upvote

points

by hypeatei7 hours ago |
comments
upvoteby Someone12344 hours ago|
next
[-]
The issue Notepad++ is having, is the same as a lot of open source projects: They don't have a ton of money, don't have a business entity, and are struggling to get/keep a software-signing key in those circumstances.

So the people taking pot shots at the developers, I guess, maybe be more specific with what they did wrong and what they should have done instead. Because if you actually understand the history/circumstances (and the fact it was a third-party hosting provider compromised), one would expect more blame on the systemic under-funding of OSS than "developers bad."

Are people wanting them to create a business, monetize Notepad++, so that they no longer have issues with hosting/certificates? I'm guessing not.

reply
upvoteby judah2 hours ago|
prev|
next
[-]
More than a small kerfuffle. A supply chain attack by a state actor, believed to be China, resulted in undetected malicious code executions from June 2025 to December 2025.
reply
upvoteby voidfunc5 hours ago|
prev|
next
[-]
I love Notepad++ but yea, zero confidence in that dev right now. Its programma non grata on my machines at the moment.

Theyre also very political and giving them access to my machine now feels even more risky.

reply
upvoteby cogman104 hours ago|
parent|
next
[-]
If you'd like a lightweight replacement, here's Kate. It's somewhere around a zed featureset, a little less.

A key benefit of it is that it's not an electron app. It's an old C++ app that's still just chuggin' along.

https://kate-editor.org/get-it/

reply
upvoteby ruszki2 hours ago|
parent|
prev|
[-]
Which response are we talking about which was problematic?
reply
upvoteby phatfish1 hours ago|
parent|
[-]
Hurting MAGA feelings or criticising Israel I'd guess.
reply
upvoteby password43213 hours ago|
prev|
[-]
I didn't realize until recently that the very popular Notepad++ was such a lightning rod over the years for controversy and (though I can't guarantee correlation is causation) security issues.

20260202 https://news.ycombinator.com/item?id=46851548 Notepad++ hijacked by state-sponsored actors (917 points, 543 comments)

20260203 https://news.ycombinator.com/item?id=46878338 Notepad++ supply chain attack breakdown (384 points, 198 comments)

20250630 https://news.ycombinator.com/item?id=44426049 High-Severity Vulnerability in Notepad++ (39 points, 14 comments)

20230904 https://news.ycombinator.com/item?id=37385920 Multiple Notepad++ Flaws Let Attackers Execute Arbitrary Code (83 points, 39 comments)

20230830 https://news.ycombinator.com/item?id=37320304 Buffer Overflows in Notepad++ (68 points, 61 comments)

20230829 https://news.ycombinator.com/item?id=37311068 Notepad++ v8.5.6 still vulnerable to possible arbitrary code execution (18 points, 3 comments)

20211209 https://news.ycombinator.com/item?id=29499002 StrongPity variant hides behind Notepad++ installation (45 points, 28 comments)

20191030 https://news.ycombinator.com/item?id=21395251 Notepad++ issues attacked by Chinese commenters (237 points, 110 comments)

20191030 https://news.ycombinator.com/item?id=21400526 Notepad++ repository is being spammed after “Free Uyghur” release (82 points, 36 comments)

20190317 https://news.ycombinator.com/item?id=19329330 Notepad++ drops code signing for its releases (496 points, 327 comments)

20170308 https://news.ycombinator.com/item?id=13824032 Notepad++ V 7.3.3 – Fix CIA Hacking Notepad++ Issue (1101 points, 291 comments)

20150112 https://news.ycombinator.com/item?id=8876823 Notepad ++ hacked for Je Suis Charlie comments(web archive link) (65 points, 74 comments)

reply