PCWorld reports that Windows Notepad’s new Markdown support feature has introduced a serious remote code execution vulnerability with a high CVSS score of 8.8/7.7. The security flaw allows malicious ...

Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. is ...

TL;DR: Windows 11's Notepad app has a security flaw rated as a 'high' severity vulnerability, one that allows for remote code execution. The good news is that it's already been patched by Microsoft, ...

TL;DR: Notepad++ was compromised for six months, but it wasn't the software itself which the exploit leveraged, but its hosting provider. An investigation into the attack has just been concluded with ...

PCWorld reports that Notepad++’s WinGUp update system was compromised between June and December 2025, delivering malware through corrupted executables to targeted users. While the popular text editor ...

The developer of the popular open source text editor Notepad++ has confirmed that hackers hijacked the software to deliver malicious updates to users over the course of several months in 2025. In a ...

Last year, the creator of Notepad++ rolled out an update for the text and source code editor after security experts reported that bad actors were hijacking its update mechanism to redirect traffic to ...

Notepad++ targeted in sophisticated supply-chain style attack via compromised hosting server Attackers delivered tainted updates to select victims, exploiting weak update verification controls Breach ...

Notepad++ reported that its built-in auto-update feature had been hijacked by Chinese state-sponsored hackers from June to September of 2025, and the credentials gathered by the bas actors enabled ...

Just months after Microsoft added Markdown support to Notepad, researchers have found the feature can be abused to achieve remote code execution (RCE).… Tracked as CVE-2026-20841 (8.8), the ...

The popular open-source text editor Notepad++ was targeted in a sophisticated supply chain attack that allowed Chinese state-sponsored hackers to deliver malware through compromised software updates, ...