, Windows 11 is the only one getting all the hate, and it can all be laid at Microsoft’s door. The company went too far ...
Indiatimes

How Chinese hackers used Notepad++ to spy on companies doing business in East Asia

Notepad++ users faced a serious threat as Chinese state-sponsored hackers compromised update servers for half of 2025, distributing malware named Chrysalis. Targeting organizations with East Asian ...
tech2geek

Notepad++ Confirms Supply Chain Attack via Web Host, Malicious Updates Distributed in 2025

When affected users checked for updates inside Notepad++, their requests to getDownloadUrl.php were silently redirected. Instead of receiving legitimate update information, they were sent altered XML ...
devdiscourse

Lotus Blossom's Silent Infiltration: Targeted Cyber Attack on Notepad++

A Chinese-associated cyberespionage group, known as Lotus Blossom, has infiltrated the widely-used code editor Notepad++ through its update process, according to both the software developer and ...
The Hacker News

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

A China-linked threat actor known as Lotus Blossom has been attributed with medium confidence to the recently discovered compromise of the infrastructure hosting Notepad++. The attack enabled the ...
theregister

Notepad++ hijacking blamed on Chinese Lotus Blossom crew behind Chrysalis backdoor

Security researchers have attributed the Notepad++ update hijacking to a Chinese government-linked espionage crew called Lotus Blossom (aka Lotus Panda, Billbug), which abused weaknesses in the update ...
Bleeping Computer

Notepad++ update feature hijacked by Chinese state hackers for months

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.
The Hacker News

Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility's update mechanism to redirect update traffic to malicious servers instead. "The attack involved [an] ...