The Register on MSN

Notepad++ hijacking blamed on Chinese Lotus Blossom crew behind Chrysalis backdoor

The group targets telecoms, critical infrastructure - all the usual high-value orgs Security researchers have attributed the ...
The Hacker News

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked ...
Devdiscourse

Lotus Blossom's Silent Infiltration: Targeted Cyber Attack on Notepad++

A Chinese-linked cyberespionage group named Lotus Blossom hijacked the update process of Notepad++ to target specific users. Gaining access in June 2025, they maintained control until December that ...

Notepad++ update feature hijacked by Chinese state hackers for months

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.