Compromise of Notepad++ Equals Software Supply Chain Fallout

Hacked Infrastructure Delivered Chinese Nation-State Group's Backdoor, Experts Warn Mathew J. Schwartz (euroinfosec) • February 3, 2026

We still don't know the full extent of likely Chinese nation-state supply chain hack that hijacked update traffic to popular text editing software NotePad++ during the last half of 2025.

See Also: On-Demand | NYDFS MFA Compliance: Real-World Solutions for Financial Institutions

Developer Don Ho, who launched the open source software for Windows in 2003 and has maintained it since, disclosed Monday that users appear to have been exposed to attackers from June through December, at which time a software update and change of hosting provider completely blocked the attack.

Cybersecurity firm Rapid7 on Monday tied the Notepad++ infrastructure hack to a Chinese nation-state hacking group it tracks as "Lotus Blossom," saying the group used the attack "to deliver a previously undocumented custom backdoor" that its researchers codenamed "Chrysalis ...