About June 2025 the upgrade server was attacked and malware was inserted all subsequent upgrades.
You should do a manual upgrade and scan your system aggressively.
6 Likes
Thanks for the reminder. Also looks like I had the 32-bit version installed so added bonus migrating to the 64-bit version.
Uhh, translation for the non programmer types?
I’m gonna assume if we don’t know what the risks are right away we’re probably not using the server in a way that would effect us, but explaining the problem using “normal” verbiage instead of the assumption of technical knowledge would be appreciated… 
Notepad++ is a very popular text editor. It’s an application you would download and install locally.
It’s automated update system was compromised with targeted malware. If you have it on your system you need to upgrade to version 8.9.1 manually from the website Downloads | Notepad++ to insure that the malware is overwritten.
1 Like
This whole thing prompted me to look at alternatives when it dropped a couple days ago. Anyone using Kate? https://kate-editor.org/
(note: I need something that works on Windows/Linux/OSX and is preferably open source)
Oh shoot, i completely missed this. That’ll affect me for sure, thank you
Thanks for the heads up! I use NP++ quite a lot as an auxiliary editor (VSCode is primary).
Found this hackernews article with lots of gory details (which I don’t pretend to understand at a low level) about the exploit.
It appears not every upgrade was targeted but rather only selected users/addresses (likely to reduce odds of getting caught, like how Stuxnet was intended for one physical location but got out in the wild which is how it got caught). Complete details are here.
https://notepad-plus-plus.org/news/hijacked-incident-info-update/