Home / Security updates / Security Advisory: Notepad++ Hijacking Incident and Automox Verification
Security Advisory: Notepad++ Hijacking Incident and Automox Verification
Security updates detail rendered from /security-updates/upd_0d444fd58817a9e7.
Overview
| ID | upd_0d444fd58817a9e7 |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Automox |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_0d444fd58817a9e7 |
| providerId | safebase |
| organizationId | org_5dc0d6ce75d1bd33 |
| trustCenterId | tc_ae5c8a1c01c12438 |
| title | Security Advisory: Notepad++ Hijacking Incident and Automox Verification |
| message | # Security Advisory: Notepad++ Hijacking Incident and Automox Verification **Date:** February 2nd, 2026 **Status:** Investigated – No Impact Identified ## Summary Automox is aware of the recent security incident involving the **[Notepad++ (NPP) update mechanism](https://notepad-plus-plus.org/news/hijacked-incident-info-update/)**. Following a comprehensive investigation by our security team, we have confirmed that Automox customers did not receive malicious updates or traffic through the Automox platform. ## Our Investigation & Verification Upon learning of the incident, Automox conducted a deep-dive audit of our Notepad++ update pipeline: - **Direct Sourcing:** We have verified that all Notepad++ updates provided through the Automox console were pulled directly from the official Notepad++ GitHub repository. - **Pipeline Isolation:** The Automox updater service is architected to deploy the software directly; it does not activate the internal Notepad++ updater pipeline (`GUP.exe |
| url | - |
| publishedAt | 2026-02-02 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_5dc0d6ce75d1bd33",
"name": "Automox",
"domains": [
"security.automox.com",
"automox.com"
]
} |
| trust_center | {
"id": "tc_ae5c8a1c01c12438",
"name": "Automox",
"url": "https://security.automox.com",
"host": "security.automox.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_0d444fd58817a9e7",
"company": "/v1/companies/org_5dc0d6ce75d1bd33",
"trust_center": "/v1/trust-centers/tc_ae5c8a1c01c12438",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_0d444fd58817a9e7JSON