News

Chinese-Linked Supply Chain Attack Targets Popular Open-Source Coding App

Avery K. BristowAvery K. Bristow
Chinese-Linked Supply Chain Attack Targets Popular Open-Source Coding App

A recent cyberespionage attack has targeted the popular open-source code editing application, Notepad++. This incident, linked to a Chinese cyber group, has raised alarms among users and cybersecurity experts alike.

Overview of the Attack

Beginning in June 2025, a Chinese-connected hacking group infiltrated the update mechanism of Notepad++. This allowed them to deliver a custom backdoor and additional malware to specific users of the software. Don Ho, the French developer behind Notepad++, announced these findings in a blog post on February 2, 2026.

Timeline of the Breach

  • June 2025: The attackers began compromising the update process for Notepad++.
  • September 2, 2025: The hackers retained access to the hosting server.
  • December 2, 2025: Credentials for some hosting services were maintained.

Ho noted that the attack was highly selective. However, the exact number of impacted users remains unknown. He confirmed that malicious updates were not distributed to all users during the compromise window.

Involvement of Cybersecurity Agencies

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of the breach and is currently investigating potential impacts on U.S. government operations. This reflects the seriousness of the incident and its implications for national security.

Details of the Attack

According to Ho, a third-party hosting provider revealed that the server responsible for Notepad++ updates might have been compromised. The domain associated with Notepad++ was hosted by Hostinger, based in Lithuania, until January 21, 2026.

Lotus Blossom: The Cyber Espionage Group

Cybersecurity firm Rapid7 attributed the attack to a group known as Lotus Blossom. Active since 2009, this group has a history of targeting sectors such as government, telecommunications, and media, particularly in Southeast Asia and Central America.

Response from Chinese Authorities

A representative from the Chinese Embassy in Washington denied any involvement from the Chinese government, stating that it opposes all forms of hacking.

Potential Consequences

This breach highlights the ongoing threat posed by cyberespionage groups and the critical need for heightened cybersecurity measures. The access gained by the hackers could potentially lead to significant data theft and further attacks on infected systems.

Along with the serious implications for Notepad++ users, the incident serves as a stark reminder of the vulnerabilities present in widely used software applications. Continuous vigilance and robust security practices remain essential in the face of evolving cyber threats.

Related Posts

Walmart Stock Calls Offer Value Amid Strong NASDAQ:WMT Performance

Walmart Stock Calls Offer Value Amid Strong NASDAQ:WMT ...

Casey Halston 3 Feb 2026

Live Match Updates: Hubert Hurkacz vs. Martin Damm

Live Match Updates: Hubert Hurkacz vs. Martin Damm

Jordan Hartwell 3 Feb 2026

Giants Appoint Matt Nagy as New Offensive Coordinator

Giants Appoint Matt Nagy as New Offensive Coordinator

Avery K. Bristow 3 Feb 2026

A24 Reveals Gripping Drama Trailer and Posters

A24 Reveals Gripping Drama Trailer and Posters

Casey Halston 3 Feb 2026

Frédéric Pierre Navigates Life’s Twists in “Lakay Nou” Season 3

Frédéric Pierre Navigates Life’s Twists in “Lakay Nou” ...

Casey Halston 3 Feb 2026

Reshona Landfair Reveals Identity in Memoir ‘Who’s Watching Shorty?’

Reshona Landfair Reveals Identity in Memoir ‘Who’s Watc...

Avery K. Bristow 3 Feb 2026