EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • Notepad++ hacked by cybercriminals likely affiliated with China
    • Home
    • Cybercrime
    • Notepad++ hacked by cybercriminals likely affiliated with China

    Notepad++ hacked by cybercriminals likely affiliated with China

    Written by
    The Editorial Team
    02.03.26
    Cybercrime
    01
    MIN
    Notepad++ hacked by cybercriminals likely affiliated with China
    Notepad++ hacked by cybercriminals likely affiliated with China
    Notepad++ hacked by cybercriminals likely affiliated with China
    Image Dark web: from the theft of customer databases to the resale of access, anatomy of the data available
    Cybercrime
    03.02.26 Cybercrime
    Next article
    Dark web: from the theft of customer databases to the resale of access, anatomy of the data available
    Read
    05
    MIN
    Image Canada: Quebec School Service Centre Hit by Cyberattack
    Cybercrime
    02.19.26 Cybercrime
    Next article
    Canada: Quebec School Service Centre Hit by Cyberattack
    Read
    01
    MIN
    Image The National File of Bank Accounts Hacked: 1.2 Million Accounts Exposed
    Cybercrime
    02.19.26 Cybercrime
    Next article
    The National File of Bank Accounts Hacked: 1.2 Million Accounts Exposed
    Read
    01
    MIN
    Image Ransomware: Russian Phobos Affiliate Appears Before a French Court
    Cybercrime
    02.17.26 Cybercrime
    Next article
    Ransomware: Russian Phobos Affiliate Appears Before a French Court
    Read
    01
    MIN
    The attackers hijacked the update mechanism of the open-source text editor in order to specifically target certain users.

    Notepad++, a very popular open-source text editor among IT professionals, announced on February 2, 2026, that it had been the victim of a hack carried out by cybercriminals likely affiliated with China. The attackers did not compromise the software itself, but hijacked one of its update mechanisms in order to “intercept and redirect network traffic.”

    The attack began in June 2025 and continued until December 2025. The cybercriminals targeted only a small number of Notepad++ users, thereby limiting the risk of being identified. The project’s administrators did not specify the criteria used by the attackers to select their victims.

    Notepad++ has since moved its update infrastructure to a new provider. Independent security researchers, whose identities have not been disclosed, attributed the attack to a state-sponsored actor backed by China.

    The Editorial Team
    02.03.26
    Articles by the same author:
    1
    03.06.26 Risks management
    0-day attacks increasingly target the private sector
    Read
    01
    MIN
    2
    03.06.26 Cybercrime
    The leader of the Phobos ransomware gang pleads guilty before U.S. justice
    Read
    01
    MIN
    3
    03.03.26 Cyber stability
    NATO Authorizes the Use of iPhones for Classified Data
    Read
    02
    MIN
    4
    03.03.26 Cyber +
    The United States Exclude Anthropic from Federal Agencies
    Read
    02
    MIN
    Image Dark web: from the theft of customer databases to the resale of access, anatomy of the data available
    Cybercrime
    03.02.26 Cybercrime
    Next article
    Dark web: from the theft of customer databases to the resale of access, anatomy of the data available
    Read
    05
    MIN
    Image Canada: Quebec School Service Centre Hit by Cyberattack
    Cybercrime
    02.19.26 Cybercrime
    Next article
    Canada: Quebec School Service Centre Hit by Cyberattack
    Read
    01
    MIN
    Image The National File of Bank Accounts Hacked: 1.2 Million Accounts Exposed
    Cybercrime
    02.19.26 Cybercrime
    Next article
    The National File of Bank Accounts Hacked: 1.2 Million Accounts Exposed
    Read
    01
    MIN
    Image Ransomware: Russian Phobos Affiliate Appears Before a French Court
    Cybercrime
    02.17.26 Cybercrime
    Next article
    Ransomware: Russian Phobos Affiliate Appears Before a French Court
    Read
    01
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.