PC World

Windows Notepad is now complex enough to have a serious security flaw

PCWorld reports that Windows Notepad’s new Markdown support feature has introduced a serious remote code execution vulnerability with a high CVSS score of 8.8/7.7. The security flaw allows malicious ...
ExtremeTech

Microsoft Fixes Windows 11 Bug That Let Attackers Run Remote Code in Notepad

Share on Facebook (opens in a new window) Share on X (opens in a new window) Share on Reddit (opens in a new window) Share on Hacker News (opens in a new window) Share on Flipboard (opens in a new ...
Bleeping Computer

Windows 11 Notepad flaw let files execute silently via Markdown links

If a user opened this Markdown file in Windows 11 Notepad versions 11.2510 and earlier and viewed it in Markdown mode, the above text would appear as a clickable link. If the link is clicked with ...
TechSpot

Unwanted AI upgrade to Windows Notepad created a serious security flaw

The big picture: Microsoft released its latest Patch Tuesday update this week with 59 hotfixes across Windows, Microsoft Office, Azure, and core system components. The update includes patches for six ...

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into executing malicious JavaScript in their browser, allowing attackers to ...
The Verge

Microsoft fixes Notepad flaw that could trick users into clicking malicious Markdown links

Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. is ...
Morning Overview on MSN

Microsoft’s new AI Notepad just opened a terrifyingly easy hacker loophole

A command injection flaw in the Windows Notepad App now gives remote attackers a path to execute code over a network, turning one of the most familiar programs on any PC into a potential entry point ...
Hosted on MSN

Notepad's new Markdown powers served with a side of remote code execution

Just months after Microsoft added Markdown support to Notepad, researchers have found the feature can be abused to achieve remote code execution (RCE).… Tracked as CVE-2026-20841 (8.8), the ...

WinUIpad: AI to the Rescue ⭐

With progress slowing to a crawl, I researched Windows App SDK alternatives and then started experimenting with AI pair programming.
HotHardware

Notepad++ Confirms Hackers Hijacked Update Infrastructure To Push Malware

Notepad++ reported that its built-in auto-update feature had been hijacked by Chinese state-sponsored hackers from June to September of 2025, and the credentials gathered by the bas actors enabled ...
PC Magazine

Chinese Hackers Hit Notepad++ to Serve Malicious Update

If you use Notepad++, it's time to update. Hackers compromised the free text and coding editor to distribute a malicious update via the auto-update function. Notepad++ developer Don Ho detected the ...