Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

I don’t need tabs, sessions, or extra clutter in a tool I open for two seconds. Notepad++ stays fast, simple, and doesn't ...

Plus: Apple’s Lockdown mode keeps the FBI out of a reporter’s phone, Elon Musk’s Starlink cuts off Russian forces, and more.

Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware to both Windows and Linux ...

Notepad++ targeted and used to deliver poisoned updates to a select group of victims.

Notepad++ reported that its built-in auto-update feature had been hijacked by Chinese state-sponsored hackers from June to September of 2025, and the credentials gathered by the bas actors enabled ...

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by suspected China-state hackers who used their control to deliver backdoored ...

A likely China-sponsored threat actor hijacked Notepad++'s software update mechanism and quietly redirected targeted users of the popular source code editor to malicious downloads for nearly six ...

The powerful and popular open-source text editor Notepad++ made headlines in early December, as attackers in Southeast Asia were specifically injecting malware to victims, partly due to the use of ...