TLDR Chinese hackers got into their hosting provider and hijacked the update process for notepad++ over the period June-December 2025. Apparently this was more of a targeted attack, they don’t seem to imply that everyone got redirected to the hacked update server, but the recommendation is that everyone download and install the latest version manually - which includes a more secure update process, and also they’ve changed hosting providers.

my first thought was “What? Again?” but then I realized it’s an investigation update to the previous hijacking.