A China-based threat group operating for almost two decades broke into the internal systems of Notepad++, an extremely popular open source-code editor, to spy on a select group of targeted users , researchers at Rapid7 said Monday. Don Ho, the author and maintainer of the open-source tool, said independent security researchers confirmed a China state-sponsored group compromised Notepad++’s server for a six-month period starting in June 2025. Ho, who did not respond to a request for comment,