Notepad++ users take note: It's time to check if you're hacked

The infrastructure delivering updates for Notepad++ was compromised by suspected China-state hackers for six months, allowing them to distribute backdoored versions of the app to specific targets. The attack began in June, with the attackers redirecting update traffic to malicious servers until December. Notepad++ regained control of its infrastructure in December, but the attackers had already installed a sophisticated backdoor called Chrysalis. The hackers maintained access to internal services until December 2, exploiting insufficient update verification controls in older versions of Notepad++.