Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

Microsoft fixes Notepad flaw that could trick users into clicking malicious Markdown links

Microsoft has fixed a serious security vulnerability affecting Markdown files in Notepad. In the company’s Tuesday patch ...

Windows Notepad is now complex enough to have a serious security flaw

You can infect your PC with malware without ever leaving Notepad, thanks to recent updates and additions. Hooray.

Unwanted AI upgrade to Windows Notepad created a serious security flaw

According to Microsoft's release notes, the update fixes 25 elevation of privilege flaws, 12 remote code execution ...
PCMag

Another Week, Another Data Disaster: Substack, Coinbase, and a Malicious Notepad++ Update

If you have accounts on any of these services, now's a good time to check your security settings. Plus more from a busy week ...

Use Notepad's new Markdown feature? Update it now to ensure you're safe.

Microsoft has patched a severe security vulnerability tied to Notepad's Markdown feature. Here's what you need to know to ...
Morning Overview on MSN

Wild supply-chain hack hits popular open-source coding app tied to China

A quiet compromise of a popular open-source coding editor has turned into one of the most unsettling software supply-chain ...
PCMag on MSN

Bloat Risk? Microsoft's Notepad Upgrade Also Introduced a Vulnerability

The flaw exploits Notepad’s recently added support for Markdown, a formatting language used on websites and in files, to run malicious code on a Windows PC.
WinBuzzer

Microsoft Patches High-Severity Notepad Remote Code Execution Flaw

Microsoft has patched the Windows Notepad remote code execution vulnerability CVE-2026-20841, warning users to install ...