Notepad++ Hosting Infrastructure Hack Linked to China-Backed APT Lotus Blossom

Researchers from Rapid7 have attributed the hack of Notepad++'s hosting infrastructure to the APT group Lotus Blossom, which is linked to China. The maintainer of Notepad++ revealed that state-sponsored attackers compromised the hosting provider's infrastructure, redirecting update traffic to malicious servers. The attack did not exploit any vulnerability in Notepad++'s code but instead intercepted updates before their distribution to users. No additional technical details or specific dates are mentioned.