Notepad Users, You May Have Been Hacked by China

Suspected Chinese state-backed hackers hijacked the Notepadd++ update infrastructure to deliver a backdoored version of the popular free source code editor and note-taking app for Windows. Infrastructure delivering updates for Notepad++--a widely used text editor for Windows--was compromised for six months by suspected China-state hackers who used their control to deliver backdoored versions of the app to select targets, developers said Monday. "I deeply apologize to all users affected by this hijacking," the author of a post published to the official notepad-plus-plus.org The post said that the attack began last June with an "infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic destined for notepad-plus-plus.org." The attackers, whom multiple investigators tied to the Chinese government, then selectively redirected certain targeted users to malicious update servers where they received backdoored updates.