PC World

Windows Notepad is now complex enough to have a serious security flaw

PCWorld reports that Windows Notepad’s new Markdown support feature has introduced a serious remote code execution vulnerability with a high CVSS score of 8.8/7.7. The security flaw allows malicious ...
The Verge

Microsoft fixes Notepad flaw that could trick users into clicking malicious Markdown links

Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. is ...
TechRadar

Microsoft patches concerning Windows 11 Notepad security flaw - Markdown issues could have let hackers slip in malware without warning

Microsoft patches Windows 11 Notepad RCE flaw CVE-2026-20841 Vulnerability exploited Markdown links to execute malicious code with user permissions Patch Tuesday update fixes issue; versions 11.2510 ...
TweakTown

Extra features for Windows 11 Notepad go beyond worries about bloat, as new security flaw shows

TL;DR: Windows 11's Notepad app has a security flaw rated as a 'high' severity vulnerability, one that allows for remote code execution. The good news is that it's already been patched by Microsoft, ...
PC Magazine

Bloat Risk? Microsoft's Notepad Upgrade Also Introduced a Vulnerability

Microsoft’s effort to modernize the humble Notepad app has come with a cost: Security researchers have discovered a serious vulnerability in the program following a feature update. The flaw, which ...
Ars Technica

Notepad++ users take note: It’s time to check if you’re hacked

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by suspected China-state hackers who used their control to deliver backdoored ...
How-To Geek on MSN

This 43-year-old Windows app is still my favorite markdown editor

Windows keeps getting newer features and apps, but Notepad is still the best program it offers thanks to how little bloatware ...
Bleeping Computer

Notepad++ update feature hijacked by Chinese state hackers for months

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.
HotHardware

Notepad++ Confirms Hackers Hijacked Update Infrastructure To Push Malware

Notepad++ reported that its built-in auto-update feature had been hijacked by Chinese state-sponsored hackers from June to September of 2025, and the credentials gathered by the bas actors enabled ...
Infosecurity-magazine.com

Notepad++ Update Hijacking Linked to Hosting Provider Compromise

A months-long supply chain attack that affected the Notepad++ update process has been linked to a compromise of shared hosting infrastructure rather than a flaw in the software's code. This according ...

Android Perseus Malware Scans Your Personal Notes for Passwords

The post Android Perseus Malware Scans Your Personal Notes for Passwords appeared first on Android Headlines.