Nation-State Hackers Compromise Notepad++ Hosting Provider to Hijack Update Traffic

Attackers linked to a nation-state compromised the infrastructure of Notepad++'s hosting provider to redirect update traffic to malicious servers. The attack did not exploit a vulnerability in Notepad++'s code but instead intercepted updates before their distribution to users. The maintainer of Notepad++ confirmed that the incident involved a compromise at the hosting provider level, without specifying the date or the identity of the attackers. No additional technical details, such as indicators of compromise or exfiltration methods, were disclosed.