@xomx said in autoupdater and connection temp.sh:

the investigation is still ongoing and @donho will surely disclose more whenever/if it’ll be possible to do so.

Unfortunatly, the investigation actually concluded the day of the announcement (just after the announcement). As I mentioned at the bottom of my announce Edit (February 2, 2026), the IR team was unable to determine the hijacking method, : Our IR team spent a week analyzing roughly 400 GB of server logs provided by the former hosting provider. While signs of an intrusion were identified, no concrete indicators of compromise - such as binary hashes, domains, or IP addresses - were found.

@h-jangra Bild1.png I apologize, but I can’t find a way to set “:set tw=60 and :wrap or gq” in “NppVim”. I’m not a very experienced user; perhaps I’m missing some basic knowledge.

@PeterJones said in Chinese compromise began as early as NP++ v8.6.9:

@Cam-Krout,

That’s not evidence of Chinese (state-sponsored) involvement or compromise. That’s specifically the intentional link to the v8.6.9 https://notepad-plus-plus.org/news/v869-about-taiwan/ “Support Taiwan’s Independence” (which is what google translate says those characters mean). The the developer is a huge proponent of such (and his statements in the N++ About box and release pages has a history of taunting state-sponsored attacks on Notepad++ and its infrastructure).

So that’s rather evidence of the reasons behind the attack, not a symptom of the attack.

Oh my, I stand corrected. Would have freaked me out less had it used my locale to determine the language for the hyperlink text (I saw that, plus 32-bit, plus a logo I didn’t recognize, and I panicked!)

But regardless, I appreciate the heads up.

@Fred-Morant ,

Regular expressions don’t work the way you expect in search-backwards mode, so it’s disabled except for advanced users.

Advanced users can look at the user manual and figure out how to enable regexBackward4PowerUser

https://npp-user-manual.org/docs/preferences/#preferences-for-advanced-users

BTW:

5.1-if your home internet speed is fast enough, setup your own web server to your pc under virtualbox(in case of web server software cve’s/rce’s). I or anyone can help with that. Dont forget to hardening server for security.

IMO, this is BAD advice. To suggest to a non-security specialist who runs this as a hobby, that he should self-host, and try to keep up on all the security hardening, is asking him to get hacked even worse than the hack that already happened. He was literally paying a host to provide such services, and the professionals failed; he has now changed providers to a host who has better security procedures.

Believe me it’s not that hard to setup a webserver or harden it, especially while backed by a strong community. The risks are different when hosting at home between hosting remotely. The hosting firm may be offered money to hijack, or an out-of-date hosting management software had rce was waiting to be abused.

@PeterJones
on the screenshot above Reduce option is already pressed though.
Max tab label length truncates text, which is not the behavior i want to restore - i want the tabs with short names to not have this big gap at the end.

That said, it seems that the “enable pin tab feature” was the culprit, as disabling it seems to have restored the desired tab size behavior.

There still is some extra spacing before the close button though:

2bb5dad1-4a85-4bd0-8df8-768e93562693-image.png
629bde33-102c-4a09-a960-60ded9dcd809-image.png

@Nppenjoyr ,

See this post

@Tavi ,

As far as I can tell, they were unrelated. Scanners such as VirusTotal look at the executable itself, and last year were being triggered by the lack of signing and the self-signing of the executable.

please confirm if this issue is related to the notepad++ hijack news dated 2nd Feb 2026?

The issue you are referring to, as linked here and described in detail here specifically said,

the compromise occured at the hosting provider level rather than through vulnerabilities in Notepad++ code itself.

This was a website hack, and VirusTotal and other such AV scans do not detect website hacks, as far as I understand them.

@Liam-Wright I am running the latest NPP (8.9.1) and I don’t see this setting.

@PeterJones Thanks. I will work on getting the debug. Until then…

After making the edit, which took by the way (saved), I closed the app as usual. Just to be sure I checked Task Manager and found 2 instances of it showing there even though all copies were previously closed by me. I killed it there, unmounted the thumb drive that has the portable version I’m trying to edit, and then did a system restart thinking that might clear anything else.

I remounted the thumb drive and still have an edited Shortcuts file but it is not recognizing the changes. That edit is working with my resident copy on the same system but that was also hard to change when I did it a while back.

Thanks for the help.

@D-Kirkpatrick said in Editing the Shortcuts File:

However with this latest version there doesn’t seem to be a way to do this?

Nothing has changed regarding shortcuts.xml in the last many versions.

I know there is a copy in %appdata% but that also had my changes.

It depends on your settings, but the %AppData%\Notepad++\shortcuts.xml is the normal first place that Notepad++ will look.

if that’s not working for you:

confirm you follow the normal incantation for editing config files (ie, close all N++, open just one, edit file, save, exit and restart N++ to allow the change to take effect) if that doesn’t work, grab ?-menu’s Debug Info and share it with us share the actual XML snippet from the right shortcuts.xml file, so we can look to see if we can tell what’s wrong

update: I just re-read your post, and noticed:

When I added in the appropriate line to the XML file and saved it nothing happened and the pull down menu did not change.

You have to exit Notepad++ after saving, then restart the application. Notepad++ doesn’t just re-parse shortcuts.xml when you save it, so the menu won’t change by just hitting save on the file.

@sagradamoly-stack said in Managing the User Languages tool:

Is there any way to delete all the interim variations without losing all the work getting to a useful final result?

It depends on what you mean.

En masse? No

One at a time? Yes. In the UDL dialog, select each intermediate UDL from the drop-down, and click Remove. Since it’s likely on the order of a dozen or two, it won’t take you that long – less time than asking here took you, I’d wager.

without losing all the work

I mean, deleting the intermediate ones will obviously delete the intermediate stages. If you don’t want to lose them, but don’t want them in the N++ Language menu, use Export to save each to a separate XML file which you can then save in some backup directory, then Remove to take it out of the menu.

@George-Warriner,

My best guess is that it was referring to this conversation

@shodanx2 ,

I normally stay out of the “Boycott” discussions, because they’re a complete waste of time (as is this one, for example, so I’ll be leaving this one again), but it seems really odd that you just started complaining about this a year after you successfully created your account and made your first post. But whatever, the haters are going to hate. (update: never mind, you were whining about this a year ago, too.)

If the owners of the forum software and the service that they are donating to host our forum (they normally charge people and organizations to host with them, but are giving the hosting for free to us, so beggars cannot be choosers), or the contributors to their ecosystem (not me, not the developer of Notepad++) ever provide a plugin that allowed a “login with XYZ” for any other OAUTH provider, I would enable that in a heartbeat, because I’m all for giving users a choice. I cannot speak for the rest of the internet, but the email-only didn’t work here, despite your repeated protestations, for whatever reason, so I’ve tried to help give users as much choice from OAUTH providers as possible; unfortunately, those are the only two for now.

Our choice of login has nothing to do with censoring people from speaking (as should be blatantly obvious, because we literally provide a topic for whining about Notepad++ in a forum dedicated to advocating for and helping people use Notepad++ … the N++ developer is highly into free speech), nor “shilling for the techbro cloud elites”, and everything to do with trying to make the user experience as good as possible for as many as we can.

@PeterJones

Hello,

Here is a demonstration of what altsnap does

You can press the ALT key, or the “hot click” which on my mouse is mouse button #5.

And this allows moving and resizing a window from anywhere.

https://youtu.be/Wzt7hSyGGmc

It is very ergonomic as you don’t have to position the cursor on the thin window edges.

I think this is quite rare and cutting edge practice, most people I think just maximize their window and use one application at a time.

But I have a very large desktop of 4x 40 inch 4K monitors and I needed more efficient way to move the windows around.

As for the scrolling, there are two “middle-click” based scrolling methods I know about. There’s the autoscroll round thing which I don’t really like, it’s like using a thumbstick. It’s good if you want to let it scoll at a constant speed like the text scroll at the beginning of star wars but it is otherwise clumsy and slow to use, not “dextrous”.

I prefer the “scroll anywhere” method which is similar to like you would scroll a touch tablet interface.

I demonstrate both of these modes here

https://youtube.com/shorts/yHuWI4f1rOg

So, what I am asking is like scroll anywhere but in a left-right direction to move the center divider around.

@Markus-Louw ,

You mean this box?

See that X on the upper right, right where Windows dialog boxes normally have their X close symbol? You click it to close the message so that you can type.